- Ukuhlolwa kwemishini yenethiwekhi kwembula isitokwe sangempela, isimo sengqalasizinda, kanye nobuthakathaka ngaphambi kokuba kubangele ukungasebenzi noma ukwephulwa kwemithetho.
- Amathuluzi esofthiwe nehadiwe, kanye nezinqubo ezifana ne-SNMP, i-LLDP, i-NetFlow kanye ne-ARP, zikuvumela ukuthi uthole i-topology futhi uhlaziye kahle ithrafikhi.
- Indlela enhle ihlanganisa ukubuyekezwa okungokoqobo nokunengqondo, ukuhlolwa kokuphepha kwangaphakathi nangaphandle, kanye nokuhlaziywa okuhlelekile kwemiphumela nezincomo ezicacile.
- Ukuqapha nokuhlaziya inethiwekhi okuqhubekayo kuba yinto ebalulekile ekugcineni ukusebenza, ukutholakala, ukuthobela imithetho, kanye nokuvikelwa ekuhlaselweni kwe-inthanethi.
Inethiwekhi yenkampani isibe uhlelo lwezinzwa lwebhizinisi lonkeUma kwehluleka, ukukhiqizwa kuyama, ukufinyelela kuzinhlelo zokusebenza ezibalulekile kuyanqanyulwa, futhi ingozi yesigameko esikhulu sokuphepha, njengalokhu okulandelayo, iyanda kakhulu: ukuhlasela kwe-inthanethi eSpainUkuvula imishini kanye "nokuphequlula" akusanele; kubalulekile ukwazi ukuthi kwenzekani ngempela ngezintambo kanye ne-Wi-Fi, ukuthi ubani oxhumayo, ukuthi ingqalasizinda isebenza kanjani, nokuthi yimiphi iminyango evulekele abahlaseli abangaba khona.
Ukuhlaziywa okuhle kwemishini yenethiwekhi kuhlanganisa ukuhlolwa kwezimali, ukuqapha, kanye nokubuyekezwa kokuphepha. ukuphendula imibuzo ebalulekile: Ingabe inethiwekhi inosayizi ofanele? Ingabe kukhona amadivayisi aphelelwe yisikhathi anciphisa ukusebenza? Ingabe kukhona izikhala zokuphepha? amagciwane ekhompyutha Noma amaphrothokholi asetshenziswe kabi? Yimuphi umgwaqo ongena futhi uphume ku-inthanethi, futhi uya kuziphi izindawo? Kuyo yonke le ndatshana, sizochaza, ngokuningiliziwe, ukuthi lokhu kuhlaziywa kubhekwana kanjani nokuthi yimaphi amathuluzi namasu asetshenziswa kokubili ezindaweni zezinkampani nezimboni.
Kungani kubaluleke kangaka ukuhlaziya nokuhlola inethiwekhi
Ukuhlolwa kwenethiwekhi kukuvumela ukuthi wazi "isimo sempilo" sengqalasizinda futhi ulindele izinkinga ngaphambi kokuba zibangele ukuphazamiseka okukhulu noma ukwephulwa kokuphepha. Lokhu kuhlaziya kungabona ukulungiselelwa okungalungile, izithiyo zokusebenza, imishini engasekelwa, ubuthakathaka, izinsongo zangaphakathi nezangaphandle, noma ngisho nozimele ezingalungile ezingaphazamisa izinhlelo zokugcina.
Kumanethiwekhi ezinkampani, ukugxila okuvamile kukufinyelela i-inthanethi.Ngenxa yokuthi ngokuvamile iyisixhumanisi esinzima kakhulu nesibucayi kakhulu enhlanganweni yonke, ukuphathwa kabi kwe-bandwidth noma ukuhlasela kwangaphandle kungashiya bonke abasebenzi bengenasevisi. Nokho, kumanethiwekhi ezimboni, inselele ihlukile: inani lezinqubo ezizimele noma ezibhalwe kabi zivame ukudinga ukusetshenziswa kwabahlaziyi abakhethekile abakwazi ukuqonda uhlaka ngalunye nokuqinisekisa ukusetshenziswa kwalo.
Ngale kokuxazulula izinkinga ezithileIzinhlangano ziphendukela ekuhlaziyweni kwenethiwekhi nasekuhloleni lapho kudingeka zihlole lokho ezikusebenzisile ngempela, zilungiselele ukuthuthukiswa kwengqalasizinda enkulu, zihlangabezane nezimfuneko zomthetho (isib., i-PCI DSS emkhakheni wezezimali), noma zimane ziqinisekise ukuthi inethiwekhi ihlala ihambisana nezidingo zebhizinisi zamanje.
Lokhu kuhlolwa akugcini nje ngokuphephaBaphinde babukeze ukutholakala, ukusebenza, ikhwalithi yesevisi, izinqubo zokuqapha, izilawuli zokufinyelela kanye nokuphathwa, ukuze kukhishwe umbiko osemthethweni onobuthakathaka, izingozi kanye nezincomo ezicacile zabaphathi kanye nethimba lobuchwepheshe.
Ukuhlolwa okuphelele kwengqalasizinda yenethiwekhi kanye ne-IT
Ingxenye yokuqala yokuhlaziywa ihilela ukubuyekezwa okujulile kwayo yonke ingqalasizinda ye-IT.: amaseva (kufaka phakathi ukuthi kanjani setha iseva yasekhayaLokhu kufaka phakathi amaswishi, ama-router, ama-firewall, izindawo zokufinyelela ezingenantambo, izinhlelo zamandla, izintambo ezihlelekile, amadivayisi okugcina, kanye, ezindaweni zezimboni, imishini yokulawula kanye neyokuzenzakalela. Umgomo ukuqinisekisa ukuthi yonke ihadiwe ibhalwe kahle, isekelwa umenzi, futhi isesimweni sokusebenza esifanele.
Kulesi sigaba, kuvame ukuhlanganiswa uhlu olunemininingwane eminingi. Le database iqopha amamodeli, izinguqulo ze-firmware, amakhono edivayisi, izixhumi ezitholakalayo, amamojula afakiwe, ukuhambisana nezinqubo zokuphatha (i-SNMP, i-NetFlow, i-sFlow, njll.), kanye nezinsuku ezibalulekile zomjikelezo wokuphila (ukuphela kokuthengisa, ukuphela kokusekelwa, ukuphela kokuphila). Lo msebenzi ungenziwa ngesandla noma ngamathuluzi athile okuhlola azenzakalela ingxenye enkulu yenqubo yokuthola.
Ukuhlolwa kwengqalasizinda ye-IT akugcini nje kuphela ohlwini lwezinto ezibonakalayoBaphinde bahlole ukuthi izilawuli zangaphakathi, ukuhlukaniswa kwenethiwekhi, izindlela zokutholakala okuphezulu, ukumiswa okujwayelekile, kanye nokuphathwa kwe-IT kuklanywe kahle kangakanani. Umqondo uwukuqinisekisa ukuthi imikhuba emihle iyalandelwa ngempela noma ukuthi "ama-patches" aqongelelene ngokuhamba kwesikhathi.
Ukuhlolwa kwengqalasizinda okuhlelwe kahle kusiza ukukhulisa nokuvikela inethiwekhi kangconoKuthuthukisa ukusabalala, kwandisa ukuzinza, kunciphisa isikhathi sokungasebenzi, futhi kusebenzisa ubuchwepheshe obukhona ngempumelelo enkulu. Lokhu kufaka phakathi, phakathi kwezinye izici, ukuqapha okusebenzayo nokwengeziwe, izindlela zokuvimbela ukutholakala okuphezulu, ukwenza ngcono izinsiza kanye nokuhlanganiswa kwazo, kanye nokubonakala okuthuthukisiwe kokusebenza.
Ngesikhathi esifanayo, izinsizakalo zokuqinisekisa i-IT zigxile ekuvikeleni ulwazi Ukuthembela ezinsikeni ezinhlanu zokuphepha: ubuqotho, ukutholakala, ukuqinisekiswa, ubumfihlo, kanye nokungalahli. Lokhu kuhilela ukuhlolwa kwengqalasizinda yangaphakathi neyangaphandle, izinsizakalo zokuqinisekisa, ukuhlaziywa kokuqina kwebhizinisi, kanye nokubuyekezwa kwezinqubomgomo zobumfihlo kanye nokuvikelwa kwedatha.
Igumbi leseva kanye nelokuxhumana: inhliziyo yangempela yenethiwekhi
Igumbi leseva kanye nelokuxhumana ligcina izinto ezibalulekile zenethiwekhiAmaseva angokoqobo, ama-firewall azungezile, ama-router amakhulu, ama-core switch, amaphaneli okuhlanganisa, futhi, ezimweni eziningi, imishini yokugcina kanye neyokwenza i-virtualization. Noma yikuphi ukuhlaziywa okujulile kwemishini yenethiwekhi kumele kunikeze ukunaka okukhethekile kule ndawo.
Izici zomzimba zibaluleke njengezo ezinengqondo.Izinga lokushisa elizungezile, ukuhlanzeka kanye nokuqongelela kothuli emishinini, ukuhlela kahle izintambo ngaphakathi kwama-rack, ukulebula kwama-ports kanye nezintambo, ukuhlukaniswa okwanele phakathi kokunikezwa kwamandla nedatha, kanye nokufinyelela okungokoqobo egumbini (ukulawulwa kwezihluthulelo, amakhadi, amakhamera, amarekhodi okungena nawokuphuma) kuyahlolwa.
I-router enikeza uxhumano lwe-inthanethi oluyinhloko ifanelwe ukuhlaziywa okuningiliziweKuqinisekisiwe ukuthi uxhumano olunikezwa umhlinzeki luzinzile, luphephile, lunamandla anele, ukuthi ihadiwe inamachweba e-Gigabit Ethernet noma ngaphezulu, ukuthi isekela izinqubo zokuqapha ezidingekayo, nokuthi ikhwalithi yesevisi kanye nezinqubomgomo zokulawula i-bandwidth zichazwe kahle.
Isimo sekhebula elingena futhi liphuma ekamelweni naso siyahlolwa.ukuqinisekisa ukuthi isigaba (5e, 6 noma ngaphezulu) siyahambisana nesivinini esidingekayo, ukuthi ukuphela kwamaphaneli nama-socket e-RJ45 kulungile, nokuthi azikho izixhumi noma ukuxhumana "okwesikhashana" okunganciphisa umthamo wokudlulisa noma kudale amaphutha esixhumanisi.
Okokugcina, izinhlelo ezisizayo ezifana nama-UPS, umoya opholile kanye nezinzwa ziyabuyekezwa.I-UPS enobukhulu obufanele ivumela amaseva kanye nokuxhumana ukuthi kuhlale kusebenza isikhathi eside ngokwanele ukwenza ama-backups ahleliwe nokuvala imishini ngaphandle kwengozi yokonakala kwedatha. Ukupholisa kanye nokuqapha imvelo kuyisihluthulelo sokwandisa isikhathi sokuphila kwehadiwe nokuvimbela isikhathi sokungasebenzi esingalindelekile.
Imishini yokushintsha, yokufinyelela kanye neyokufaka izintambo
Amaswishi anesibopho sokusabalalisa ithrafikhi ngokuhlakanipha phakathi kwawo wonke amadivayisi axhunywe nge-Ethernet. Ngesikhathi sokuhlaziywa, kuhlolwa ukuthi ngabe amandla awo okushintsha, inani lamachweba kanye nesivinini sawo (i-Fast Ethernet, i-Gigabit, i-10 GbE) kwanele yini kumthwalo wamanje nowesikhathi esizayo, nokuthi ngabe noma yimaphi ama-elekthronikhi aphelelwe yisikhathi anciphisa ukusebenza kwenethiwekhi iyonke.
Kuvamile ukuthola amaswishi amadala. Lawa madivayisi, angafinyeleli ku-1000 Mbps, asebenza njengezithiyo ezindaweni ezibalulekile, evimbela ukuxhumana phakathi kwamaseva, isitoreji, kanye nezindawo zokusebenza. Ukuthola nokushintsha lawa madivayisi kunomthelela osheshayo ekusebenzeni okubonwa ngabasebenzisi.
Izindawo zokufinyelela ezingenantambo (ama-AP) nazo ziyingxenye ebalulekile yokuhlaziywaIndawo yazo iyahlolwa ukuqinisekisa ukumbozwa okufanayo, kuyaqinisekiswa ukuthi zixhunywe kuma-network sockets akwazi ukusekela i-bandwidth edingekayo, ukuthi zinamandla anele (i-PoE uma kusebenza) nokuthi ukucushwa kwazo kokuphepha (i-WPA2/WPA3, ama-VLAN, ukuhlukaniswa kwamakhasimende) kulungile.
Uhlobo kanye nekhwalithi yezintambo ezihleliwe kunomthelela omkhulu ekusebenzeni kahleKunconywa ukusebenzisa okungenani izintambo ze-Category 5e noma 6, noma ngaphezulu, ekufakweni okusha ukuze kusekelwe ngokuthembekile isivinini se-Gigabit noma ngisho nesivinini se-Gigabit esingu-10 emabangeni amafushane. Ngaphezu kwesigaba, izixhumi, amapuleti odonga, izintambo zokubopha, kanye nokubekwa okufanele kumathreyi ekhebula kanye namapayipi kuyahlolwa.
Ukuxhumana kanye nokuvikelwa kukagesi kuhlolwa ngqo endaweni yeseva.Indawo efinyelelekayo, uxhumano lwe-Gigabit noma oluphezulu ku-core yenethiwekhi, uxhumano kuma-UPS angafuneki, kanye nokupholisa okwanele ukuvimbela ukushisa ngokweqile. Zonke lezi zici zithinta ngqo ukuzinza kwezinsizakalo ezisetshenziswa abasebenzisi.
Ukuhlaziywa kwamadivayisi axhunyiwe kanye nokuphepha kwenethiwekhi
Enye yezinhloso ezibalulekile zokuhlaziywa kwemishini yenethiwekhi ukwazi ukuthi obani abaxhumeneNgokuskena kwenethiwekhi, imibuzo ye-SNMP, ukubuyekezwa kwamathebula e-ARP kanye ne-MAC kanye namathuluzi okuthola, wonke amadivayisi akhona ayahlonzwa: ama-PC, amaseva, amaphrinta, amakhamera e-IP, amadivayisi e-IoT, imishini yezimboni, amaselula, njll., futhi kuhlolwa ukuthi agunyaziwe yini.
Ukulawula ukuthi yimaphi amadivayisi afinyelela kunethiwekhi kubalulekile ekunciphiseni izingoziUkuba khona kwemishini "engaqondakali" noma engakafakwa ohlwini kuvame ukuba yindlela yokwephulwa kwezokuphepha. Kumanethiwekhi ezimboni, abahlaziyi behadiwe bangaqinisekisa nokuthi amadivayisi asebenzisa kahle izinqubo ezifana neModbus noma i-DNP3, okuvimbela ukuziphatha okungalindelekile.
Ukubuyekezwa kokuphepha kwenethiwekhi kuhlanganisa izendlalelo ezininganaUhlelo olunengqondo luyahlaziywa (ukuhlukaniswa kube yi-VLAN, izindawo ezingavunyelwe ukulwa, amanethiwekhi ezivakashi), izinqubomgomo zomlilo kanye nohlu lokulawula ukufinyelela kuyabuyekezwa, amaphasiwedi nezindlela zokuqinisekisa ziyahlolwa, futhi izixazululo zokulwa ne-malware, i-IDS/IPS kanye nezinhlelo zokusekelayo ziyaqinisekiswa.
Kuleli qophelo, ukuhlolwa kobuthakathaka kuba yinto ebalulekile.Ngokusekelwe esitokweni kanye nedatha eqoqwe, abahloli bazama "ukuhlasela" inethiwekhi kuqala bevela ngaphandle (belingisa umhlaseli wangaphandle) bese bevela ngaphakathi (uma kuthathwa ukuthi idivayisi yangaphakathi isengozini). Umgomo uwukuhlanganisa ubuthakathaka obuncane baze bafinyelele ukufinyelela kwezinga eliphezulu futhi babonise umthelela wangempela.
Ngemva kokusebenzisa ubuthakathaka, ukuqinisekiswa ngesandla kwenziwa njalo. ukuhlukanisa okuhle okungamanga nezinkinga zangempela, ukuhlonza izimbangela zesistimu, nokubeka phambili izenzo zokunciphisa. Okutholakele kuhlanganiswe embikweni wokuphatha, okuhambisana nezincomo zobuchwepheshe nezebhizinisi: ukushintshwa kwemishini esiphelelwe yisikhathi, izinguquko zokucushwa, ukuqinisa inqubomgomo, ukuqeqeshwa kwabasebenzi, njll.
Amathuluzi okuhlaziya inethiwekhi: isofthiwe kanye nehadiwe
Kunemindeni emibili eyinhloko yamathuluzi okuhlaziya ithrafikhi yenethiwekhi kanye nokuziphatha kwemishini.: izixazululo ezisekelwe kusofthiwe, ngokuvamile ezijwayelekile futhi ezikwazi ukuhumusha izinqubo ezibhalwe kabanzi, kanye nezixazululo zehadiwe, eziqondiswe kakhulu ezindaweni ezithile (ikakhulukazi zezimboni) kanye nokusekelwa kwezinqubo ezithile kakhulu.
Abahlaziyi benethiwekhi yesofthiwe abaziwayo kakhulu yiWireshark, TCPDump, kanye neWindump.Isibonelo, i-Wireshark ithwebula ozimele ngesikhathi sangempela futhi ikuvumela ukuthi ubahlukanise ungqimba ngengqimba, ibonise amakheli omthombo nawendawo oya kuyo, amachweba, amafulegi ephrothokholi, kanye nokuqukethwe kohlelo lokusebenza. Iwusizo kokubili ekuxilongeni amaphutha kanye nasekuhloleni ukuthi amaphakethe ayahlangabezana yini nezidingo.
Endaweni yokusungula inethiwekhi kanye nokumapha Amathuluzi anjengeSolarWinds, i-Open-AudIT, kanye neNetformX ayasetshenziswa, akwazi ukuthola amadivayisi, akhiqize imidwebo ye-topology, ahlanganise ubudlelwano phakathi kwamadivayisi, futhi adale imibiko ephelele. Ezinye izixazululo ezifana neNessus kanye neNipper zigxile ekuhlolweni kokuphepha, zibukeze ukucushwa, ziphakamise izindlela ezinhle kakhulu, futhi zithole ubuthakathaka obufana... ukuhlaselwa kwe-cyber okufihliwe kuziphequluli.
Ukuhlolwa kokusebenza kanye nokuhlaziywa kwethrafikhi okuningiliziweNgaphezu kweWireshark, kusetshenziswa izinsiza ezifana ne-iperf, ntop, noma izinhlelo zokuhlaziya ukugeleza kwe-NetFlow/sFlow, ezisiza ukuqonda ukuthi ubani osebenzisa i-bandwidth eningi kakhulu, yiziphi izinhlelo zokusebenza ezikhiqiza ithrafikhi eningi kakhulu, nokuthi umthwalo uhluka kanjani ngokuhamba kwesikhathi.
Abahlaziyi behadiwe, abavame kakhulu ezinhlelweni zokulawula zezimboniNgokuvamile zifaka izici ezithuthukisiwe njenge-fuzzer yokuhlola ukusetshenziswa kwephrothokholi, i-oscilloscope yokuhlola izimpawu namaza, kanye nabahlaziyi bephaneli kagesi. Imikhiqizo efana namadivayisi e-Achilles, i-Netdecoder, noma i-Line Eye aklanyelwe ngqo ukusebenza ne-Ethernet, i-serial (RS-232, RS-485), i-fiber, kanye nezinye izixhumi zemidiya.
Izindlela zokubamba nokuhlaziya ithrafikhi yenethiwekhi
Ukuze i-software analyzer ikwazi ukufunda ithrafikhi yenethiwekhiKuyadingeka ukuthi ozimele abanesithakazelo bafinyelele imishini lapho ifakiwe khona. Lokhu kungafezwa ngezindlela eziningana: ngokuxhuma ihabhu elidala lapho yonke ithrafikhi iphindaphindwa khona kuwo wonke amachweba, ngokuhlela ichweba elibukwayo (i-SPAN) kuswishi, noma ngokusebenzisa amadivayisi athile ehadiwe njenge-Network TAPs.
Ukusebenzisa imbobo enesibuko kuswishi kuyindlela evame kakhulu kumanethiwekhi anamuhlaIswishi iyalwa ukuba ikopishe yonke ithrafikhi kusuka ku-port eyodwa noma ngaphezulu noma ama-VLAN iye ku-port ekhethiwe, lapho i-analyzer ixhunywe khona. Lokhu kuvumela ukuqapha okunembile kwalokho okudlula ku-switch, nakuba kubalulekile ukuqaphela ukuthi ithrafikhi eningi ingagcwalisa i-port ebonisiwe futhi ibangele ukuthwebula okungafanele.
Ama-TAP enethiwekhi amadivayisi aklanyelwe ukufaka iphuzu lokubuka "elisobala". phakathi kwezingxenye ezimbili zenethiwekhi. Ziphinda ithrafikhi ziye ku-analyzer ngaphandle kokuphazamisa ukuxhumana, futhi ngokuvamile zisekela imidiya ehlukene ebonakalayo kanye nesivinini. Ezindaweni zezimboni noma ezibalulekile emsebenzini, lapho ukushintsha izilungiselelo kungadingeki, ziyinketho ebaluleke kakhulu.
Umehluko omkhulu phakathi kwabahlaziyi besofthiwe nehadiwe Ukugxila kokuqala ikakhulukazi ekuqapheni nasekuhlaziyeni ukuthwebula (ngisho nangemva kweqiniso), kuyilapho lokhu kokugcina kwenezela amakhono okuhlola iphrothokholi esebenzayo, ukulinganisa isignali ebonakalayo, kanye nokukhiqizwa kwethrafikhi yokwenziwa, okubalulekile ekuqinisekiseni imishini yezimboni ngaphandle kokuthembela kumadokhumenti omkhiqizi womphakathi.
Kunoma ikuphi, ukusetshenziswa kwama-analyzer kumele kuhlelwe. Ukuze kugwenywe ukuphazamisa ukukhiqizwa: ukuhlolwa kokusetshenziswa kwephrothokholi noma imikhankaso yokukhubaza kufanele iqhutshwe ezindaweni zelebhu noma lapho uhlelo oluyinhloko lungasetshenziswa, njengoba zikhiqiza amaphakethe angavumelekile angashiya inethiwekhi noma abalawuli besesimweni esingazinzile.
Amaphrothokholi namasu okuthola imishini kanye ne-topology
Ingxenye ebalulekile yokuhlaziywa kwemishini yenethiwekhi ukuthola ngokuzenzakalelayo i-topology kanye nobudlelwano phakathi kwamadivayisi. Lokhu kufezwa ngokuhlanganisa amaphrothokholi namasu ahlukahlukene, avumela amathuluzi okuphatha ukuthi agxume kusuka kudivayisi kuya kwenye kuze kube yilapho kudwetshwa imephu ephelele yenethiwekhi.
I-SNMP iyiphrothokholi yokuphathwa kwenethiwekhi ebanzi kakhuluAmadivayisi ahambisanayo (ama-router, amaswishi, ama-firewall, amaphrinta, njll.) afaka i-ejenti ye-SNMP ephendula imibuzo yomphathi nge-UDP, igwema ukunqwabelana koxhumano lwe-TCP. Ulwazi oluphethwe luhlelwe lwaba yizihlonzi zezinto (ama-OID) ngaphakathi kwezizindalwazi ze-MIB, ezigcina ama-counter, izimo zesixhumi esibonakalayo, amathebula okudlulisela, amazinga e-inki, izibalo ze-port, nokunye okuningi.
Iphrothokholi ye-LLDP (Link Layer Discovery Protocol) inikeza olunye ulwazi oluyisisekeloIdivayisi ngayinye eyisekelayo ikhangisa idatha ephathelene nayo (uhlobo lwedivayisi, isihlonzi, i-port) komakhelwane bayo abaqondile ku-layer 2. Laba omakhelwane bagcina le datha kuma-MIB abo, ukuze amathuluzi okuphatha akwazi ukuhlanganisa omakhelwane ukuze bakhe kabusha i-topology ebonakalayo.
Ngisho nezinsiza ezilula njenge-ping zisasebenza ekutholeni ulwazi.Ngokuthumela izicelo ze-ICMP echo nokuhlola ukuthi ubani ophendulayo, kungenzeka ukuthola amadivayisi asebenzayo ku-subnet. Le ndlela ilula, kodwa uma ihlanganiswa ne-SNMP, i-ARP, nezinye izindlela, iyasiza ukuqedela uhlu lwezinto ezikhona.
Iphrothokholi ye-ARP, enesibopho sokuxhumanisa amakheli e-IP namakheli e-MACLokhu kuphinde kusetshenziswe ngesikhathi sokuhlolwa. Ngokubuza i-ARP cache yama-router nama-switch nge-SNMP, isofthiwe yokuphatha ingakha isizindalwazi sayo semizila, ama-subnet, kanye nomakhelwane be-Layer 2 kanye ne-Layer 3, iqhubeke nale nqubo ephindaphindayo kuze kube yilapho zonke izingxenye ezaziwayo sezimboziwe.
Ukuhlaziywa kwethrafikhi yenethiwekhi, i-NetFlow, kanye nokubonakala okuthuthukile
Ngaphezu kokuthatha amaphakethe ngamanye, izinhlangano eziningi zithembele ekuhlaziyweni kokugeleza. ukuthola umbono ohlanganisiwe wethrafikhi. Ubuchwepheshe obufana ne-NetFlow (Cisco), i-sFlow, i-J-Flow noma i-IPFIX buthumela izifinyezo zezingxoxo zenethiwekhi kumqoqi ophakathi, ozigcina futhi azimelele ngemidwebo.
Amathuluzi afana ne-NetFlow Analyzer anesibopho sokuqoqa leyo datha yokugeleza.Zihlobanisa le datha futhi zikhiqize imibiko ngolwazi lokuthi ubani osebenzisa i-bandwidth, yiziphi izinhlelo zokusebenza ezikhiqiza ithrafikhi eningi, yiziphi izimbobo kanye nezinqubo ezisetshenziswayo, nokuthi ukusetshenziswa kwenethiwekhi kuye kwashintsha kanjani ngezikhathi ezahlukene. Zikuvumela ukuthi ubuke idatha yesikhathi sangempela (ubuncane bomzuzu owodwa) kanye nedatha yomlando yamahora, izinsuku, izinyanga, noma amakota.
Lezi zinhlelo zokuhlaziya ithrafikhi zivame ukunikeza amadeshibhodi aphelele kakhululapho ungabona khona ngokushesha ukuthi iyiphi i-interface, uhlelo lokusebenza, umsebenzisi, umsingathi, noma ingxoxo eqoqa izinsiza. Imibiko ivame ukuthunyelwa ngefomethi ye-CSV noma ye-PDF, okuwusizo kakhulu ekuletheni kubaphathi abaphezulu kanye nokuqinisekisa ukutshalwa kwezimali noma izinguquko zenqubomgomo.
Elinye iphuzu elithakazelisayo yikhono lokubona ukuziphatha okungajwayelekile. ukugeleza kwethrafikhi ngokwako: ukwanda okungavamile kwethrafikhi eya emachwebeni athile, amaphethini akhumbuza ukuhlaselwa kokwenqatshwa kwenkonzo, ukugeleza okunamanani angavamile e-TOS, noma amaphakethe angalungile. Ngokuhlukanisa lezi zenzakalo, izinsongo zangaphakathi noma zangaphandle zingabonakala, okuvumela impendulo esheshayo.
Abahlaziyi bethrafikhi nabo baba ithuluzi elibalulekile lokuhlola uma kwenzeka ukungena okungase kwenzeke. Ngokugcina ulwazi oluningiliziwe ngalokho okwenzekile kunethiwekhi, bavumela ukuthi lesi sigameko sakhiwe kabusha: ukuthi yimiphi imishini ehilelekile, ukuthi imiphi inqwaba yedatha ekhishwe, nokuthi yiziphi izikhathi lapho ukufinyelela okusolisayo kwenzeka khona.
Indlela yokuhlela nokwenza ukuhlolwa kwenethiwekhi isinyathelo ngesinyathelo
Noma yikuphi ukuhlolwa noma ukuhlolwa kokuphepha kwenethiwekhi okuqinile kuncike ezigabeni ezintathu eziyinhloko.Ukuhlela, ukufeza, kanye nokuhlolwa kwangemva kokuhlolwa. Ukweqa noma ukunciphisa isigaba sokuhlela kuvame ukuphelela ekukhungathekeni kanye nesikhathi esichithwayo, ngoba izimvume, idatha, noma amathuluzi kutholakala ukuthi awekho phakathi nephrojekthi.
Ngesikhathi sesigaba sokuhlela, ububanzi buchazwa ngokunembile.: yimaphi amadivayisi afakiwe (ngokuvamile ama-router, amaswishi, ama-firewall kanye nemishini yokuphepha, kungafakwanga izindawo zokusebenza kanye namaseva ezinhlelo zokusebenza ngaphandle kokuthi kuchazwe ngenye indlela), yiziphi izinhloso ezilandelwayo (isitoko, ukuhambisana nomthetho, ukuxazulula izinkinga, ukuthuthukiswa kokusebenza), yimiphi imithethonqubo esebenzayo kanye nokuthi yimaphi amafasitela okusebenza azosetshenziswa.
Ukuzibophezela kwababambiqhaza nakho kuyaqinisekiswa.Ngaphandle kokusekelwa abaphathi kanye nethimba lobuchwepheshe, cishe akunakwenzeka ukwenza ukuhlolwa kwenethiwekhi okuphelele, njengoba kudinga iziqinisekiso zokufinyelela (i-SNMP, i-Telnet, i-SSH), izinguquko zokucushwa kwesikhashana (njengokuvumela i-SNMP noma i-SPAN), ngisho namakhompyutha noma ama-laptop anamandla anele okusebenzisa amathuluzi adingekayo.
Ukukhetha amathuluzi kungenye iphuzu elibalulekile kulesi sigabaKumanethiwekhi amancane, indlela esetshenziswa ngesandla ingakhethwa, ukuxhuma idivayisi ngedivayisi, kodwa ezindaweni eziphakathi nezinkulu ngokuvamile kubalulekile ukusebenzisa izixazululo zokuthola okuzenzakalelayo, ukuhlaziywa kokucushwa, izikena zobuthakathaka kanye nezihlaziyi zethrafikhi.
Uma uhlelo seludwetshiwe, ukuqaliswa kokuhlolwa kwezimali kuqala.Njengoba iziqinisekiso sezilungisiwe futhi ithuluzi selilungisiwe (izintambo zomphakathi ze-SNMP, amagama abasebenzisi e-Telnet/SSH namaphasiwedi, ububanzi be-IP, noma amadivayisi embewu), inqubo yokuthola iqala. Kuye ngobukhulu benethiwekhi, lesi sigaba singahlala kusukela emahoreni ambalwa kuya ezinsukwini eziningana.
Uma ukuqoqwa kwedatha sekuqediwe, isigaba sangemuva kokuhlolwa siyaqala.lapho yonke imiphumela ihlaziywa ngokujulile: imibiko ikhiqizwa, izingozi ziyahlonzwa, ubuthakathaka bubekwa phambili ngomthelela, kuhlukaniswe okuhle okungamanga, bese kubhalwa izincomo ezicacile. Ingxenye yombiko izogxila olimini lwebhizinisi (izindleko zokuphela komsebenzi, izingozi zomthetho, umthelela ekukhiqizeni) kanti enye ingxenye izoba ngeyobuchwepheshe kuphela.
Izigaba ezinemininingwane ekuhlolweni kokuphepha kwenethiwekhi
Ekuhlolweni okuningiliziwe kwezokuphepha Ochwepheshe bavame ukuhlukanisa umsebenzi ngezigaba eziningana zobuchwepheshe ezihlukaniswe kahle ukuqinisekisa ukuthi akukho engela engashiywanga ingahlolwanga.
Isigaba sokuqala ukuhlaziywa kwezinyawo kanye nokuqoqwa kolwaziLapha, kudalwa uhlu lwenethiwekhi olubonakalayo nolungokoqobo: ihadiwe, isofthiwe, amalayisense, amagama esizinda, ububanzi be-IP, izinsizakalo ezishicilelwe, imizila, izinqubomgomo zokuphepha, izinqubo zokuqapha esezisebenza kakade, njll. Umgomo ukuba nemodeli yenethiwekhi ephelele kakhulu kanye nephrofayili yokuphepha ngangokunokwenzeka.
Isigaba sesibili sigxile ekuhlaziyweni nasekuhlolweni kobuthakathaka ngokombono wangaphandleNgokusebenzisa ulwazi oluqoqwe, inhloso iwukungena kunethiwekhi ngokusebenzisa ubuthakathaka obuphansi, obunganikeza ukufinyelela kolwazi olubucayi noma izinhlelo ezibucayi.
Isigaba sesithathu siphinda isu elifanayo, kodwa ngaphakathi enhlanganweni.Lesi simo sicabanga ukuthi umhlaseli usevele engenile (isibonelo, nge-imeyili yobugebengu bokweba imininingwane noma idrayivu ye-USB ethelelekile) futhi uzama ukwandisa amalungelo nokuhamba eceleni. Lokhu kuhlola amandla okuzivikela kwangaphakathi kanye nokuhlukaniswa kwesistimu.
Esigabeni sesine, ubuthakathaka ngabunye obuxhashazwayo buqinisekiswa ngesandla.Lokhu kuhilela ukubuyekeza ukucushwa, izinguqulo, ama-patches, kanye nezinye izindlela zokuhlasela ezingaba khona. Lokhu kuqinisekiswa kuvimbela izinsiza ekutshalweni kwemali ekulungiseni izinkinga ezingasetshenziswa ngempela noma ezinomthelela omncane kumongo othize wenhlangano.
Ekugcineni, kwenziwa ukuhlaziywa okuphelele kobuthakathaka. ukuhlonza amaphethini kanye nezimbangela eziyinhloko: amaphutha okuklama, ukuntuleka kwezinqubomgomo, ukuntuleka kokuqeqeshwa, imishini engasekelwa, ukungabikho kokuhlolwa okuvamile, njll. Ukusuka lapho, kuchazwa izinhlelo zesenzo ezibekwe phambili, okumele umnyango we-IT uzisebenzise ngokubambisana nabaphathi.
Kokubili ukuhlolwa kwenethiwekhi kanye nokuhlolwa kwengqalasizinda ye-IT kubalulekile ukuqinisekisa ukuthi izinhlelo zamakhompyutha zenkampani ziqinile, zingasetshenziswa ngokuzethemba, futhi zinikeza izinga eliphezulu kakhulu lobumfihlo kanye nokuvikelwa ezinsongweni ze-cyber eziyinkimbinkimbi kakhulu.
Ukuhlaziywa okujulile kwemishini yenethiwekhi, kuhlanganiswe nokuqapha okuqhubekayo, amathuluzi amahle, kanye nokubuyekezwa okuvamile Kwenza umehluko phakathi kwenhlangano esabela ezinkingeni lapho sekwephuze kakhulu kanye nenhlangano ebona ukwehluleka, ukuhlaselwa kanye nezithiyo ngesikhathi, igwema ukuphazamiseka kwebhizinisi, ukulahleka kwedatha kanye nezijeziso zokungalandeli imithetho.
