Menene aikin Ketare Na'urar Tsaro ta hanyar sadarwa?

Menene Ƙaddamarwa?

Ana yawan amfani da Kayan Tsaro na Network a tsakanin cibiyoyin sadarwa biyu ko fiye, kamar tsakanin cibiyar sadarwar ciki da cibiyar sadarwa ta waje. Na'urar Tsaro ta hanyar sadarwa ta hanyar nazarin fakitin cibiyar sadarwa, don tantance ko akwai barazana, bayan an sarrafa shi bisa ga wasu ka'idojin zirga-zirga don tura fakitin don fita, da kuma idan na'urar tsaro ta hanyar sadarwa ta lalace, misali, bayan gazawar wutar lantarki ko karo. , sassan cibiyar sadarwa da aka haɗa da na'urar sun katse daga juna. A wannan yanayin, idan kowace cibiyar sadarwa tana buƙatar haɗa juna, to dole ne Bypass ya bayyana.

Ayyukan Bypass, kamar yadda sunan ke nunawa, yana ba da damar cibiyoyin sadarwa guda biyu su haɗu ta jiki ba tare da wucewa ta tsarin na'urar tsaro ta hanyar sadarwa ta takamaiman yanayi mai jawowa ba (lalatawar wuta ko karo). Don haka, lokacin da na'urar tsaro ta hanyar sadarwa ta gaza, hanyar sadarwar da ke da alaƙa da na'urar Bypass na iya sadarwa tare da juna. Tabbas, na'urar sadarwar ba ta aiwatar da fakiti akan hanyar sadarwar.

ba tare da katse hanyar sadarwa ba

Ta yaya ake rarraba Yanayin Aikace-aikacen Ketare?

Kewaya ya kasu kashi-kashi zuwa hanyoyin sarrafawa ko jawowa, waɗanda sune kamar haka
1. Ya haifar da wutar lantarki. A wannan yanayin, aikin Bypass yana kunna lokacin da na'urar ta kashe. Idan na'urar ta kunna, za a kashe aikin Bypass nan take.
2. GPIO ke sarrafawa. Bayan shiga cikin OS, za ku iya amfani da GPIO don sarrafa takamaiman tashar jiragen ruwa don sarrafa maɓalli na Bypass.
3. Sarrafa ta Watchdog. Wannan haɓakawa ne na yanayin 2. Kuna iya amfani da Watchdog don sarrafa kunnawa da kashe shirin GPIO Bypass don sarrafa matsayin Bypass. Ta wannan hanyar, idan dandamali ya rushe, Watchdog na iya buɗe hanyar wucewa.
A aikace aikace, waɗannan jihohi guda uku sukan kasance a lokaci guda, musamman hanyoyin guda biyu 1 da 2. Hanyar aikace-aikacen gabaɗaya ita ce: lokacin da na'urar ta kashe, ana kunna Bypass. Bayan kunna na'urar, BIOS yana kunna Bypass. Bayan BIOS ya karɓi na'urar, ana kunna Bypass har yanzu. Kashe hanyar wucewa domin aikace-aikacen ya yi aiki. Yayin duk aikin farawa, kusan babu yanke haɗin yanar gizo.

Gane bugun zuciya

Menene Ka'idar aiwatar da Ketare?

1. Matsayin Hardware
A matakin kayan masarufi, ana amfani da relays musamman don cimma Ketare. Ana haɗa waɗannan relay zuwa igiyoyin sigina na tashoshin sadarwa na Bypass guda biyu. Hoto mai zuwa yana nuna yanayin aiki na relay ta amfani da kebul na sigina ɗaya.
Ɗauki mai kunna wuta a matsayin misali. Dangane da gazawar wutar lantarki, na'urar da ke cikin na'urar za ta yi tsalle zuwa yanayin 1, wato, Rx akan ma'aunin RJ45 na LAN1 zai haɗa kai tsaye zuwa RJ45 Tx na LAN2, kuma lokacin da na'urar ta kunna, mai kunnawa zai kasance. haɗi zuwa 2. Ta wannan hanyar, idan ana buƙatar sadarwar cibiyar sadarwa tsakanin LAN1 da LAN2, kuna buƙatar yin hakan ta hanyar aikace-aikacen da ke kan na'urar.
2. Matsayin Software
A cikin rarrabuwa na Bypass, GPIO da Watchdog an ambaci su don sarrafawa da jawo hanyar wucewa. A haƙiƙa, duka waɗannan hanyoyi guda biyu suna aiki da GPIO, sannan GPIO ke sarrafa relay akan kayan aikin don yin tsalle mai dacewa. Musamman, idan aka saita GPIO daidai zuwa babban matakin, relay zai yi tsalle zuwa matsayi na 1 daidai, yayin da idan an saita kofin GPIO zuwa ƙananan matakin, relay zai yi tsalle zuwa matsayi na 2 daidai.

Domin Watchdog Bypass, a zahiri an ƙara wa Watchdog iko Bypass bisa tushen ikon GPIO a sama. Bayan mai sa ido ya fara aiki, saita aikin don kewayawa akan BIOS. Tsarin yana kunna aikin sa ido. Bayan mai sa ido ya fara aiki, ana kunna madaidaicin hanyar hanyar sadarwa ta hanyar sadarwa kuma na'urar ta shiga cikin yanayin kewayawa. A gaskiya ma, GPIO ma ke sarrafa Bypass, amma a wannan yanayin, Watchdog ne ke yin rubutun ƙananan matakan zuwa GPIO, kuma ba a buƙatar ƙarin shirye-shirye don rubuta GPIO.

Ayyukan Kewaye kayan aikin aikin tilas ne na samfuran tsaro na cibiyar sadarwa. Lokacin da aka kashe na'urar ko ta fadi, ana haɗa tashar jiragen ruwa na ciki da na waje don samar da kebul na cibiyar sadarwa. Ta wannan hanyar, zirga-zirgar bayanai na iya wucewa ta cikin na'urar kai tsaye ba tare da tasirin yanayin na'urar ba.

Babban Samuwar (HA) Aikace-aikacen:

Mylinking™ yana ba da mafita mai girma biyu (HA), Active/A jiran aiki da Active/Active. Active Standby (ko mai aiki/m) tura zuwa kayan aikin taimako don samar da gazawa daga na'urar farko zuwa na'urorin ajiya. Kuma Active/Active Deployed to redundry links don samar da gazawar lokacin da kowace na'ura mai aiki ta gaza.

HA1

Mylinking™ Bypass TAP yana goyan bayan manyan kayan aikin layi guda biyu, ana iya tura su a cikin Maganin Active/Trandby. Ɗaya yana aiki azaman na'urar farko ko "Active". Na'urar jiran aiki ko "Passive" har yanzu tana karɓar zirga-zirga ta ainihin lokacin ta cikin jerin Bypass amma ba a ɗaukarsa azaman na'urar layi. Wannan yana ba da jan aiki na "Hot Standby". Idan na'urar da ke aiki ta gaza kuma TAP ta Bypass ta daina karɓar bugun zuciya, na'urar jiran aiki tana ɗauka ta atomatik azaman na'urar farko kuma ta zo kan layi nan da nan.

HA2

Menene Fa'idodin da za ku iya samu dangane da Wayi namu?

1-Kaddamar da zirga-zirga kafin da bayan kayan aikin layi (kamar WAF, NGFW, ko IPS) zuwa kayan aikin waje
2- Sarrafa kayan aikin layi da yawa a lokaci guda yana sauƙaƙa tarin tsaro kuma yana rage rikitar cibiyar sadarwa.
3- Yana ba da tacewa, tarawa, da daidaita kaya don hanyoyin haɗin layi
4-Rage kasadar rashin shiri ba tare da shiri ba
5-Rashin kasala, wadatuwa da yawa [HA]


Lokacin aikawa: Dec-23-2021