Yuav kom txheeb xyuas tau cov tsheb khiav hauv network, nws yog ib qho tsim nyog xa cov ntaub ntawv network mus rau NTOP/NPROBE lossis Out-of-band Network Security and Monitoring Tools. Muaj ob txoj kev daws teeb meem rau qhov teeb meem no:
Kev Mirroring Chaw Nres Nkoj(kuj tseem hu ua SPAN)
Network Tap(tseem hu ua Replication Tap, Aggregation Tap, Active Tap, Copper Tap, Ethernet Tap, thiab lwm yam)
Ua ntej piav qhia txog qhov sib txawv ntawm ob qho kev daws teeb meem (Port Mirror thiab Network Tap), nws yog ib qho tseem ceeb kom nkag siab tias Ethernet ua haujlwm li cas. Ntawm 100Mbit thiab siab dua, cov tswv tsev feem ntau hais lus hauv full duplex, txhais tau tias ib tus tswv tsev tuaj yeem xa (Tx) thiab tau txais (Rx) tib lub sijhawm. Qhov no txhais tau tias ntawm 100 Mbit cable txuas nrog ib tus tswv tsev, tag nrho cov tsheb khiav hauv network uas ib tus tswv tsev tuaj yeem xa / txais (Tx / Rx)) yog 2 × 100 Mbit = 200 Mbit.
Qhov Port mirroring yog qhov active packet replication, uas txhais tau tias lub network device yog lub luag haujlwm rau kev theej cov packet mus rau qhov mirrored port.
Qhov no txhais tau hais tias lub cuab yeej yuav tsum ua txoj haujlwm no los ntawm kev siv qee qhov peev txheej (xws li CPU), thiab ob qho kev taw qhia tsheb khiav yuav raug rov ua dua rau tib qho chaw nres nkoj. Raws li tau hais ua ntej, hauv Ib qho txuas duplex tag nrho, qhov no txhais tau tias
A - > B thiab B -> A
Tus lej ntawm A yuav tsis tshaj qhov ceev ntawm lub network ua ntej pob ntawv poob. Qhov no yog vim tias tsis muaj qhov chaw rau theej cov pob ntawv. Nws hloov tawm tias qhov chaw nres nkoj mirroring yog ib txoj kev zoo vim nws tuaj yeem ua tau los ntawm ntau lub switches (tab sis tsis yog txhua tus), vim tias feem ntau ntawm cov switches nrog qhov tsis zoo ntawm pob ntawv poob, yog tias koj saib xyuas qhov txuas nrog ntau dua 50% thauj khoom, lossis mirror cov chaw nres nkoj rau ntawm qhov chaw nres nkoj sai dua (piv txwv li mirror 100 Mbit chaw nres nkoj rau ntawm qhov chaw nres nkoj 1 Gbit). Tsis txhob hais tias pob ntawv mirroring yuav xav tau kev pauv cov peev txheej hloov pauv, uas yuav thauj khoom lub cuab yeej thiab ua rau kev ua haujlwm pauv poob qis. Nco ntsoov tias koj tuaj yeem txuas 1 chaw nres nkoj rau ib qho chaw nres nkoj, lossis 1 VLAN rau ib qho chaw nres nkoj, tab sis feem ntau koj tsis tuaj yeem theej ntau qhov chaw nres nkoj rau 1. (Yog li ntawd raws li pob ntawv iav) ploj lawm.
Ib Lub Network TAP (Terminal Access Point)yog ib qho khoom siv kho vajtse uas tsis siv neeg kiag li, uas tuaj yeem ntes cov tsheb khiav hauv lub network yam tsis siv neeg. Nws feem ntau siv los saib xyuas cov tsheb khiav ntawm ob lub ntsiab lus hauv lub network. Yog tias lub network ntawm ob lub ntsiab lus no muaj ib txoj hlua fais fab, lub network TAP yuav yog txoj hauv kev zoo tshaj plaws los ntes cov tsheb khiav.
Lub network TAP muaj tsawg kawg yog peb qhov chaw nres nkoj: ib qho chaw nres nkoj A, ib qho chaw nres nkoj B, thiab ib qho chaw nres nkoj saib xyuas. Yuav kom muab ib lub kais dej tso rau ntawm cov ntsiab lus A thiab B, cov xov hlau network ntawm qhov chaw A thiab qhov chaw B raug hloov nrog ob lub xov hlau, ib qho mus rau qhov chaw nres nkoj A ntawm TAP, lwm qhov mus rau qhov chaw nres nkoj B ntawm TAP. Lub TAP hla tag nrho cov tsheb khiav ntawm ob qho chaw network, yog li lawv tseem txuas nrog ib leeg. Lub TAP kuj theej cov tsheb khiav mus rau nws qhov chaw nres nkoj saib xyuas, yog li ua rau lub cuab yeej tshuaj xyuas mloog tau.
Cov TAPs hauv Network feem ntau siv los ntawm cov khoom siv saib xyuas thiab sau cov ntaub ntawv xws li APS. Cov TAPs kuj tseem siv tau rau hauv cov ntawv thov kev ruaj ntseg vim tias lawv tsis pom kev, tsis pom ntawm lub network, tuaj yeem cuam tshuam nrog cov tes hauj lwm puv-duplex thiab cov tes hauj lwm tsis sib koom, thiab feem ntau yuav hla dhau cov tsheb khiav txawm tias lub kais tsis ua haujlwm lossis poob hluav taws xob.
Vim tias Network Taps ports tsis tau txais tab sis tsuas yog xa xwb, lub switch tsis paub leej twg zaum tom qab cov ports. Qhov tshwm sim yog tias nws tshaj tawm cov pob ntawv mus rau txhua qhov ports. Yog li ntawd, yog tias koj txuas koj lub cuab yeej saib xyuas rau lub switch, lub cuab yeej ntawd yuav tau txais tag nrho cov pob ntawv. Nco ntsoov tias lub tshuab no ua haujlwm yog tias lub cuab yeej saib xyuas tsis xa cov pob ntawv mus rau lub switch; txwv tsis pub, lub switch yuav xav tias cov pob ntawv tapped tsis yog rau lub cuab yeej ntawd. Txhawm rau ua tiav qhov ntawd, koj tuaj yeem siv lub network cable uas koj tsis tau txuas cov xov hlau TX, lossis siv IP-less (thiab DHCP-less) network interface uas tsis xa cov pob ntawv hlo li. Thaum kawg nco ntsoov tias yog tias koj xav siv lub tap rau tsis poob cov pob ntawv, ces tsis txhob sib koom ua ke lossis siv lub switch uas cov lus qhia tapped qeeb dua (piv txwv li 100 Mbit) dua li qhov chaw sib koom ua ke (piv txwv li 1 Gbit).
Yog li, Yuav ua li cas ntes Network Traffic? Network Taps vs Switch Ports Mirror
1- Kev teeb tsa yooj yim: Network Tap> Port Mirror
2- Kev Cuam Tshuam ntawm Kev Ua Haujlwm ntawm Network: Network Tap < Port Mirror
3- Kev ntes, kev theej, kev sib sau ua ke, kev xa mus rau lwm tus: Network Tap > Port Mirror
4- Lub Sijhawm Xa Mus Rau Lwm Lub Tsheb: Network Tap < Port Mirror
5- Lub Peev Xwm Ua Ntej Kev Thauj Mus Los: Network Tap > Port Mirror
Lub sijhawm tshaj tawm: Lub Peb Hlis-30-2022
