Kwicandelo lokhuseleko lwenethiwekhi, iNkqubo yokuFumanisa ukuNgena (i-IDS) kunye neNkqubo yoThintelo lokuNgena (i-IPS) zidlala indima ebalulekileyo. Eli nqaku liza kuhlola nzulu iinkcazo zazo, iindima, umahluko, kunye neemeko zokusetyenziswa kwazo.
Yintoni i-IDS (iNkqubo yokuHlola ukuNgena)?
Inkcazo ye-IDS
Inkqubo yokuFumanisa ukuNgena sisixhobo sokhuseleko esijonga kwaye sihlalutye ithrafikhi yenethiwekhi ukuze sichonge imisebenzi okanye uhlaselo olunobungozi olunokubakho. Ikhangela iimpawu ezihambelana neepateni zohlaselo ezaziwayo ngokuhlola ithrafikhi yenethiwekhi, iilog zenkqubo, kunye nolunye ulwazi olufanelekileyo.
Indlela i-IDS esebenza ngayo
I-IDS isebenza kakhulu ngezi ndlela zilandelayo:
Ukuchonga Utyikityo: I-IDS isebenzisa utyikityo oluchazwe kwangaphambili lweepateni zohlaselo ukuze ifanise, olufana nezikena zentsholongwane ukuze kufunyanwe iintsholongwane. I-IDS iphakamisa isilumkiso xa ithrafikhi inezinto ezihambelana nezi mpawu.
Ukufunyanwa kwe-Anomaly: I-IDS ijonga isiseko somsebenzi wenethiwekhi oqhelekileyo kwaye iphakamisa izilumkiso xa ibona iipatheni ezahlukileyo kakhulu kwindlela yokuziphatha eqhelekileyo. Oku kunceda ekuchongeni uhlaselo olungaziwayo okanye olutsha.
Uhlalutyo lweProtocol: I-IDS ihlalutya ukusetyenziswa kweenkqubo zenethiwekhi kwaye ichonge indlela yokuziphatha engahambelani neenkqubo eziqhelekileyo, ngaloo ndlela ichonge uhlaselo olunokwenzeka.
Iintlobo ze-IDS
Ngokuxhomekeke apho zisasazwa khona, i-IDS inokwahlulwahlulwa ibe ziintlobo ezimbini eziphambili:
Ii-ID zeNethiwekhi (ii-NIDS): Ifakwe kwinethiwekhi ukuze ijonge zonke iitrafikhi ezihamba kwinethiwekhi. Ingabona zombini uhlaselo lwenethiwekhi kunye nolwezothutho.
Ii-IDS zoMsingathi (ii-HIDS): Isetyenziswe kwi-host enye ukuze ijonge umsebenzi wenkqubo kuloo host. Igxile kakhulu ekufumaneni uhlaselo lwenqanaba le-host olufana ne-malware kunye nokuziphatha okungaqhelekanga komsebenzisi.
Yintoni i-IPS (iNkqubo yoThintelo lokungenelela)?
Inkcazo ye-IPS
IiNkqubo zoThintelo lokungena zizixhobo zokhuseleko ezithatha amanyathelo okukhawulezisa okanye okuzikhusela kwiintlaselo ezinokubakho emva kokuba zibhaqiwe. Xa kuthelekiswa ne-IDS, i-IPS ayisosixhobo sokujonga nokulumkisa nje kuphela, kodwa ikwasisixhobo esinokungenelela ngokukhutheleyo kwaye sithintele izoyikiso ezinokubakho.
Indlela i-IPS esebenza ngayo
I-IPS ikhusela inkqubo ngokuthintela ngokuthe ngqo ithrafikhi enobungozi ehamba kwinethiwekhi. Umgaqo wayo ophambili wokusebenza uquka:
Ukuthintela iTrafikhi yoHlaselo: Xa i-IPS ibona ithrafikhi enokubakho yokuhlasela, ingathatha amanyathelo akhawulezileyo ukuthintela ezi thrafikhi ukuba zingangeni kwinethiwekhi. Oku kunceda ukuthintela ukwanda kohlaselo.
Ukuseta kwakhona imeko yoQhagamshelo: I-IPS inokuseta kwakhona imeko yoqhagamshelwano enxulumene nohlaselo olunokwenzeka, inyanzelise umhlaseli ukuba aphinde aqalise unxibelelwano aze ngaloo ndlela aphazamise uhlaselo.
Ukutshintsha Imithetho Yomlilo: I-IPS inokutshintsha imithetho ye-firewall ngokuguquguqukayo ukuze ithintele okanye ivumele iintlobo ezithile zethrafikhi ukuba zilungelelanise neemeko zoloyiko ngexesha langempela.
Iintlobo ze-IPS
Ngokufana ne-IDS, i-IPS inokwahlulwahlulwa ibe ziintlobo ezimbini eziphambili:
I-IPS yeNethiwekhi (i-NIPS): Isetyenziswa kwinethiwekhi ukujonga nokukhusela uhlaselo kulo lonke inethiwekhi. Ingakhusela uhlaselo lwenethiwekhi kunye nolwelo lwezothutho.
I-IPS yoMphathi (iiHIPS): Isetyenziswa kwi-host enye ukuze inike ukhuselo oluchanekileyo, olusetyenziswa kakhulu ukukhusela uhlaselo olukwinqanaba le-host olufana ne-malware kunye nokuxhaphaza.
Yintoni umahluko phakathi kweNkqubo yokuFumanisa ukuNgena (i-IDS) kunye neNkqubo yoThintelo lokuNgena (i-IPS)?
Iindlela ezahlukeneyo zokusebenza
I-IDS yinkqubo yokubeka esweni ngaphandle kokusebenzisa i-passive, esetyenziselwa kakhulu ukufumanisa kunye nokulumkisa. Ngokwahlukileyo koko, i-IPS iyasebenza kwaye iyakwazi ukuthatha amanyathelo okuzikhusela kwiintlaselo ezinokubakho.
Uthelekiso lweMingcipheko kunye neMpembelelo
Ngenxa yokuba i-IDS ayisebenzi kakuhle, isenokungaphumeleli okanye ibe neziphumo ezilungileyo, ngelixa ukhuselo olusebenzayo lwe-IPS lunokukhokelela kumlilo onobuhlobo. Kukho imfuneko yokulinganisela umngcipheko kunye nokusebenza kakuhle xa kusetyenziswa zombini ezi nkqubo.
Umahluko wokusasazwa kunye noQwalaselo
I-IDS idla ngokuguquguquka kwaye inokusetyenziswa kwiindawo ezahlukeneyo kwinethiwekhi. Ngokwahlukileyo koko, ukuthunyelwa kunye noqwalaselo lwe-IPS kufuna ucwangciso olucokisekileyo ukuze kuthintelwe ukuphazamiseka kwetrafikhi eqhelekileyo.
Ukusetyenziswa okuHlanganisiweyo kwe-IDS kunye ne-IPS
I-IDS kunye ne-IPS ziyahambelana, ngokubeka iliso kwi-IDS kunye nokubonelela ngezilumkiso kwaye i-IPS ithatha amanyathelo okuzikhusela xa kuyimfuneko. Ukudibana kwazo kunokwenza umgca wokhuselo lokhuseleko lwenethiwekhi obanzi ngakumbi.
Kubalulekile ukuhlaziya rhoqo imithetho, utyikityo, kunye nolwazi lwezoyikiso ze-IDS kunye ne-IPS. Izoyikiso ze-intanethi zihlala zitshintsha, kwaye uhlaziyo olufike ngexesha lunokuphucula amandla enkqubo okuchonga izoyikiso ezintsha.
Kubalulekile ukulungelelanisa imithetho ye-IDS kunye ne-IPS ukuze ihambelane nendawo ethile yenethiwekhi kunye neemfuno zombutho. Ngokuyilungisa imithetho, ukuchaneka kwenkqubo kunokuphuculwa kwaye iziphumo ezingezizo kunye nokwenzakala okunobuhlobo kunokunciphisa.
I-IDS kunye ne-IPS kufuneka zikwazi ukuphendula kwiingozi ezinokubakho ngexesha langempela. Impendulo ekhawulezayo nechanekileyo inceda ukuthintela abahlaseli ukuba bangabangela umonakalo omkhulu kwinethiwekhi.
Ukubeka iliso rhoqo kwithrafikhi yenethiwekhi kunye nokuqonda iipatheni eziqhelekileyo zethrafikhi kunokunceda ukuphucula amandla okufumanisa izinto ezingaqhelekanga kwi-IDS kunye nokunciphisa amathuba okuba kubekho iziphumo ezingezizo.
Fumana ekuneneUmthengisi wePakethi yeNethiwekhiukusebenza ne-IDS yakho (iNkqubo yokuHlola ukuNgena)
Fumana ekuneneIswitshi seTap ye-Inline Bypassukusebenzisana ne-IPS yakho (iNkqubo yoThintelo lokungena)
Ixesha leposi: Sep-26-2024
