Bypass TAP (disebut ogé saklar bypass) nyayogikeun port aksés anu aman pikeun alat kaamanan aktif anu dipasang sapertos IPS sareng firewall generasi salajengna (NGFWS). Saklar bypass dipasang antara alat jaringan sareng di payuneun alat kaamanan jaringan pikeun nyayogikeun titik isolasi anu tiasa dipercaya antara jaringan sareng lapisan kaamanan. Éta mawa dukungan lengkep ka jaringan sareng alat kaamanan pikeun nyingkahan résiko gangguan jaringan.
Solusi 1 1 Tautan Bypass Network Tap (Saklar Bypass) - Mandiri
Aplikasi:
Bypass Network Tap (Bypass Switch) nyambung ka dua alat jaringan ngaliwatan port Link sareng nyambung ka server pihak katilu ngaliwatan port Device.
Pemicu Bypass Network Tap (Bypass Switch) disetel ka Ping, anu ngirim pamundut Ping sacara berturut-turut ka server. Sakali server eureun ngaréspon ping, Bypass Network Tap (Bypass Switch) asup kana mode bypass.
Nalika server mimiti ngaréspon deui, Bypass Network Tap (Bypass Switch) bakal balik deui ka modeu throughput.
Aplikasi ieu ngan ukur tiasa dianggo ngalangkungan ICMP (Ping). Teu aya pakét denyut jantung anu dianggo pikeun ngawaskeun sambungan antara server sareng Bypass Network Tap (Bypass Switch).
Solusi 2 Broker Paket Jaringan + Keran Jaringan Bypass (Saklar Bypass)
Broker Paket Jaringan (NPB) + Ketok Jaringan Bypass (Saklar Bypass) -- Status normal
Aplikasi:
Bypass Network Tap (Bypass Switch) nyambung ka dua alat jaringan ngaliwatan port Link sareng ka Network Packet Broker (NPB) ngaliwatan port Device. Server pihak katilu nyambung ka Network Packet Broker (NPB) ngagunakeun 2 kabel tambaga x 1G. Network Packet Broker (NPB) ngirimkeun pakét heartbeat ka server ngaliwatan port #1 sareng hoyong nampi deui dina port #2.
Pemicu pikeun Bypass Network Tap (Bypass Switch) disetel ka REST, sareng Network Packet Broker (NPB) ngajalankeun aplikasi bypass.
Lalulintas dina modeu throughput:
Alat 1 ↔ Saklar Bypass/Ketok ↔ NPB ↔ Server ↔ NPB ↔ Saklar Bypass/Ketok ↔ Alat 2
Broker Paket Jaringan (NPB) + Bypass Network Tap (Bypass Switch) -- Bypass Perangkat Lunak
Pedaran Bypass Parangkat Lunak:
Upami Network Packet Broker (NPB) henteu ngadeteksi paket denyut jantung, éta bakal ngaktipkeun bypass perangkat lunak.
Konfigurasi Network Packet Broker (NPB) sacara otomatis dirobih pikeun ngirimkeun lalulintas anu lebet deui ka Bypass Network Tap (Bypass Switch), sahingga ngalebetkeun deui lalulintas kana tautan langsung kalayan leungitna pakét minimal.
Bypass Network Tap (Bypass Switch) teu kedah ngaréspon pisan sabab sadaya bypass dilakukeun ku Network Packet Broker (NPB).
Lalulintas dina Bypass Parangkat Lunak:
Alat 1 ↔ Saklar Bypass/Ketok ↔ NPB ↔ Saklar Bypass/Ketok ↔ Alat 2
Broker Paket Jaringan (NPB) + Bypass Network Tap (Saklar Bypass) -- Bypass perangkat keras
Pedaran Bypass Hardware:
Upami Network Packet Broker (NPB) gagal atanapi sambungan antara Network Packet Broker (NPB) sareng Bypass Network Tap (Bypass Switch) pegat, Bypass Network Tap (Bypass Switch) bakal ngalih ka mode bypass pikeun ngajaga tautan real-time tetep tiasa dianggo.
Nalika Bypass Network Tap (Bypass Switch) asup kana mode bypass, Network Packet Broker (NPB) sareng server éksternal bakal di-bypass sareng moal nampi lalu lintas naon waé dugi ka Bypass Network Tap (Bypass Switch) uih deui ka mode throughput.
Modeu bypass dipicu nalika Bypass Network Tap (Bypass Switch) teu nyambung deui kana catu daya.
Lalulintas offline perangkat keras:
Alat 1 ↔ Saklar/Ketok Bypass ↔ Alat 2
Solusi 3 Dua Keran Jaringan Bypass (Saklar Bypass) pikeun unggal tautan
Pitunjuk konfigurasi:
Dina setelan ieu, 1 tautan tambaga tina 2 alat anu nyambung ka server anu dipikanyaho dilewati ku dua Bypass Network Taps (Bypass Switches). Kauntungannana ieu dibandingkeun solusi 1 bypass nyaéta nalika sambungan calo pakét jaringan (NPB) kaganggu, server masih janten bagian tina tautan langsung.
2 * Bypass Network Taps (Saklar Bypass) per tautan - Bypass Parangkat Lunak
Pedaran Bypass Parangkat Lunak:
Upami Network Packet Broker (NPB) henteu ngadeteksi pakét denyut jantung, éta bakal ngaktipkeun bypass perangkat lunak. Bypass Network Tap (Bypass Switch) henteu kedah réaksi pisan sabab sadaya bypass dilakukeun ku Network Packet Broker (NPB).
Lalulintas dina bypass parangkat lunak:
Alat 1 ↔ Saklar Bypass/Ketok 1 ↔ Broker Paket Jaringan (NPB) ↔ Saklar Bypass/Ketok 2 ↔ Alat 2
2 * Keran Jaringan Bypass (Saklar Bypass) per tautan - Bypass Perangkat Keras
Pedaran Bypass Hardware:
Upami Network Packet Broker (NPB) gagal atanapi sambungan antara Bypass Network Tap (Bypass Switch) sareng Network Packet Broker (NPB) pegat, duanana Bypass Network Taps (Bypass Switches) bakal dialihkeun ka mode bypass pikeun ngajaga tautan anu aktip.
Beda sareng setélan "1 Bypass per link", server masih kalebet kana tautan langsung.
Lalulintas offline perangkat keras:
Alat 1 ↔ Saklar Bypass/Ketok 1 ↔Server ↔ Saklar Bypass/Ketok 2 ↔ Alat 2
Solusi 4 Dua Keran Jaringan Bypass (Saklar Bypass) dikonfigurasi pikeun unggal tautan dina dua situs
Pitunjuk setelan:
Pilihan: Dua Network Packet Broker (NPB) tiasa dianggo pikeun nyambungkeun dua situs anu béda ngalangkungan torowongan GRE tinimbang hiji Network Packet Broker (NPB). Upami server anu nyambungkeun dua situs gagal, éta bakal ngalangkungan server sareng lalu lintas anu tiasa disebarkeun ngalangkungan torowongan GRE Network Packet Broker (NPB) (sakumaha anu dipidangkeun dina Gambar di handap).
Waktos posting: Mar-06-2023
