Xa isixhobo seNkqubo yokuFumanisa ukuNgena (i-IDS) sisetyenziswa, izibuko ezikwiswitshi kwiziko lolwazi leqela elintanga azanelanga (umzekelo, kuvumelekile izibuko enye kuphela, kwaye izibuko ezikwizixhobo ezihlala kwezinye izixhobo).
Ngeli xesha, xa singazongezi ii-mirroring ports ezininzi, singasebenzisa isixhobo sokuphindaphindwa kwenethiwekhi, isixhobo sokudibanisa kunye nesixhobo sokudlulisela idatha ukuze sisasaze inani elifanayo ledatha yesibuko kwisixhobo sethu.
Yintoni i-Network TAP?
Mhlawumbi uqale weva igama elithi TAP switch. TAP (Terminal Access Point), ekwaziwa ngokuba yiNPB (Network Packet Broker), okanye iTap Aggregator?
Umsebenzi ophambili we-TAP kukuseta phakathi kwezibuko zokujonga kwinethiwekhi yemveliso kunye neqela lezixhobo zohlalutyo. I-TAP iqokelela ithrafikhi ebonisiweyo okanye eyahlulweyo kwisixhobo esinye okanye ezingaphezulu zenethiwekhi yemveliso kwaye isasaze ithrafikhi kwisixhobo esinye okanye ezingaphezulu zohlalutyo lwedatha.
Iimeko zokusasazwa kwenethiwekhi ye-TAP yeNethiwekhi eqhelekileyo
I-Network Tap ineelebheli ezicacileyo, ezifana nezi:
Izixhobo ezizimeleyo
I-TAP sisiqwenga esahlukileyo sehardware esingawuchaphazeliyo umthwalo kwizixhobo zenethiwekhi ezikhoyo, enye yeenzuzo ngaphezu kwezibuko.
Ukutshintsha?
I-Network Tap?
Inethiwekhi ecacileyo
Emva kokuba i-TAP iqhagamshelwe kwinethiwekhi, zonke ezinye izixhobo ezikwinethiwekhi azichaphazeleki. Kubo, i-TAP ibonakala ngathi iyasebenza emoyeni, kwaye izixhobo zokubeka esweni eziqhagamshelwe kwi-TAP zibonakala ngathi iyasebenza kwinethiwekhi iyonke.
I-TAP ifana nje ne-Port Mirroring kwiswitshi. Kutheni ke ngoku ubeka i-TAP eyahlukileyo? Makhe sijonge umahluko phakathi kwe-Network TAP kunye ne-Network Port Mirroring.
Umahluko 1: I-Network TAP kulula ukuyicwangcisa kune-port mirroring
Ukujonga izibuko kufuneka kulungiselelwe kwiswitshi. Ukuba ukujonga kufuneka kulungiswe, iswitshi kufuneka ilungiswe kwakhona YONKE. Nangona kunjalo, i-TAP kufuneka ilungiswe kuphela apho iceliweyo, nto leyo engenampembelelo kwizixhobo zenethiwekhi ezikhoyo.
Umahluko 2: I-Network TAP ayichaphazeli ukusebenza kwenethiwekhi xa kuthelekiswa nokujonga izibuko
Ukujonga izibuko kwiswitshi kuyawohloka ukusebenza kweswitshi kwaye kuchaphazela amandla okutshintsha. Ngokukodwa, ukuba iswitshi iqhagamshelwe kwinethiwekhi ngokulandelelana njenge-inline, amandla okudlulisela phambili enethiwekhi yonke ayachaphazeleka kakhulu. I-TAP yihardware ezimeleyo kwaye ayiphazamisi ukusebenza kwesixhobo ngenxa yokujonga ithrafikhi. Ke ngoko, ayinampembelelo kumthwalo wezixhobo zenethiwekhi ezikhoyo, ezineenzuzo ezinkulu kunezokujonga izibuko.
Umahluko 3: I-Network TAP ibonelela ngenkqubo yethrafikhi epheleleyo ngakumbi kune-port mirroring replication
Ukujonga izibuko akunakuqinisekisa ukuba zonke iitrafikhi zinokufunyanwa kuba i-switch port ngokwayo iya kucoca ezinye iipakethi zeempazamo okanye iipakethi ezincinci kakhulu. Nangona kunjalo, i-TAP iqinisekisa ukuthembeka kwedatha kuba "yi-replication" epheleleyo kumaleko oqobo.
Umahluko 4Ukulibaziseka kokudlulisela phambili kwe-TAP kuncinci kunokwe-Port Mirroring
Kwezinye iiswitshi ezisezantsi, i-port mirroring inokungenisa i-latency xa ukopisha ithrafikhi kwii-mirroring ports, kunye naxa ukopisha ii-ports ze-10/100m kwii-ports ze-Giga Ethernet.
Nangona oku kubhalwe ngokubanzi, sikholelwa ukuba olu hlalutyo lubini lokugqibela alunazo inkxaso yobugcisa enamandla.
Ngoko ke, kwimeko enjani ngokubanzi, kufuneka sisebenzise i-TAP ukusasaza ithrafikhi yenethiwekhi? Kalula nje, ukuba unezi mfuno zilandelayo, i-Network TAP yeyona ndlela ilungileyo onokukhetha kuyo.
Iiteknoloji ze-TAP zeNethiwekhi
Mamela oku kungasentla, uzive ngathi i-TAP network shunt sisixhobo esimangalisayo, i-TAP shunt eqhelekileyo yemarike yangoku isebenzisa uyilo olusisiseko lweendidi ezintathu:
I-FPGA
- Ukwenza okuphezulu
- Kunzima ukuphuhlisa
- Ixabiso eliphezulu
I-MIPS
- Iguquguqukayo kwaye ilula
- Ubunzima obuphakathi bophuhliso
- Abathengisi abaqhelekileyo i-RMI kunye ne-Cavium bayeke uphuhliso baza bahluleka kamva
I-ASIC
- Ukwenza okuphezulu
- Uphuhliso lomsebenzi wokwandisa lunzima, ikakhulu ngenxa yokunqongophala kwetshiphusi ngokwayo
- Ujongano kunye neenkcukacha zithintelwe yitshiphu ngokwayo, nto leyo ebangela ukuba ukusebenza kwayo kukhule kakubi.
Ngoko ke, i-Network TAP enoxinano oluphezulu kunye nesantya esiphezulu ebonakala kwimarike inendawo enkulu yokuphucula ukuguquguquka kokusetyenziswa kwayo. Ii-shunter zenethiwekhi ze-TAP zisetyenziselwa ukuguqulwa kweprotocol, ukuqokelelwa kwedatha, ukutshintshwa kwedatha, ukujonga idatha, kunye nokucoca ithrafikhi. Iintlobo eziphambili zezibuko ziquka i-100G, 40G, 10G, 2.5G POS, GE, njl. Ngenxa yokurhoxiswa kancinci kweemveliso ze-SDH, ii-shunter ze-Network TAP zangoku zisetyenziswa kakhulu kwindawo yenethiwekhi ye-Ethernet.
Ixesha lokuthumela: Meyi-25-2022
