Iqhutywa yinguqu yedijithali, uthungelwano lwamashishini alusezo "iintambo ezimbalwa ezidibanisa iikhompyuter." Ngokunyuka kwezixhobo ze-IoT, ukufuduka kweenkonzo kwilifu, kunye nokwamkelwa okwandisiweyo komsebenzi okude, itrafikhi yenethiwekhi iqhume, njengetrafikhi kuhola wendlela. Nangona kunjalo, oku kunyuka kwezithuthi kukwanika imingeni: izixhobo zokhuseleko azikwazi ukubamba idatha ebalulekileyo, iinkqubo zokubeka iliso zonganyelwe lulwazi olungafunekiyo, kwaye izoyikiso ezifihliweyo kwitrafikhi efihliweyo azibonakali. Apha kulapho "umgcini-ngcenga ongabonakaliyo" obizwa ngokuba yiNethiwekhi yePakethe yeBroker (NPB) eza luncedo. Isebenza njengebhulorho ekrelekrele phakathi kwetrafikhi yomnatha kunye nezixhobo zokubeka iliso, ijongana nokuhamba kwesiphithiphithi setrafikhi kuyo yonke inethiwekhi ngelixa isondla ngokuchanekileyo izixhobo zokubeka iliso idatha abayidingayo, ukunceda amashishini ukusombulula imingeni yenethiwekhi "engabonakaliyo, engenakufikeleleka". Namhlanje, siza kubonelela ngengqiqo ebanzi yale ndima ingundoqo ekusebenzeni kunye nokugcinwa kwenethiwekhi.
1. Kutheni iinkampani zifuna iiNPB ngoku? — "Imfuno yokubonakala" yeeNethiwekhi ezintsonkothileyo
Cinga ngoku: Xa inethiwekhi yakho iqhuba amakhulu ezixhobo ze-IoT, amakhulukhulu eeseva zelifu, kunye nabasebenzi abafikelela kuyo bekude kuyo yonke indawo, ungaqinisekisa njani ukuba akukho traffic iyingozi ingena ngaphakathi? Unokufumanisa njani ukuba ngawaphi amakhonkco axinanileyo kwaye acothise ukusebenza kweshishini?
Iindlela zokubeka iliso zemveli zide zingonelanga: nokuba izixhobo zokubeka iliso zinokugxila kuphela kumacandelo athile ezithuthi, ezilahlekileyo iindawo eziphambili; okanye bagqithise yonke i-traffic kwisixhobo kanye, kubangela ukuba ingakwazi ukugaya ulwazi kunye nokunciphisa uhlalutyo olusebenzayo. Ngaphaya koko, ngaphezulu kwe-70% yetrafikhi ngoku efihliweyo, izixhobo zemveli azikwazi ngokupheleleyo ukubona umxholo wayo.
Ukuvela kwe-NPB kujongana nentlungu "yokungabikho kokubonakala kwenethiwekhi." Bahlala phakathi kweendawo zokungena kwi-traffic kunye nezixhobo zokubeka iliso, ukudibanisa i-traffic ehlakazekileyo, ukucoca idatha engafunekiyo, kwaye ekugqibeleni basasaze i-traffic echanekileyo kwi-IDS (IiNkqubo zokuHlola i-Intrusion), ii-SIEMs (iiPlatifomu zoLawulo lweeNkcukacha zoKhuseleko), izixhobo zokuhlalutya ukusebenza, kunye nokunye. Oku kuqinisekisa ukuba izixhobo zokubeka iliso azilambi okanye zihluthe kakhulu. Ii-NPB zinokuphinda ziguqulele kwaye zibethelele i-traffic, ukukhusela idatha ebuthathaka kunye nokubonelela amashishini ngombono ocacileyo wesimo sabo sothungelwano.
Kunokuthiwa ngoku nje ukuba ishishini linokhuseleko lwenethiwekhi, ukuphuculwa komsebenzi okanye iimfuno zokuthotyelwa, i-NPB ibe yinto engundoqo engenakuthintelwa.
Yintoni i-NPB? - Uhlalutyo olulula ukusuka kwi-Architecture ukuya kwi-Core Capabilities
Abantu abaninzi bacinga ukuba igama elithi "packet broker" linomqobo wobugcisa obuphezulu ekungeneni. Nangona kunjalo, isifaniso esifikeleleka ngakumbi kukusebenzisa "iziko lokuhlela ukuhanjiswa kwenkcazo": i-traffic traffic "i-express parcels," i-NPB "iziko lokuhlela," kwaye isixhobo sokubeka iliso "yindawo yokufumana." Umsebenzi we-NPB kukuhlanganisa iipasile ezisasazekileyo (aggregation), ukususa iipasile ezingasebenziyo (ukuhluza), kwaye kuhlelwe ngokwedilesi (ukuhanjiswa). Iyakwazi ukukhupha kunye nokuhlola iipasela ezikhethekileyo (i-decryption) kwaye isuse ulwazi lwangasese (i-massaging) - yonke inkqubo iyasebenza kwaye ichanekile.
1. Okokuqala, makhe sijonge “kumathambo” e-NPB: iimodyuli ezintathu eziphambili zoyilo.
Ukuhamba komsebenzi weNPB kuxhomekeke ngokupheleleyo kwintsebenziswano yezi modyuli zintathu; akukho nanye kuzo enokusilela:
○Imodyuli yoFikelelo kwiTrafiki: Ilingana ne "express delivery port" kwaye isetyenziswa ngokukodwa ukufumana itrafikhi yothungelwano ukusuka kwisibuko sesibuko sokutshintsha (SPAN) okanye isiqhekeza (TAP). Kungakhathaliseki ukuba i-traffic evela kwikhonkco lomzimba okanye inethiwekhi ebonakalayo, inokuqokelelwa ngendlela edibeneyo.
○I-Processing Engine:Le yi "core brain of the centering center" kwaye inoxanduva lweyona "processing" ibaluleke kakhulu - njengokudibanisa i-multi-link traffic (aggregation), ukuhluza i-traffic kudidi oluthile lwe-IP (ukucoca), ukukopa i-traffic efanayo kwaye uyithumele kwizixhobo ezahlukeneyo (ukukopa), ukuguqulela i-SSL/TLS i-traffic encrypted (decryption), njl.
○Imodyuli yoSabelo: Kufana ne "courier" ehambisa ngokuchanekileyo i-traffic processed to monitoring tools ehambelanayo kwaye inokwenza kwakhona ukulinganisa umthwalo - umzekelo, ukuba isixhobo sokuhlalutya ukusebenza sixakeke kakhulu, inxalenye yetrafikhi iya kuhanjiswa kwisixhobo sokulondoloza ukuphepha ukugqithiswa kwesixhobo esisodwa.
2. I-NPB's "Hard Core Capabilities": Imisebenzi eyi-12 engundoqo isombulula i-90% yeengxaki zenethiwekhi
I-NPB inemisebenzi emininzi, kodwa masigxininise kwezona zixhaphakileyo zisetyenziswa ngamashishini. Nganye ihambelana nendawo yentlungu esebenzayo:
○Ukuphindaphindwa kweTrafikhi / Udityaniso + UkucocaNgokomzekelo, ukuba ishishini linamakhonkco enethiwekhi ye-10, i-NPB idibanisa kuqala i-traffic ye-10 links, ize ihluze "iipakethi zedatha eziphindwe kabini" kunye "ne-traffic engafanelekanga" (njenge-traffic evela kubasebenzi ababukele iividiyo), kwaye ithumela kuphela i-traffic enxulumene neshishini kwisixhobo sokubeka iliso - ukuphucula ngokuthe ngqo ukusebenza kakuhle nge-300%.
○SSL/TLS Uguqulelo oluntsonkothileyo: Kule mihla, uninzi lohlaselo olulunya lufihlwe kwitrafikhi efihliweyo ye-HTTPS. I-NPB inokukhusela ngokukhuselekileyo le traffic, ivumela izixhobo ezinjenge-IDS kunye ne-IPS ukuba "zibone" umxholo ofihliweyo kwaye ubambe izoyikiso ezifihliweyo ezinje ngamakhonkco enkohliso kunye nekhowudi engalunganga.
○Ukugutyungelwa kweDatha / Ukwenziwa kobuthathaka: Ukuba itrafikhi iqulethe ulwazi olubuthathaka olufana neenombolo zekhadi letyala kunye neenombolo zokhuseleko loluntu, i-NPB iya "kucima" ngokuzenzekelayo olu lwazi ngaphambi kokuyithumela kwisixhobo sokubeka iliso. Oku akuyi kuchaphazela uhlalutyo lwesixhobo, kodwa kuya kuhambelana ne-PCI-DSS (ukuthotyelwa kwentlawulo) kunye ne-HIPAA (ukuthotyelwa kwezempilo) ukuthintela ukuvuza kwedatha.
○Layisha iBalancing + FailoverUkuba ishishini linezixhobo ezithathu ze-SIEM, i-NPB iya kusasaza ngokulinganayo i-traffic phakathi kwabo ukuthintela nasiphi na isixhobo ukuba songanyelwe. Ukuba isixhobo esinye siyasilela, i-NPB iya kutshintsha ngokukhawuleza i-traffic kwisixhobo sokugcina ukuze kuqinisekiswe ukubeka iliso okungaphazanyiswa. Oku kubaluleke ngakumbi kumashishini afana nezezimali kunye nokhathalelo lwezempilo apho ixesha lokuphumla lingamkelekanga.
○Ukupheliswa kwetonela: I-VXLAN, i-GRE kunye nezinye "iiProtocol zeTunnel" ngoku zisetyenziswa ngokuqhelekileyo kwiinethiwekhi zamafu. Izixhobo zemveli azikwazi ukuqonda ezi nkqubo. I-NPB ino "kuqhaqha" la matonela kwaye ikhuphe i-traffic yokwenyani ngaphakathi, ivumela izixhobo ezidala ukuba ziqhubekisele phambili i-traffic kwindawo yelifu.
Ukudityaniswa kwezi mpawu kwenza i-NPB inganeli nje "ukubona nge" itrafikhi efihliweyo, kodwa "ikhusele" idatha ebuthathaka kwaye "ilungelelanise" kwiindawo ezahlukeneyo zenethiwekhi ezintsonkothileyo - kungenxa yoko le nto inokuba yinxalenye ephambili.
III. Isetyenziswa phi iNPB? -Iimeko ezintlanu eziphambili ezijongana neemfuno zeshishini lokwenyani
I-NPB ayisosixhobo esilingana-zonke; endaweni yoko, ihambelana bhetyebhetye kwiimeko ezahlukeneyo. Nokuba liziko ledatha, inethiwekhi ye-5G, okanye indawo yelifu, ifumana usetyenziso oluchanekileyo. Makhe sijonge iimeko ezimbalwa eziqhelekileyo ukubonisa le ngongoma:
1. Iziko leenkcukacha: Isitshixo sokuHlola iTrafikhi yaseMpuma-Ntshona
Amaziko edatha emveli agxile kuphela kwitrafikhi emntla-mazantsi (i-traffic esuka kumaseva ukuya kwihlabathi langaphandle). Nangona kunjalo, kumaziko edatha abonakalayo, i-80% yetrafikhi ikwimpuma-ntshona (i-traffic phakathi koomatshini benyani), apho izixhobo zemveli zingenako ukubamba. Apha kulapho ii-NPBs ziluncedo khona:
Ngokomzekelo, inkampani enkulu ye-intanethi isebenzisa i-VMware ukwakha iziko ledatha elibonakalayo. I-NPB idityaniswe ngokuthe ngqo kunye ne-vSphere (iqonga lolawulo le-VMware) ukubamba ngokuchanekileyo i-traffic yempuma-ntshona phakathi koomatshini obubonakalayo kunye nokusabalalisa kwi-IDS kunye nezixhobo zokusebenza. Oku akupheli kuphela "ukubeka iliso kwiindawo ezingaboniyo," kodwa kwandisa ukusebenza kwesixhobo nge-40% ngokucoca i-traffic, ukusika ngokuthe ngqo iziko ledatha ixesha lokulungisa (MTTR) ngesiqingatha.
Ukongeza, i-NPB inokubeka iliso kumthwalo weseva kwaye iqinisekise ukuba idatha yentlawulo ihambelana ne-PCI-DSS, ibe "yimfuno ebalulekileyo yokusebenza kunye nokugcinwa" kumaziko edatha.
2. I-SDN/NFV Imeko-bume: Iindima eziguquguqukayo Ukuziqhelanisa neSoftware-Defined Networking
Iinkampani ezininzi ngoku zisebenzisa i-SDN (i-Software Defined Networking) okanye i-NFV (i-Network Function Virtualization). Uthungelwano alusekho i-hardware esisigxina, kodwa iinkonzo zesoftware eziguquguqukayo. Oku kufuna ukuba ii-NPBs zibe bhetyebhetye ngakumbi:
Umzekelo, iyunivesiti isebenzisa i-SDN ukuphumeza "Yiza neSixhobo Sakho Sakho (BYOD)" ukuze abafundi nootitshala baqhagamshelane nenethiwekhi yekhampasi besebenzisa iifowuni zabo kunye neekhompyuter. I-NPB idibaniswe nomlawuli we-SDN (njenge-OpenDaylight) ukuqinisekisa ukuhlukaniswa kwe-traffic phakathi kokufundisa kunye neendawo zeofisi ngelixa usasaza ngokuchanekileyo i-traffic ukusuka kwindawo nganye ukuya kwizixhobo zokubeka iliso. Le ndlela yokufundisa ayichaphazeli ukusetyenziswa kwabafundi kunye nootitshala, kwaye ivumela ukufunyanwa kwangethuba koqhagamshelwano olungaqhelekanga, olufana nokufikelela kwiidilesi ze-IP ezinobungozi ngaphandle kwekhampasi.
Kukwanjalo nakwiindawo ze-NFV. I-NPB inokubeka iliso kwi-traffic firewall (vFWs) kunye ne-balancers yomthwalo we-virtual (vLBs) ukuqinisekisa ukusebenza okuzinzileyo kwezi "zixhobo zesoftware", eguquguqukayo ngakumbi kunokubekwa esweni kwehardware yemveli.
3. IiNethiwekhi ze-5G: Ukulawula i-Sliced Traffic kunye ne-Edge Nodes
Iimpawu eziphambili ze-5G "ziisantya esiphezulu, i-latency ephantsi, kunye nokudibanisa okukhulu", kodwa oku kuzisa nemingeni emitsha yokubeka iliso: umzekelo, iteknoloji ye-5G "ye-network slicing" inokwahlula inethiwekhi efanayo yomzimba kwiinethiwekhi ezininzi ezinengqiqo (umzekelo, i-low-latency slice yokuqhubela ukuzimela kunye ne-slice-connection enkulu ye-IoT), kwaye i-traffic ibekwe kwi-slicing nganye ngokuzimeleyo.
Omnye umqhubi wasebenzisa i-NPB ukusombulula le ngxaki: ibeke iliso elizimeleyo le-NPB kwi-slice nganye ye-5G, engakwazi ukujonga kuphela i-latency kunye ne-throughput ye-slice nganye ngexesha langempela, kodwa iphinde ibambe i-traffic engavamile (njengokungena okungagunyaziswanga phakathi kweengcezu) ngexesha elifanelekileyo, ukuqinisekisa iimfuno eziphantsi ze-latency zamashishini abalulekileyo afana nokuqhuba ngokuzimeleyo.
Ukongezelela, i-5G edge computing nodes ihlakazekile kulo lonke ilizwe, kwaye i-NPB inokubonelela "ngenguqu ekhangayo" esetyenziswe kwiindawo ezinqamlekileyo ukujonga i-traffic esasazwayo kunye nokuphepha ukulibaziseka okubangelwa ukuhanjiswa kwedatha emva naphambili.
4. I-Cloud Environmental / Hybrid IT: Ukuqhawula izithintelo zoLuntu kunye noBucala kwiLifu lokuJonga
Uninzi lwamashishini ngoku asebenzisa uyilo lwelifu elixubeneyo-eminye imisebenzi ihlala kwi-Alibaba Cloud okanye kwi-Tencent Cloud (amafu oluntu), ezinye kumafu azo abucala, kwaye ezinye kwiiseva zasekhaya. Kule meko, i-traffic isasazwa kwiindawo ezininzi, okwenza ukubeka iliso kuphazamiseke lula.
I-China Minsheng Bank isebenzisa i-NPB ukusombulula le ndawo yentlungu: ishishini layo lisebenzisa i-Kubernetes yokuthunyelwa kwe-container. I-NPB inokubamba ngokuthe ngqo i-traffic phakathi kwezikhongozeli (ii-Pods) kwaye idibanise i-traffic phakathi kweeseva zefu kunye namafu abucala ukwenza "ukubeka iliso ekupheleni kokuphela" - kungakhathaliseki ukuba ishishini lisefini likawonkewonke okanye ilifu labucala, nje ukuba kukho ingxaki yokusebenza, iqela lokusebenza kunye nokugcinwa kunokusebenzisa idatha ye-NPB ye-traffic ukuze ifumane ngokukhawuleza ukuba yingxaki kunye ne-inter-container congestion, ukuphucula i-container ye-inter-container by cloud-container , ukuphucula i-inter-container congestion okanye i-cloud agnostic call.
Kumafu kawonkewonke abaqashiweyo abaninzi, i-NPB inokuqinisekisa ukwahlukaniswa kwetrafikhi phakathi kwamashishini ahlukeneyo, ukuthintela ukuvuza kwedatha, kunye nokuhlangabezana neemfuno zokuthotyelwa kweshishini lezemali.
Ukuqukumbela: I-NPB ayisiyiyo "ukhetho" kodwa "kufuneka"
Emva kokuphonononga ezi meko, uya kufumanisa ukuba i-NPB ayiseyiyo itekhnoloji ye-niche kodwa sisixhobo esiqhelekileyo samashishini ukumelana nothungelwano oluntsonkothileyo. Ukusuka kumaziko edatha ukuya kwi-5G, ukusuka kumafu abucala ukuya kwi-IT ye-hybrid, i-NPB inokudlala indima naphi na apho kukho imfuneko yokubonakala kwenethiwekhi.
Ngokuxhaphaka okunyukayo kwe-AI kunye ne-edge computing, i-traffic traffic iya kuba nzima ngakumbi, kwaye amandla e-NPB aya kuphuculwa ngakumbi (umzekelo, ukusebenzisa i-AI ukuchonga ngokuzenzekelayo i-traffic engaqhelekanga kunye nokuvumela ukulungelelaniswa kwe-lightweight kwi-edge nodes). Kumashishini, ukuqonda kunye nokusasaza ii-NPBs kwangethuba kuya kubanceda babambe inyathelo lokuqala lothungelwano kwaye baphephe ukuphambuka kwinguqu yabo yedijithali.
Ngaba ukhe wadibana nemiceli mngeni yokubeka iliso kwinethiwekhi kwishishini lakho? Umzekelo, awuboni itrafikhi efihliweyo, okanye ukujonga ilifu elixutyiweyo kuphazamisekile? Zive ukhululekile ukwabelana ngeengcinga zakho kwicandelo lamagqabaza kwaye masijonge izisombululo kunye.
Ixesha lokuposa: Sep-23-2025
