Netflow da ipfix da IPFIX sune fasahohin da aka yi amfani da su don saka idanu na mota da bincike. Suna bayar da kyakkyawar fahimta cikin tsarin zirga-zirgar zirga-zirgar cibiyar sadarwa, suna taimakawa wajen ingantawa, matsala, matsala, da bincike na tsaro.
Netflow:
Menene netflow?
Netflowshine asalin abin da ke gudana na gudana, wanda aka kirkira ta hanyar Cisco a ƙarshen 1990s. Da yawa iri daban-daban sun wanzu, amma yawancin abubuwan al'ajabi sun dogara ne akan ko dai netflow v5 ko Netflow v9. Duk da yake kowane nau'in yana da damar daban-daban, ainihin aikin ya kasance iri ɗaya:
Na farko, sauyawa, juyawa, Firewall, ko wani nau'in na'urar zai kama bayanai akan hanyar sadarwa da adireshin tafiye-tafiye, tushen, da kuma tashar jiragen ruwa. Bayan kwarara ya tafi dormant ko adadin lokacin da aka ƙaddara, na'urar zata fitar da bayanan da aka sani da na "mai tattara mai kwarara".
A ƙarshe, "mai bincike mai gudana" yana da ma'anar wadancan bayanan, yana ba da fahimta a cikin nau'in hangen nesa, ƙididdiga, da cikakken rahoto na tarihi da na ainihi. A aikace, masu tattara da nazarin da nazarin suna yawanci wani mutum guda ne, galibi hade cikin mafi kyawun hanyoyin sadarwa na cibiyar sadarwa.
Netflow yana aiki akan lokaci mai sauyawa. Lokacin da injin abokin ciniki ya kai ga sabar, Netflow zai fara kwace da kuma yawan tattara kwari daga kwarara. Bayan an dakatar da zaman, Netflow zai fitar da rikodin cikakken rikodin ga mai tattarawa.
Kodayake har yanzu ana amfani da shi da yawa, netflow v5 yana da yawan iyakoki. Ana tallafawa filayen da fitarwa, saka idanu kawai a cikin karkatar da kawai, da na zamani na zamani kamar IPV, MPLS, da vxlan ba su da goyan baya. Netflow v9, wanda aka yi alama azaman Nemo Nemo (FNF), suna magance wasu daga cikin waɗannan iyakoki, ƙyale masu amfani su gina samfuran al'ada da ƙara tallafi don fasahar zamani.
Masu iko da yawa kuma suna da nasu aiwatar da netflow, irin su JFlow daga Jamiper da netstream daga Huawei. Kodayake saitin yana iya bambanta ɗan ɗan lokaci, waɗannan ayyukan da ake amfani da shi sau da yawa samar da bayanan da suka dace da masu tattara kansu da nazarin.
Mabuɗin abubuwa na Nemo:
~ Bayanai: Netflow yana samar da bayanan kwarara waɗanda suka haɗa da cikakkun bayanai kamar tushe kuma adireshin IP manufa, tashar jiragen ruwa, fakiti da nau'ikan cakulan.
~ Kulawa da zirga-zirga: Netflow yana ba da gani ga hangen nesa cikin tsarin zirga-zirgar cibiyar sadarwa, yana ba da damar gudanarwa don gano manyan aikace-aikacen, ƙarshen, da tushen zirga-zirga.
~Gano Anomana: Ta nazarin bayanan kwarara, Netflow na gano anomalies irin su amfani da bandwidth mai amfani, cunkoso na cibiyar sadarwa, ko tsarin zirga-zirgar ababen hawa.
~ Binciken Tsaro: Ana iya amfani da Netflow don ganowa da bincika abubuwan da suka faru na aminci, kamar su rarraba hare-hare (DDOs) ko kuma kokarin samun damar shiga ko kuma kokarin samun izini.
Netflowglow: Netflow ya samo asali ne akan lokaci, kuma an sake su daban-daban. Wasu sigogi masu sanannu sun hada da netflow v5, netflow v9, da kuma setflow setflow. Kowane juyi yana gabatar da kayan haɓaka da ƙarin damar.
Ipfix:
Menene IPFIX?
Ka'idojin IetF wanda ya fito a farkon 2000s, Project Intanet Prortocol Flow (IPFIX) yana da matukar kama da Netflow. A zahiri, Netflow V9 ya yi aiki a matsayin tushen IPFIX. Babban bambanci tsakanin su biyun shine cewa iPfix shine babban daidaitaccen ma'auni, kuma dillalai da yawa suna tallafawa ban da Cisco. Bayan ban da ƙarin ƙarin ƙarin filayen da aka ƙara a IPFIX, tsarin ba in ba haka ba kusan iri ɗaya ne. A zahiri, wani lokacin ana kiransa wani lokacin da "Netflow v10".
Wadansu da bangare ga kamancewarta zuwa netflow, IPFIX suna jin daɗin tallafi a tsakanin hanyoyin shigar da hanyoyin sadarwa da kuma kayan aikin cibiyar sadarwa.
IPFIX (Bayanin Intanet na Intanet) shine ingantaccen daidaitaccen daidaitaccen tsari ta hanyar aikin injiniyan Injiniya (IEETF). Ya dogara ne akan bayanan netflowfication 4 da kuma samar da daidaitaccen tsari don fitarwa bayanan kwarara daga na'urorin cibiyar sadarwa.
IPFIX ya gina kan dabarun Nemo kuma yana fadada su don bayar da ƙarin sassauƙa da kuma ma'amala a dillalai daban-daban da na'urori. Yana gabatar da manufar shaci, bada izinin ma'anar ƙarfin rikodin tsarin da abun ciki. Wannan yana ba da haɗin filayen al'ada, goyan baya ga sabon ladabi, da haɓakawa.
Mabuɗin fasali na IPFIX:
~ Tsarin aiki: Ipfix yana amfani da shaci don ayyana tsarin da abun ciki na bayanan kwarara, yana ba da sassauƙa a cikin fannonin bayanai daban-daban da takamaiman bayanin martaba.
~ Abin yarda: Ipfix wani yanki ne na bude, yana tabbatar da daidaitattun matakan kwarara damar samarda damar fadin dillalai daban-daban da na'urori.
~ Tallafin IPV6: Ipfix dimake goyon bayan IPV6, sanya ya dace da saka idanu da kuma nazarin zirga-zirgar ababen hawa a cikin IPV6.
~Ingantaccen tsaro: IPFIX ya hada da fasalin tsaro kamar sufuri na tsaro (tls) da ɓoyewa da amincin saiti yayin watsa bayanai yayin watsa.
Masu sayar da kayan aikin yanar gizo suna tallafawa IPFix daban-daban, suna sa shi mai tsaka tsaki kuma riƙi riƙi zaɓi don saka idanu na cibiyar sadarwa.
Don haka, menene banbanci tsakanin wasan kwaikwayo da IPFIX?
Amsar da sauki ita ce cetflow shine Cisco Pricol Proprousal ya gabatar a kusa da 1996 kuma iPfix shine matsayinta na jikinsa da aka yarda da shi.
Dukkanin ladabi suna ba da manufa guda: Masu ba da izinin injiniyan sadarwa da masu gudanarwa don tattarawa da nazarin zirga-zangar Ip na cibiyar sadarwa. Cisco ya bunkasa netflow saboda juyawa da masu bautar da ke haifar da wannan mahimmin bayani. Ganin mamayewar kayan cisco, Netflow da sauri ya zama daidaitaccen ma'aunin zirga-zirgar hanyar sadarwa. Duk da haka, fafforan masana'antu da suka fahimci cewa ta amfani da yarjejeniya ta mallakar bangarori ta hanyar babban abokin hamayyarsa ba ta da wani kyakkyawan ra'ayi don daidaita kokarin bude shirin bude hanyar samar da zirga-zirgar, wacce IPFIX ce.
IPFIX ya dogara ne da sigar netflow 4 9 kuma an gabatar da asali a kusan 2005 amma ya ɗauki shekaru da yawa don samun tallafin masana'antu. A wannan gaba, ladabi biyu suna da mahimmanci iri ɗaya kuma duk da cewa har yanzu ana yabuwa da shi har yanzu ya fi dacewa da yawancin matakan IPFIX.
Ga tebur da ke taƙaita bambance-bambance tsakanin Netflow da IPFIX:
| Al'amari | Netflow | Ipfix |
|---|---|---|
| Tushe | Fasaha ta Proprietary ta ci gaba da Cisco | Tsarin yarjejeniya da aka samo asali ne a kan netflow version 9 |
| Daidaituwa | Takamaiman fasahar Cisco- | Ietf daidaitaccen ƙayyadadden da Ietf a cikin RFC 7011 |
| Sassauƙa | Takaita iri tare da takamaiman fasali | Sauƙaƙe sassauci da intropeability a kan dillalai |
| Tsarin bayanai | Kafaffen fakiti | Hanyar Template don tsarin rikodin rikodin |
| TAFIYA | Ba a tallafawa ba | Samfura mai tsauri don ƙarin filin filin |
| Goyon baya | Da farko cisco na'urorin | M goyon baya a kan dillalai na yanar gizo |
| M | Tasirin Talla | Hada da filayen al'ada da takamaiman bayanai |
| Bambance-bambance na yarjejeniya | Cisco-takamaiman bambance-bambancen | Tallafin IPV6 na asali, Inganta zaɓin rikodin rikodin |
| Kayan aikin tsaro | Limitedsarancin Tsaro | Shiga Tsaro na Layer (TLLS) Lissafi, amincin saƙo |
Kulawa na cibiyar sadarwaShin tarin, bincike, da kuma lura da zirga-zirgar zirga-zirga yana bin hanyar sadarwa da aka bayar ko kuma hanyar sadarwa. Makasudin na iya bambanta daga matsalolin haɗi na shirin tsara hanyoyin sarrafa bandwidth nan gaba. Saka saka idanu da fakiti smpling na iya kasancewa da amfani wajen ganowa da kuma magance matsalolin tsaro.
Kulawa na kwarara yana bawa kungiyoyin sadarwa mai kyau game da yadda hanyoyin sadarwa ke aiki, da kuma amfanin da ke iya sauya barazanar tsaro, kuma ƙarin mashahuri. Akwai ka'idojin da yawa daban-daban da abubuwan da aka yi amfani da su a cikin sa ido na hanyoyin sadarwa, gami da Netflow, Sflow, da kuma gabatarwar bayanan intanet (IPFIX). Kowane yana aiki a cikin wani dan kadan daban-daban, amma duk sun bambanta daga tashar jiragen ruwa mai zurfi da kuma binciken fakiti a cikin abin da fakiti ke wuce tashar jiragen ruwa ko ta hanyar juyawa. Koyaya, saka idanu na gudana yana samar da ƙarin bayani fiye da snpm, wanda yake gabaɗaya iyakance ga resididdigar ƙididdigar ƙasa kamar yadda ake amfani da fakiti da bandwidth amfani.
Kayan aikin cibiyar sadarwa idan aka kwatanta
| Siffa | Netflow v5 | Netflow v9 | sflow | Ipfix |
| Bude ko siyayya | Kasuwar hannu | Kasuwar hannu | Buɗe | Buɗe |
| Samfuri ko kwarara | Da farko yakan kwarara; Ana samun Yanayin Sampled | Da farko yakan kwarara; Ana samun Yanayin Sampled | Samfuri | Da farko yakan kwarara; Ana samun Yanayin Sampled |
| Bayanin da aka kama | Metadata da bayanan ƙididdiga, gami da ta hanyar canzawa, lissafin dubawa da sauransu | Metadata da bayanan ƙididdiga, gami da ta hanyar canzawa, lissafin dubawa da sauransu | Kammala taken da Packet, Partial Parttive | Metadata da bayanan ƙididdiga, gami da ta hanyar canzawa, lissafin dubawa da sauransu |
| Ciki / Kona Kulawa | Orge kawai | YAKE DA KYAUTA | YAKE DA KYAUTA | YAKE DA KYAUTA |
| IPV6 / VLAN / MPLS Tallafi | No | I | I | I |
Lokacin Post: Mar-18-2024
