U hloka ho tseba eng ka Network Security?

Network Packet Brokerlisebelisoa li sebetsa Sephethephethe sa Marang-rang e le hore lisebelisoa tse ling tsa ho beha leihlo, tse kang tse inehetseng ho tlhahlobo ea ts'ebetso ea Marang-rang le ts'ireletso e amanang le ts'ireletso, li ka sebetsa ka mokhoa o atlehileng haholoanyane. Likarolo li kenyelletsa ho sefa lipakete ho tseba maemo a kotsi, meroalo ea lipakete, le ho kenya setempe sa linako tse thehiloeng ho Hardware.

Tšireletso ea Marang-rang

Network Security Architecte bua ka sehlopha sa boikarabello bo amanang le meralo ea ts'ireletso ea leru, meralo ea ts'ireletso ea Marang-rang, le meralo ea ts'ireletso ea data. Ho itšetlehile ka boholo ba mokhatlo, ho ka 'na ha e-ba le setho se le seng se ikarabellang bakeng sa sebaka ka seng. Ntle le moo, mokhatlo o ka khetha mookameli. Ka tsela efe kapa efe, mekhatlo e hloka ho hlalosa hore na ke mang ea ikarabellang le ho ba fa matla a ho etsa liqeto tsa bohlokoahali.

Network Risk Assessment ke lethathamo le feletseng la litsela tseo ka tsona litlhaselo tse lonya kapa tse fosahetseng li ka sebelisoang ho hokahanya mehloli. Tlhahlobo e felletseng e lumella mokhatlo ho hlalosa likotsi le ho li fokotsa ka taolo ea ts'ireletso. Likotsi tsena li ka kenyelletsa:

-  Kutloisiso e sa lekaneng ea litsamaiso kapa lits'ebetso

-  Mekhoa eo ho leng thata ho lekanya maemo a kotsi

-  Sistimi ea "hybrid" e tobaneng le likotsi tsa khoebo le tekheniki

Ho theha likhakanyo tse sebetsang hantle ho hloka tšebelisano lipakeng tsa IT le bankakarolo ba khoebo ho utloisisa boholo ba kotsi. Ho sebetsa 'moho le ho theha mokhoa oa ho utloisisa setšoantšo se pharaletseng sa kotsi ho bohlokoa joalo ka ha ho behiloe kotsi ea ho qetela.

Zero Trust Architecture (ZTA)ke paradigm ea ts'ireletso ea marang-rang e nahanang hore baeti ba bang ba marang-rang ba kotsi le hore ho na le libaka tse ngata tsa ho fihlella tse lokelang ho sireletsoa ka ho feletseng. Ka hona, ka katleho sireletsa thepa ho marang-rang ho e-na le marang-rang ka boeona. Kaha e amahanngoa le mosebedisi, moemeli o etsa qeto ea hore na o tla amohela kopo e 'ngoe le e' ngoe ea phihlello e ipapisitseng le boemo ba kotsi bo baloang ho latela motsoako oa maemo a kang ts'ebeliso, sebaka, mosebelisi, sesebelisoa, nako, kutloisiso ea data, joalo-joalo. Joalo ka ha lebitso le bolela, ZTA ke moaho, eseng sehlahisoa. U ke ke ua e reka, empa u ka e ntlafatsa ho latela likarolo tse ling tsa tekheniki eo e nang le eona.

tshireletso ya marangrang

Network Firewallke sehlahisoa sa ts'ireletso se holileng le se tsebahalang se nang le letoto la likarolo tse etselitsoeng ho thibela phihlello e tobileng ea lits'ebetso tsa mokhatlo o hlophisitsoeng le li-server tsa data. Li-firewall tsa marang-rang li fana ka phetoho bakeng sa marang-rang a ka hare le leru. Bakeng sa leru, ho na le linyehelo tsa maru-centric, hammoho le mekhoa e sebelisoang ke bafani ba IaaS ho kenya ts'ebetsong tse ling tsa bokhoni bo tšoanang.

Secureweb Gatewaye fetohile ho tloha ho ho ntlafatsa marang-rang a marang-rang ho isa ho ho sireletsa basebelisi litlhaselong tse lonya tse tsoang Marang-rang. Ho sefa URL, anti-virus, decryption le tlhahlobo ea libaka tsa marang-rang tse fihletsoeng ka HTTPS, thibelo ea ts'ebetso ea data (DLP), le mefuta e fokolang ea ts'ireletso ea phihlello ea maru (CASB) joale ke likarolo tse tloaelehileng.

Remote Accesse itšetlehile haholo ka VPN, empa e ntse e eketseha ka phihlello ea marang-rang ea zero-trust (ZTNA), e nolofalletsang basebelisi ho fihlella lits'ebetso tsa motho ka mong ba sebelisa liprofaele tsa litaba ntle le ho bonahala ho thepa.

Sistimi ea Thibelo ea ho Thibela (IPS)thibela bofokoli bo sa tsitsang ho hlaseloa ka ho hokahanya lisebelisoa tsa IPS ho li-server tse sa ngolisoang ho lemoha le ho thibela litlhaselo. Bokhoni ba IPS hangata bo kenyellelitsoe lihlahisoa tse ling tsa ts'ireletso, empa ho ntse ho na le lihlahisoa tse ikemetseng. IPS e se e qala ho phahama hape ha taolo ea tlhaho ea maru e ba kenya tšebetsong butle.

Taolo ea phihlello ea Marang-range fana ka ponahalo ho litaba tsohle tse ho Marang-rang le taolo ea phihlello ho meaho ea marang-rang e thehiloeng leanong. Melao e ka hlalosa phihlello ho ipapisitsoe le karolo ea mosebelisi, netefatso, kapa likarolo tse ling.

Ho hloekisoa ha DNSke tšebeletso e fanoeng ke morekisi e sebetsang e le domain name ea mokhatlo ho thibela basebelisi ba ho qetela (ho kenyeletsoa le basebetsi ba hole) ho kena libakeng tse sa tumang.

DDoSmitigation (DDoS Mitigation)e fokotsa phello e senyang ea ho hana ho hanoa ha litlhaselo tsa litšebeletso marang-rang. Sehlahisoa se nka mekhoa e mengata ea ho sireletsa lisebelisoa tsa marang-rang ka har'a firewall, tse rometsoeng ka pel'a marang-rang a marang-rang, le ba ka ntle ho mokhatlo o hlophisitsoeng, joalo ka marang-rang a lisebelisoa tse tsoang ho bafani ba litšebeletso tsa Inthanete kapa ho fana ka litaba.

Taolo ea Leano la Tšireletso ea Marang-rang (NSPM)e kenyelletsa ho hlahloba le ho hlahloba ho ntlafatsa melao e laolang Network Security, hammoho le phetoho ea tsamaiso ea tsamaiso, tlhahlobo ea melao, tlhahlobo ea ho lumellana le pono le pono. Sesebelisoa sa NSPM se ka sebelisa 'mapa oa marang-rang oa pono ho bonts'a lisebelisoa tsohle le melao ea phihlello ea firewall e koahelang litsela tse ngata tsa marang-rang.

Microsegmentationke mokhoa o thibelang litlhaselo tsa marang-rang tse seng li ntse li etsahala hore li se ke tsa tsamaea li tšekaletse ho fihlela matlotlo a bohlokoa. Lisebelisoa tsa Microisolation bakeng sa ts'ireletso ea marang-rang li oela likarolong tse tharo:

-  Lisebelisoa tse thehiloeng marang-rang tse sebelisoang mocheng oa marang-rang, hangata li kopane le marang-rang a hlalositsoeng ke software, ho sireletsa thepa e amanang le marang-rang.

-  Lisebelisoa tse thehiloeng ho hypervisor ke mefuta ea khale ea likarolo tse fapaneng ho ntlafatsa ponahalo ea sephethephethe sa marang-rang se tsamaeang pakeng tsa li-hypervisors.

-  Lisebelisoa tse thehiloeng ho baemeli tse kenyang liakhente ho batho bao ba batlang ho ba arola ho tsoa ho marang-rang a mang; Tharollo ea moemeli ea amohelang e sebetsa ka mokhoa o ts'oanang bakeng sa mesebetsi e mengata ea maru, meroalo ea mesebetsi ea hypervisor, le li-server tsa 'mele.

Secure Access Service Edge (SASE)ke moralo o hlahang o kopanyang bokhoni bo felletseng ba ts'ireletso ea marang-rang, joalo ka SWG, SD-WAN le ZTNA, hammoho le bokhoni bo felletseng ba WAN ho ts'ehetsa litlhoko tse Sireletsehileng tsa Mekhatlo. SASE e na le mohopolo ho feta moralo, e ikemiselitse ho fana ka mofuta o kopaneng oa ts'ebeletso ea ts'ireletso o fanang ka ts'ebetso ho marang-rang ka mokhoa o qhekellang, o feto-fetohang le o sa sebetseng hantle.

Tšebeliso le Karabelo ea Marang-rang (NDR)e tsoela pele ho sekaseka sephethephethe le sephethephethe le lits'oants'o tsa sephethephethe ho rekota boits'oaro bo tloaelehileng ba Marang-rang, e le hore ho ka tsebahatsoa li-anomalies le ho hlokomelisoa mekhatlo. Lisebelisoa tsena li kopanya ho ithuta ka mochini (ML), heuristics, analysis, le ho lemoha ho latela melao.

DNS Security Extensionske li-add-on ho protocol ea DNS 'me li etselitsoe ho netefatsa likarabo tsa DNS. Melemo ea ts'ireletso ea DNSSEC e hloka ho saena ka dijithale ho data e netefalitsoeng ea DNS, ts'ebetso e matla ea processor.

Firewall as a Service (FWaaS)ke theknoloji e ncha e amanang haufi-ufi le SWGS e thehiloeng marung. Phapang e teng ka meralo ea meralo, moo FWaaS e tsamaisang likhokahano tsa VPN lipakeng tsa li-endpoints le lisebelisoa tse pheletsong ea marang-rang, hammoho le polokelo ea ts'ireletso marung. E ka boela ea hokahanya basebelisi ba ho qetela lits'ebeletso tsa lehae ka lithanele tsa VPN. FWaaS hajoale ha e tloaelehe haholo ho feta SWGS.


Nako ea poso: Mar-23-2022