Tlhahlobo e tebileng ea lipakete (DPI)ke theknoloji e sebediswang ho Network Packet Brokers (NPBs) ho hlahloba le ho sekaseka dikahare tsa dipakete tsa marangrang ka boemo bo kopaneng. E kenyeletsa ho hlahloba mojaro wa moputso, dihlooho, le tlhahisoleseding e nngwe e ikgethang ka hara dipakete ho fumana temohisiso e qaqileng ka sephethephethe sa marangrang.
DPI e feta tlhahlobo e bonolo ea lihlooho 'me e fana ka kutloisiso e tebileng ea data e phallang ka marang-rang. E lumella tlhahlobo e tebileng ea liprothokhole tsa lera la kopo, tse kang HTTP, FTP, SMTP, VoIP, kapa liprothokhole tsa ho phallela video. Ka ho hlahloba litaba tsa 'nete ka har'a lipakete, DPI e ka lemoha le ho khetholla lits'ebetso tse itseng, liprothokhole, kapa esita le mekhoa e itseng ea data.
Ntle le tlhahlobo ea maemo ea liaterese tsa mohloli, liaterese tsa libaka, libaka tsa libaka, libaka tsa libaka, le mefuta ea li-protocol, DPI e boetse e eketsa tlhahlobo ea likarolo tsa kopo ho khetholla lits'ebetso tse fapaneng le litaba tsa tsona. Ha data ea pakete ea 1P, TCP kapa UDP e phalla tsamaisong ea taolo ea bandwidth e thehiloeng theknolojing ea DPI, sistimi e bala litaba tsa mojaro oa pakete ea 1P ho hlophisa bocha tlhahisoleseling ea likarolo tsa kopo ho protocol ea OSI Layer 7, e le ho fumana litaba tsa lenaneo lohle la kopo, ebe e bopa sephethephethe ho latela leano la tsamaiso le hlalositsoeng ke sistimi.
DPI e sebetsa joang?
Hangata li-firewall tsa setso ha li na matla a ho sebetsana le tsona ho etsa liteko tse tebileng tsa nako ea sebele holim'a bongata bo boholo ba sephethephethe. Ha theknoloji e ntse e tsoela pele, DPI e ka sebelisoa ho etsa liteko tse rarahaneng haholoanyane ho hlahloba lihlooho le data. Ka tloaelo, li-firewall tse nang le litsamaiso tsa ho lemoha ho kenella hangata li sebelisa DPI. Lefatšeng leo tlhahisoleseling ea dijithale e leng ea Bohlokoa, karolo e 'ngoe le e 'ngoe ea tlhahisoleseling ea dijithale e fanoa ka Inthanete ka lipakete tse nyane. Sena se kenyelletsa imeile, melaetsa e rometsoeng ka sesebelisoa, liwebsaete tse etetsoeng, lipuisano tsa video, le tse ling. Ntle le data ea 'nete, lipakete tsena li kenyelletsa metadata e khethollang mohloli oa sephethephethe, litaba, moo li eang teng, le tlhaiso-leseling e 'ngoe ea bohlokoa. Ka theknoloji ea ho sefa lipakete, data e ka beoa leihlo le ho laoloa khafetsa ho netefatsa hore e fetisetsoa sebakeng se nepahetseng. Empa ho netefatsa ts'ireletso ea marang-rang, ho sefa lipakete tsa setso ho hole haholo. Mekhoa e meng ea mantlha ea tlhahlobo e tebileng ea lipakete tsamaisong ea marang-rang e thathamisitsoe ka tlase:
Mokhoa oa ho Bapisa/Tshaeno
Pakete e 'ngoe le e 'ngoe e hlahlojoa hore na e bapalitsoe khahlanong le database ea litlhaselo tsa marang-rang tse tsejoang ke firewall e nang le bokhoni ba sistimi ea ho lemoha ho kenella (IDS). IDS e batla mekhoa e itseng e tsebahalang e kotsi 'me e tima sephethephethe ha mekhoa e kotsi e fumanoa. Bothata ba leano la ho bapisa matšoao ke hore le sebetsa feela ho matšoao a ntlafatsoang khafetsa. Ho phaella moo, theknoloji ena e ka itšireletsa feela khahlanong le litšokelo kapa litlhaselo tse tsejoang.
Mokhelo oa Protocole
Kaha mokhoa oa ho khetholla protocol ha o lumelle feela data eohle e sa tsamaellaneng le database ea ho saena, mokhoa oa ho khetholla protocol o sebelisoang ke firewall ea IDS ha o na mefokolo ea tlhaho ea mokhoa oa ho bapisa mohlala/saena. Ho e-na le hoo, o amohela leano la kamehla la ho hana. Ka tlhaloso ea protocol, li-firewall li etsa qeto ea hore na ke sephethephethe sefe se lokelang ho lumelloa 'me li sireletsa marang-rang ho tsoa litšokelong tse sa tsejoeng.
Sistimi ea Thibelo ea ho Kena ka Matsoho (IPS)
Litharollo tsa IPS li ka thibela phetiso ea lipakete tse kotsi ho latela litaba tsa tsona, ka hona li emisa litlhaselo tse belaelloang ka nako ea sebele. Sena se bolela hore haeba pakete e emela kotsi ea ts'ireletso e tsejoang, IPS e tla thibela sephethephethe sa marang-rang ka mokhoa o ikemetseng ho latela melao e hlalositsoeng. Bothata bo bong ba IPS ke tlhoko ea ho ntlafatsa database ea litšokelo tsa inthanete khafetsa ka lintlha tse mabapi le litšokelo tse ncha, le monyetla oa lintho tse fosahetseng tse ntle. Empa kotsi ena e ka fokotsoa ka ho theha maano a bolokang le meeli e ikhethileng, ho theha boitšoaro bo loketseng ba motheo bakeng sa likarolo tsa marang-rang, le ho hlahloba litemoso nako le nako le liketsahalo tse tlalehiloeng ho ntlafatsa tlhokomelo le temoso.
1- DPI (Tlhahlobo e Tebileng ea Lipakete) ho Morekisi oa Lipakete tsa Marang-rang
Papiso ea "tebileng" ke ea boemo le ea pakete e tloaelehileng, "tlhahlobo e tloaelehileng ea pakete" feela tlhahlobo e latelang ea lera la pakete ea IP ea 4, ho kenyeletsoa aterese ea mohloli, aterese ea moo ho eang teng, koung ea mohloli, koung ea moo ho eang teng le mofuta oa protocol, le DPI ntle le tlhahlobo ea maemo, hape e ekelitse tlhahlobo ea lera la kopo, ho khetholla lits'ebetso tse fapaneng le litaba, ho hlokomela mesebetsi e meholo:
1) Tlhahlobo ea Ts'ebeliso -- tlhahlobo ea sebopeho sa sephethephethe sa marang-rang, tlhahlobo ea ts'ebetso, le tlhahlobo ea phallo
2) Tlhahlobo ea Basebelisi -- phapang ea lihlopha tsa basebelisi, tlhahlobo ea boitšoaro, tlhahlobo ea bofelo, tlhahlobo ea mekhoa, jj.
3) Tlhahlobo ea Likarolo tsa Marang-rang -- tlhahlobo e ipapisitseng le litšobotsi tsa libaka (toropo, setereke, seterata, jj.) le mojaro oa seteishene sa motheo
4) Taolo ea Sephethephethe -- Moeli oa lebelo la P2P, Tiisetso ea QoS, Tiisetso ea bandwidth, ntlafatso ea lisebelisoa tsa marang-rang, jj.
5) Tiisetso ea Tšireletso -- Litlhaselo tsa DDoS, sefefo sa phatlalatso ea data, thibelo ea litlhaselo tsa vaerase tse kotsi, jj.
2- Tlhophiso e Akaretsang ea Likopo tsa Marang-rang
Kajeno ho na le mananeo a mangata Inthaneteng, empa mananeo a tloaelehileng a webo a ka ba a felletseng.
Ho ea kamoo ke tsebang kateng, k'hamphani e ntle ka ho fetisisa ea ho lemoha lisebelisoa ke Huawei, e ipolelang hore e lemoha lisebelisoa tse 4,000. Tlhahlobo ea protocol ke module ea motheo ea lik'hamphani tse ngata tsa firewall (Huawei, ZTE, jj.), 'me hape ke module ea bohlokoa haholo, e tšehetsang ho phethahala ha li-module tse ling tse sebetsang, ho tsebahatsa lits'ebetso ka nepo, le ho ntlafatsa haholo ts'ebetso le ts'epo ea lihlahisoa. Ha ho etsoa mohlala oa ho tsebahatsa malware ho latela litšobotsi tsa sephethephethe sa marang-rang, joalo ka ha ke ntse ke etsa hona joale, ho tsebahatsa protocol ka nepo le ka botlalo le hona ho bohlokoa haholo. Ntle le sephethephethe sa marang-rang sa lits'ebetso tse tloaelehileng ho tsoa sephethephetheng sa kantle ho naha sa k'hamphani, sephethephethe se setseng se tla ikarabella bakeng sa karolo e nyane, e leng se betere bakeng sa tlhahlobo ea malware le alamo.
Ho latela phihlelo ea ka, lits'ebetso tse sebelisoang hangata li arotsoe ho latela mesebetsi ea tsona:
PS: Ho ea ka kutloisiso ea botho ea sehlopha sa kopo, u na le litlhahiso tse ntle tseo u ka li amohelang ho siea tlhahiso ea molaetsa.
1). Imeile
2). Video
3). Lipapali
4). Sehlopha sa OA sa Ofisi
5). Ntlafatso ea software
6). Ditjhelete (banka, Alipay)
7). Li-stock
8). Puisano ea Sechaba (software ea IM)
9). Ho bala webo (mohlomong ho tsebahala haholoanyane ka li-URL)
10). Lisebelisoa tsa ho jarolla (disk ea webo, ho jarolla P2P, tse amanang le BT)
Ebe, mokhoa oo DPI (Deep Packet Inspection) e sebetsang ka oona ho NPB:
1). Ho Tšoara Pakete: NPB e hapa sephethephethe sa marang-rang ho tsoa mehloling e fapaneng, joalo ka li-switch, li-router, kapa li-tap. E amohela lipakete tse phallang marang-rang.
2). Ho Sekaseka Pakete: Dipakete tse hapilweng di sekaseka ke NPB ho ntsha dikarolo tse fapaneng tsa protocol le data e amanang le yona. Tshebetso ena ya ho sekaseka e thusa ho hlwaya dikarolo tse fapaneng ka hara dipakete, tse kang dihlooho tsa Ethernet, dihlooho tsa IP, dihlooho tsa dikarolo tsa dipalangwang (mohlala, TCP kapa UDP), le diprotokole tsa dikarolo tsa tshebediso.
3). Tlhahlobo ea Moroalo oa Moputso: Ka DPI, NPB e feta tlhahlobo ea hlooho 'me e shebana le mojaro oa moputso, ho kenyeletsoa le data ea 'nete ka har'a lipakete. E hlahloba ka botebo litaba tsa mojaro oa moputso, ho sa tsotelehe ts'ebeliso kapa protocol e sebelisitsoeng, ho ntša tlhahisoleseling e amehang.
4). Tlhahlobo ea Protocol: DPI e nolofalletsa NPB ho khetholla liprothoko le lits'ebetso tse itseng tse sebelisoang ka har'a sephethephethe sa marang-rang. E ka lemoha le ho arola liprothoko tse kang HTTP, FTP, SMTP, DNS, VoIP, kapa liprothoko tsa ho phallela video.
5). Tlhahlobo ea Dikahare: DPI e lumella NPB ho hlahloba dikahare tsa dipakete bakeng sa dipaterone tse itseng, ditshaeno, kapa mantswe a bohlokwa. Sena se nolofalletsa ho lemoha ditshoso tsa marangrang, tse kang malware, divaerase, boiteko ba ho kena-kenana, kapa mesebetsi e belaetsang. DPI e ka boela ya sebediswa bakeng sa ho sefa dikahare, ho tiisa maano a marangrang, kapa ho hlwaya ditlolo tsa ho latela melao ya data.
6). Ho Ntša Metadata: Nakong ea DPI, NPB e ntša metadata e amehang lipaketeng. Sena se ka kenyelletsa tlhahisoleseling e kang liaterese tsa IP tsa mohloli le tsa moo li eang teng, linomoro tsa kou, lintlha tsa seboka, data ea transaction, kapa litšobotsi life kapa life tse amehang.
7). Tsela ea Sephethephethe kapa ho Sefa: Ho latela tlhahlobo ea DPI, NPB e ka tsamaisa lipakete tse itseng ho ea libakeng tse khethiloeng bakeng sa ts'ebetso e tsoelang pele, joalo ka lisebelisoa tsa ts'ireletso, lisebelisoa tsa ho beha leihlo, kapa li-platform tsa tlhahlobo. E ka boela ea sebelisa melao ea ho sefa ho lahla kapa ho fetisetsa lipakete ho latela litaba kapa mekhoa e khethiloeng.
Nako ea poso: Phuptjane-25-2023
