Duba Fakiti Mai Zurfi (DPI)wata fasaha ce da ake amfani da ita a cikin Network Packet Brokers (NPBs) don duba da kuma nazarin abubuwan da ke cikin fakitin cibiyar sadarwa a matakin girma. Ya ƙunshi bincika nauyin da ake buƙata, kanun labarai, da sauran bayanai na musamman game da yarjejeniya a cikin fakiti don samun cikakkun bayanai game da zirga-zirgar hanyar sadarwa.
DPI ya wuce nazarin kanun labarai mai sauƙi kuma yana ba da zurfin fahimtar bayanai da ke gudana ta hanyar hanyar sadarwa. Yana ba da damar yin bincike mai zurfi na ka'idojin layin aikace-aikacen, kamar HTTP, FTP, SMTP, VoIP, ko ka'idojin yawo bidiyo. Ta hanyar bincika ainihin abubuwan da ke cikin fakiti, DPI na iya gano da kuma gano takamaiman aikace-aikace, ka'idoji, ko ma takamaiman tsare-tsaren bayanai.
Baya ga nazarin tsari na adiresoshin tushe, adiresoshin inda za a je, tashoshin tushe, tashoshin da za a je, da nau'ikan yarjejeniya, DPI kuma yana ƙara nazarin Layer-applications don gano aikace-aikace daban-daban da abubuwan da ke cikinsu. Lokacin da fakitin 1P, bayanan TCP ko UDP ke gudana ta cikin tsarin sarrafa bandwidth bisa ga fasahar DPI, tsarin yana karanta abubuwan da ke cikin nauyin fakitin 1P don sake tsara bayanan Layer na aikace-aikace a cikin yarjejeniyar OSI Layer 7, don samun abubuwan da ke cikin shirin aikace-aikacen gaba ɗaya, sannan kuma yana tsara zirga-zirga bisa ga manufar gudanarwa da tsarin ya ayyana.
Ta yaya DPI ke aiki?
Tashar wuta ta gargajiya galibi ba ta da ikon sarrafawa don yin cikakken bincike na ainihin lokaci akan manyan zirga-zirgar ababen hawa. Yayin da fasaha ke ci gaba, ana iya amfani da DPI don yin bincike mai rikitarwa don duba kanun labarai da bayanai. Yawanci, tayoyin wuta tare da tsarin gano kutse galibi suna amfani da DPI. A cikin duniyar da bayanan dijital ke da mahimmanci, kowane yanki na bayanan dijital ana isar da shi ta Intanet a cikin ƙananan fakiti. Wannan ya haɗa da imel, saƙonnin da aka aika ta hanyar app, gidajen yanar gizo da aka ziyarta, tattaunawar bidiyo, da ƙari. Baya ga ainihin bayanan, waɗannan fakitin sun haɗa da metadata waɗanda ke gano tushen zirga-zirga, abun ciki, inda za a je, da sauran muhimman bayanai. Tare da fasahar tace fakiti, ana iya sa ido akai-akai da kuma sarrafa bayanai don tabbatar da an tura su zuwa wurin da ya dace. Amma don tabbatar da tsaron hanyar sadarwa, tace fakiti na gargajiya bai isa ba. Wasu daga cikin manyan hanyoyin duba fakiti mai zurfi a cikin gudanar da hanyar sadarwa an jera su a ƙasa:
Yanayin Daidaitawa/Sa hannu
Ana duba kowace fakiti don daidaitawa da bayanan hare-haren cibiyar sadarwa da aka sani ta hanyar firewall tare da ikon gano kutse (IDS). IDS yana bincika takamaiman tsare-tsare na mugunta da aka sani kuma yana hana zirga-zirga lokacin da aka sami tsare-tsare na mugunta. Rashin kyawun manufar daidaita sa hannu shine cewa yana aiki ne kawai ga sa hannu waɗanda ake sabuntawa akai-akai. Bugu da ƙari, wannan fasaha za ta iya kare kanta daga barazanar ko hare-hare da aka sani kawai.
Keɓancewa da Yarjejeniya
Tunda dabarar keɓewa ta yarjejeniya ba ta ba da damar duk bayanan da ba su dace da bayanan sa hannu ba, dabarar keɓewa ta yarjejeniya da aka yi amfani da ita ta hanyar wuta ta IDS ba ta da kurakuran da ke tattare da tsarin/hanyar daidaita sa hannu. Madadin haka, tana ɗaukar manufar ƙin amincewa ta asali. Ta hanyar ma'anar yarjejeniya, firewalls suna yanke shawara kan irin zirga-zirgar da ya kamata a yarda da ita kuma suna kare hanyar sadarwa daga barazanar da ba a sani ba.
Tsarin Rigakafin Kutse (IPS)
Maganin IPS na iya toshe watsa fakiti masu cutarwa bisa ga abubuwan da ke cikin su, ta haka ne za a dakatar da hare-hare da ake zargi a ainihin lokacin. Wannan yana nufin cewa idan fakitin yana wakiltar haɗarin tsaro da aka sani, IPS za ta toshe zirga-zirgar hanyar sadarwa bisa ga ƙa'idodi da aka ayyana. Ɗaya daga cikin rashin amfani da IPS shine buƙatar sabunta bayanan barazanar yanar gizo akai-akai tare da cikakkun bayanai game da sabbin barazanar, da kuma yiwuwar samun ingantattun bayanai na ƙarya. Amma ana iya rage wannan haɗarin ta hanyar ƙirƙirar manufofi masu ra'ayin mazan jiya da ƙa'idodi na musamman, kafa ɗabi'a mai dacewa ga abubuwan da ke cikin hanyar sadarwa, da kuma kimanta gargaɗin lokaci-lokaci da abubuwan da suka faru da aka ruwaito don haɓaka sa ido da faɗakarwa.
1- DPI (Dubawa Mai Zurfi) a cikin Dillalin Fakitin Sadarwa
"Zurfi" kwatancen nazarin fakitin matakin da na yau da kullun ne, "duba fakitin yau da kullun" kawai nazarin da ke ƙasa na fakitin IP 4 Layer, gami da adireshin tushe, adireshin wurin da za a je, tashar tushe, tashar maƙasudi da nau'in yarjejeniya, da DPI banda tare da nazarin matsayi, kuma ya ƙara nazarin matakin aikace-aikacen, gano aikace-aikace daban-daban da abubuwan da ke ciki, don cimma manyan ayyuka:
1) Binciken Aikace-aikace -- nazarin abubuwan da suka shafi zirga-zirgar hanyar sadarwa, nazarin aiki, da kuma nazarin kwararar bayanai
2) Binciken Masu Amfani -- bambance-bambancen rukunin masu amfani, nazarin halaye, nazarin ƙarshe, nazarin yanayin, da sauransu.
3) Binciken Abubuwan Cibiyar Sadarwa -- bincike bisa ga halayen yanki (birni, gunduma, titi, da sauransu) da nauyin tashar tushe
4) Kula da zirga-zirga -- iyakance saurin P2P, tabbatar da QoS, tabbatar da bandwidth, inganta albarkatun cibiyar sadarwa, da sauransu.
5) Tabbatar da Tsaro -- Hare-haren DDoS, guguwar watsa bayanai, hana hare-haren ƙwayoyin cuta masu cutarwa, da sauransu.
2- Rarraba Aikace-aikacen Cibiyar sadarwa Gabaɗaya
A yau akwai aikace-aikace marasa adadi a Intanet, amma aikace-aikacen yanar gizo na yau da kullun na iya zama cikakke.
Kamar yadda na sani, kamfanin da ya fi kowa sanin manhajoji shine Huawei, wanda ke ikirarin amincewa da manhajoji 4,000. Binciken yarjejeniya shine babban tsarin kamfanonin firewall da yawa (Huawei, ZTE, da sauransu), kuma shine muhimmin sashi, wanda ke tallafawa aiwatar da wasu manhajoji masu aiki, tantance aikace-aikace daidai, da kuma inganta aiki da amincin samfura. A cikin yin kwaikwayon gano malware bisa ga halayen zirga-zirgar hanyar sadarwa, kamar yadda nake yi yanzu, tantance yarjejeniya daidai kuma mai faɗi yana da matukar muhimmanci. Banda zirga-zirgar hanyar sadarwa na aikace-aikacen gama gari daga zirga-zirgar fitar da kaya daga kamfanin, sauran zirga-zirgar za su yi la'akari da ƙaramin kaso, wanda ya fi kyau don nazarin malware da faɗakarwa.
Dangane da gogewata, aikace-aikacen da ake amfani da su akai-akai ana rarraba su bisa ga ayyukansu:
PS: Dangane da fahimtar mutum game da rarrabuwar aikace-aikacen, kuna da duk wata shawara mai kyau da za ku iya barin shawarar saƙo
1). Imel
2). Bidiyo
3). Wasanni
4). Ajin OA na Ofis
5). Sabunta software
6). Kuɗi (banki, Alipay)
7). Hannun jari
8). Sadarwar Zamani (software na IM)
9). Binciken Yanar Gizo (watakila an fi gane shi da URLs)
10). Sauke kayan aikin (faifan yanar gizo, saukar da P2P, alaƙa da BT)
To, yadda DPI (Deep Packet Inspection) ke aiki a cikin NPB:
1) Kama Fakiti: NPB tana kama zirga-zirgar hanyar sadarwa daga tushe daban-daban, kamar maɓallan wuta, na'urorin sadarwa, ko famfo. Tana karɓar fakitin da ke gudana ta hanyar hanyar sadarwa.
2). Fakitin Fakiti: NPB ta yi nazarin fakitin da aka kama don fitar da layukan yarjejeniya daban-daban da bayanai masu alaƙa. Wannan tsarin fakitin yana taimakawa wajen gano sassa daban-daban a cikin fakitin, kamar kanun Ethernet, kanun IP, kanun layukan sufuri (misali, TCP ko UDP), da kuma ka'idojin layin aikace-aikace.
3). Binciken Nauyin Albashi: Tare da DPI, NPB ta wuce duba kan kai kuma ta mai da hankali kan nauyin albashi, gami da ainihin bayanan da ke cikin fakitin. Tana bincika abubuwan da ke cikin nauyin albashi cikin zurfi, ba tare da la'akari da aikace-aikacen ko yarjejeniyar da aka yi amfani da ita ba, don fitar da bayanai masu dacewa.
4). Gano Tsarin Sadarwa: DPI yana bawa NPB damar gano takamaiman ka'idoji da aikace-aikacen da ake amfani da su a cikin zirga-zirgar hanyar sadarwa. Yana iya ganowa da rarraba ka'idoji kamar HTTP, FTP, SMTP, DNS, VoIP, ko ka'idojin yawo bidiyo.
5). Duba Abubuwan da ke Ciki: DPI yana bawa NPB damar duba abubuwan da ke cikin fakiti don takamaiman tsari, sa hannu, ko kalmomin shiga. Wannan yana ba da damar gano barazanar hanyar sadarwa, kamar malware, ƙwayoyin cuta, yunƙurin kutse, ko ayyukan da ake zargi. Hakanan ana iya amfani da DPI don tace abun ciki, aiwatar da manufofin hanyar sadarwa, ko gano keta dokokin bin ka'ida.
6) Cire Bayanan Bayanai: A lokacin DPI, NPB tana cire bayanan bayanai masu dacewa daga fakiti. Wannan na iya haɗawa da bayanai kamar adiresoshin IP na tushe da na inda za a je, lambobin tashar jiragen ruwa, bayanan zaman, bayanan ma'amala, ko duk wani sifofi masu dacewa.
7). Hanyar Hanya ko Tacewa a Motoci: Dangane da nazarin DPI, NPB na iya tura takamaiman fakiti zuwa wurare da aka keɓe don ƙarin sarrafawa, kamar kayan aikin tsaro, kayan aikin sa ido, ko dandamali na nazari. Hakanan yana iya amfani da ƙa'idodin tacewa don jefar da fakiti ko tura su bisa ga abubuwan da aka gano ko alamu.
Lokacin Saƙo: Yuni-25-2023
