Kwimeko yedijithali yanamhlanje, apho ukufikelela kwi-intanethi kuxhaphake khona, kubalulekile ukuba kubekho amanyathelo okhuseleko aqinileyo okukhusela abasebenzisi ekufikeleleni kwiiwebhusayithi ezinokuba yingozi okanye ezingafanelekanga. Esinye isisombululo esisebenzayo kukusetyenziswa kweNetwork Packet Broker (NPB) yokujonga nokulawula ithrafikhi yenethiwekhi.
Makhe sihambe ngemeko ethile ukuze siqonde indlela i-NPB engasetyenziswa ngayo kule njongo:
1- Umsebenzisi ufikelela kwiwebhusayithi: Umsebenzisi uzama ukufikelela kwiwebhusayithi esebenzisa izixhobo zakhe.
2- Iipakethi ezidlulayo ziphindaphindwa yiI-Passive TapNjengoko isicelo somsebenzisi sihamba kwinethiwekhi, iPassive Tap iphinda iipakethi, ivumela i-NPB ukuba ihlalutye ithrafikhi ngaphandle kokuphazamisa unxibelelwano lokuqala.
3- I-Network Packet Broker ithumela ezi traffic zilandelayo kwi-Policy Server:
- I-HTTP FUMANA: I-NPB ichonga isicelo se-HTTP GET ize isithumele kwiSeva yoMgaqo-nkqubo ukuze ihlolwe ngakumbi.
- Umthengi we-HTTPS TLS Molo: Kwithrafikhi ye-HTTPS, i-NPB ibamba ipakethi ye-TLS Client Hello ize iyithumele kwi-Policy Server ukuze imisele iwebhusayithi ekuyiwa kuyo.
4- I-Policy Server ijonga ukuba iwebhusayithi efikelelekayo ikuluhlu lwabamnyama na: I-Policy Server, exhotyiswe ngesiseko sedatha seewebhusayithi ezinobungozi okanye ezingafunekiyo, ijonga ukuba iwebhusayithi eceliweyo ikuluhlu lwabantu abamnyama.
5- Ukuba iwebhusayithi ikuluhlu olumnyama, iSeva yeMigaqo ithumela ipakethi ye-TCP Reset:
- Kumsebenzisi: I-Policy Server ithumela ipakethi ye-TCP Reset ene-IP yomthombo wewebhusayithi kunye ne-IP yendawo umsebenzisi afike kuyo, nto leyo ephelisa ngempumelelo uqhagamshelo lomsebenzisi kwiwebhusayithi evalwe kuluhlu.
- Kwiwebhusayithi: I-Policy Server ikwathumela ipakethi ye-TCP Reset ene-IP yomthombo womsebenzisi kunye ne-IP yendawo ekuyiwa kuyo kwiwebhusayithi, inqumla uqhagamshelo kwelinye icala.
6- Ukuqondisa kwakhona i-HTTP (ukuba ithrafikhi yi-HTTP)Ukuba isicelo somsebenzisi senziwe nge-HTTP, iSeva yeMigaqo ikwathumela i-HTTP redirect kumsebenzisi, imthumela kwiwebhusayithi ekhuselekileyo, eyahlukileyo.
Ngokusebenzisa esi sisombululo kusetyenziswa iNetwork Packet Broker kunye nePolicy Server, imibutho inokubeka esweni ngempumelelo kwaye ilawule ukufikelela kwabasebenzisi kwiiwebhusayithi ezifakwe kuluhlu lwabantu abamnyama, ikhusela inethiwekhi yabo kunye nabasebenzisi kwingozi enokubakho.
Umthengisi weePakethi zeNethiwekhi (NPB)Izisa ithrafikhi evela kwimithombo emininzi ukuze ihluzwe ngakumbi ukunceda ukulinganisela imithwalo yethrafikhi, ukusika ithrafikhi, kunye nokukwazi ukufihla. Ii-NPB zilungelelanisa ukuhlanganiswa kwethrafikhi yenethiwekhi evela kwimithombo eyahlukeneyo, kubandakanya ii-routers, iiswitshi, kunye nee-firewalls. Le nkqubo yokudibanisa idala umjelo omnye, yenza kube lula uhlalutyo olulandelayo kunye nokubeka esweni imisebenzi yenethiwekhi. Ezi zixhobo ziququzelela ngakumbi ukucoca ithrafikhi yenethiwekhi ekujoliswe kuyo, okuvumela imibutho ukuba igxile kwidatha efanelekileyo kuzo zombini iinjongo zohlalutyo kunye nokhuseleko.
Ukongeza kwizakhono zazo zokudibanisa nokucoca, ii-NPB zibonisa ukusasazwa kwethrafikhi yenethiwekhi ngobuchule kwizixhobo ezininzi zokubeka esweni nokhuseleko. Oku kuqinisekisa ukuba isixhobo ngasinye sifumana idatha efunekayo ngaphandle kokuyigcwalisa ngolwazi olungaphandle. Ukulungelelaniswa kwe-NPBs kufikelela ekuphuculeni ukuhamba kwethrafikhi yenethiwekhi, kuhambelana nezakhono ezizodwa kunye namandla ezixhobo ezahlukeneyo zokubeka esweni nokhuseleko. Oku kuphucula kukhuthaza ukusetyenziswa ngokufanelekileyo kwezixhobo kuzo zonke iziseko zenethiwekhi.
Iingenelo eziphambili zeNetwork Packet Broker zale ndlela ziquka:
- Ukubonakala Okubanzi: Amandla e-NPB okuphinda ithrafikhi yenethiwekhi avumela umbono opheleleyo wonxibelelwano lonke, kuquka zombini ithrafikhi ye-HTTP kunye ne-HTTPS.
- Ulawulo lweGranular: Amandla eSeva yoMgaqo-nkqubo okugcina uluhlu olumnyama kunye nokuthatha amanyathelo ajoliswe kuwo, njengokuthumela iipakethi ze-TCP Reset kunye nee-HTTP redirects, anika ulawulo olupheleleyo malunga nokufikelela komsebenzisi kwiiwebhusayithi ezingafunekiyo.
- Ukwanda: Indlela i-NPB ephatha ngayo ithrafikhi yenethiwekhi ngokufanelekileyo iqinisekisa ukuba esi sisombululo sokhuseleko sinokuphuculwa ukuze sihlangabezane neemfuno ezikhulayo zabasebenzisi kunye nobunzima benethiwekhi.
Ngokusebenzisa amandla eNetwork Packet Broker kunye nePolicy Server, imibutho inokuphucula indlela ekhuseleke ngayo kwinethiwekhi kwaye ikhusele abasebenzisi bayo kwiingozi ezinxulumene nokufikelela kwiwebhusayithi ezifakwe kuluhlu lwabantu abangafunekiyo.
Ixesha leposi: Juni-28-2024
