Yintoni umsebenzi we-Bypass yeSixhobo soKhuseleko lweNethiwekhi?

Yintoni i-Bypass?

Isixhobo soKhuseleko lweNethiwekhi siqhele ukusetyenziswa phakathi kweenethiwekhi ezimbini okanye ngaphezulu, njengaphakathi kwenethiwekhi yangaphakathi kunye nenethiwekhi yangaphandle.I Network Security Equipment ngokusebenzisa uhlalutyo ipakethe womnatha, ukufumanisa ukuba kukho isoyikiso, emva kokuba iqwalaselwe ngokwemigaqo ethile umzila ukuya phambili ipakethi ukuphuma, kwaye ukuba izixhobo zokhuseleko womnatha asebenzanga kakuhle, Umzekelo, emva kokusilela umbane okanye ukuntlitheka. , iisegmenti zenethiwekhi eziqhagamshelwe kwisixhobo ziyaqhawuka enye kwenye.Kule meko, ukuba inethiwekhi nganye kufuneka idibaniswe enye kwenye, ngoko i-Bypass kufuneka ibonakale.

Umsebenzi we-Bypass, njengoko igama lisitsho, lenza ukuba uthungelwano mbini luqhagamshele ngokwasemzimbeni ngaphandle kokudlula kwinkqubo yesixhobo sokhuseleko sothungelwano ngemeko ethile yokuqalisa (ukungaphumeleli kwamandla okanye ukuphazamiseka).Ke ngoko, xa isixhobo sokhuseleko senethiwekhi singaphumeleli, inethiwekhi eqhagamshelwe kwisixhobo se-Bypass inokunxibelelana omnye nomnye.Ngokuqinisekileyo, isixhobo sothungelwano asisebenzi iipakethi kwinethiwekhi.

ngaphandle kokuphazamisa inethiwekhi

Uyihlela njani iMowudi yokuNgena kweSicelo?

I-Bypass yahlulwe kwiimowudi zolawulo okanye zokuqalisa, ezi zilandelayo
1. Ukuqhutywa ngumbane.Kule mowudi, umsebenzi we-Bypass uvula xa ifowuni icinyiwe.Ukuba isixhobo sivuliwe, umsebenzi we-Bypass uya kucinywa ngoko nangoko.
2. Ilawulwa yiGPIO.Emva kokungena kwi-OS, ungasebenzisa i-GPIO ukusebenzisa izibuko ezithile ukulawula iswitshi ye-Bypass.
3. Ukulawulwa yi-Watchdog.Olu lulwandiso lwemowudi yesi-2. Ungasebenzisa i-Watchdog ukulawula ukwenziwa kunye nokukhubaza inkqubo ye-GPIO Bypass ukulawula ubume bokuNgena.Ngale ndlela, ukuba iqonga liyaqhekeka, i-Bypass inokuvulwa yi-Watchdog.
Kwizicelo ezisebenzayo, la mazwe mathathu ahlala ekhona ngexesha elifanayo, ngakumbi iindlela ezimbini ze-1 kunye ne-2. Indlela yokusetyenziswa ngokubanzi yile: xa isixhobo sivaliwe, i-Bypass ivuliwe.Emva kokuba isixhobo sivuliwe, i-Bypass inikwe amandla yi-BIOS.Emva kokuba i-BIOS ithatha isixhobo, i-Bypass isasebenza.Cima i-Bypass ukuze isicelo sisebenze.Ngexesha layo yonke inkqubo yokuqalisa, phantse akukho luqhawulo lwenethiwekhi.

Ukufunyanwa kokubetha kwentliziyo

Uthini uMmiselo wokuphunyezwa kwe-Bypass?

1. Inqanaba leHardware
Kwinqanaba le-hardware, ii-relays zisetyenziselwa ukufezekisa i-Bypass.Ezi zikhuseli ziqhagamshelwe kwiintambo zomqondiso wamazibuko amabini othungelwano lwe-Bypass.Lo mfanekiso ulandelayo ubonisa indlela yokusebenza ye-relay usebenzisa intambo yomqondiso omnye.
Thatha i-trigger yamandla njengomzekelo.Kwimeko yokungaphumeleli kwamandla, ukutshintshela kwi-relay kuya kuxhuma kwisimo se-1, oko kukuthi, i-Rx kwi-interface ye-RJ45 ye-LAN1 iya kuxhuma ngokuthe ngqo kwi-RJ45 Tx ye-LAN2, kwaye xa isixhobo sivuliwe, ukutshintshwa kuya qhagamshela ku-2. Ngale ndlela, ukuba unxibelelwano lwenethiwekhi phakathi kwe-LAN1 kunye ne-LAN2 luyafuneka, Kufuneka wenze oko ngesicelo kwisixhobo.
2. Inqanaba leSoftware
Kuluhlu lwe-Bypass, i-GPIO kunye ne-Watchdog zikhankanywa ukulawula kunye nokuqalisa i-Bypass.Enyanisweni, zombini ezi ndlela zimbini zisebenza i-GPIO, kwaye ke i-GPIO ilawula i-relay kwi-hardware ukwenza i-jump ehambelanayo.Ngokukodwa, ukuba i-GPIO ehambelanayo isetelwe kwinqanaba eliphezulu, i-relay iya kuxhuma kwindawo ye-1 ngokuhambelanayo, kanti ukuba indebe ye-GPIO isethelwe kwinqanaba eliphantsi, i-relay iya kuxhuma kwindawo ye-2 ngokuhambelanayo.

Kwi-Watchdog Bypass, yongezwa ngokwenene i-Watchdog yokulawula i-Bypass ngesiseko solawulo lwe-GPIO ngasentla.Emva kokuba i-watchdog isebenze, setha isenzo sokudlula kwi-BIOS.Inkqubo ivula umsebenzi wokulinda.Emva kokuba i-watchdog isebenze, i-bypass yenethiwekhi ye-port ehambelanayo yenziwe kwaye isixhobo singena kwimeko yokudlula.Enyanisweni, i-Bypass nayo ilawulwa yi-GPIO, kodwa kulo mzekelo, ukubhalwa kwamanqanaba aphantsi kwi-GPIO kwenziwa yi-Watchdog, kwaye akukho nkqubo eyongezelelweyo efunekayo ukubhala i-GPIO.

Umsebenzi we-Hardware Bypass ngumsebenzi onyanzelekileyo weemveliso zokhuseleko lwenethiwekhi.Xa isixhobo sicinyiwe okanye sitshonile, amazibuko angaphakathi nangaphandle adityaniswa ngokwasemzimbeni ukwenza intambo yenethiwekhi.Ngale ndlela, ukugcwala kwedatha kunokudlula ngokuthe ngqo kwisixhobo ngaphandle kokuchatshazelwa yimeko yangoku yesixhobo.

Ukufumaneka okuphezulu (HA) Isicelo:

I-Mylinking™ ibonelela ngezisombululo ezibini ezifumanekayo eziphezulu (HA), eziSebenzayo/ezokulinda kunye neZisebenzayo/Ezisebenzayo.I-Active Standby (okanye esebenzayo / esebenzayo) ukuthunyelwa kwizixhobo ezincedisayo ukubonelela nge-faillover ukusuka kwiprayimari ukuya kwizixhobo zokugcina.Kwaye i-Active/Active Deployed to redundant links to provide failover xa nasiphi na isixhobo esiSebenzayo sisilela.

HA1

I-Mylinking™ Bypass TAP ixhasa izixhobo ezibini ezingafunekiyo zangaphakathi, zinokubekwa kwisisombululo Esisebenzayo/eSilindileyo.Enye isebenza njengesixhobo sokuqala okanye "Esisebenzayo".Isixhobo esilindileyo okanye “soPassive” sisafumana itrafikhi yexesha lokwenyani ngothotho lwe-Bypass kodwa ayithathwa njengesixhobo esingaphakathi.Oku kunika "I-Hot Standby" ukungafuneki.Ukuba ifowuni esebenzayo ayisebenzi kwaye i-Bypass TAP iyeke ukufumana ukubetha kwentliziyo, isixhobo esilindileyo sithatha indawo njengesixhobo sokuqala kwaye siza kwi-intanethi ngoko nangoko.

HA2
Zeziphi izinto eziluncedo onokuzifumana ngokusekwe kwi-Bypass yethu?

1-Yabela itrafikhi phambi nasemva kwesixhobo esingaphakathi (ezifana ne-WAF, NGFW, okanye i-IPS) kwisixhobo esingaphandle kwebhendi
I-2-Ukulawula izixhobo ezininzi ze-inline ngaxeshanye zenza lula ukhuseleko kunye nokunciphisa ubunzima benethiwekhi
3-Ibonelela ngokucoca, ukuhlanganiswa, kunye nokulinganisa umthwalo kumakhonkco angaphakathi
4-Nciphisa umngcipheko wexesha lokuphumla elingacwangciswanga
5-Ukusilela, ukufumaneka okuphezulu [HA]


Ixesha lokuposa: Dec-23-2021