email [email protected]
EN EN
Guangzhou Xunjie Information Technology Co., Ltd.
Guangzhou Xunjie Information Technology Co., Ltd.
Thola Isilinganiso
Iphepha Lesi
Izinkomo down
Ngiyabuzisa
Iphutha
Vumela Nethu
Iblog
Thola Isilinganiso

Thola Isilinganiso Samahhala

Ummeleli wethu uzokuthinta masisha.
I-imeyili
Fon/WhatsApp/WeChat
Igama
Igama Lenkampani
Umyalezo
0/1000

Ukuphepha Kwegunya LeBrodade: Ingcushule Yenkulumo Ehlukile

2025-12-09 11:00:00
Ukuphepha Kwegunya LeBrodade: Ingcushule Yenkulumo Ehlukile

Ukusebenzisa Ukuqinisekiswa Kwenkonzo Ngokuthembekileyo NgeTeknoloji YaBrocade

Kumhlabathimende wodidi owahlanjiswa ngokushesha kuleli xesha, ukulungiselela umphakathi wokuxhumanisa kuyaphila kangangokuba yivele. Brocade switch intechinoloji isohlwa esiphambili sekhuseni yomphakathi wokuxhumanisa, inikeza izici nezimo ezibuthwele ekususweni kwizimpahla zakho eziphathelene nempahla. Ukuziqonda nokusebenzisa izindlela zokuphepha ngempela kumgangatho wakho we-Brocade okuphinde kuqiniseke ukuthi kube khona umphakathi ongcono nokuphelile.

Abasebenzi basecurity network ngempela bazi ukuthi ukuhlelwa kwesivivinyo esihle kakhulu kuyisisekelo yesikhashana esigcweleyo. Uma kusekelwe kahle, izivivinyo ze-Brocade zingakwesela ukufinyelela okungavumelekile, kubetha izikhuthazo ezahlukene ze-cyber, futhi ziqiniseze ukutholakala kwenetwork kusengqondo yabantu abavumelekile.

Izihlelo zesivivinyo eziphilayo ku-Brocade Infrastructure

Ukuthola kanye nokunakekela ukufinyelela

Ukuqinisa ukufinyelela kwi-switch yakho ye-Brocade kudala ngokuhlelwa kwezinhlelo yokuthola (authentication). Qalela ngokuhlelwa kwe-RBAC (Role-Based Access Control) ukuqinisekile ukuthi abasebenzisi baneke nje amandla afanele kubo ngokwezinye zezinkundla zabo. Hlela izimpendulo ezinzima, kufaka phakathi izidingo zentlango, izinhlelo zemithetho, nezinsuku ezilandelwayo zokushintsha kwamagama.

Vula imithetho ephelele njenge SSH ne HTTPS ukuze uthole inkinobodlo, ngelinye igunya amathuba angaphansi kakhulu njenge Telnet no HTTP. Lungenisa izervera zokwamukela ezifakiweyo RADIUS noma TACACS+ ukuqinisekisa ukhokhelo olumangalisayo nokugcina imibiko yembono yazo zonke izenzo zomphathi ezwenziwa ku-switch.

Ukusebenzisa Kungcoliswa Kwepoti

Izinto zokuphelela kwepoti kwiingxaki ze-Brocade zinika indlela eyengeziwe yokuphelelwa kwindlela engavumelekanga yokufikelela kwenetwekhi. Vula ukuphelelwa kwepoti ukuze ulimite isamba seMAC adrese singafundwanga phantsi kwesipotile, ukulungiselela iingxaki ezinjalo njenge MAC flooding. Lungenisa i-sticky MAC addressing kwiipoti apho akukho ndawo yokuhamba kwegqithi, ukuqinisekisa ukuba iigqithi ezithile kuphela azikwazi ukuxhuma kwiipoti ezilungiswe.

Sebenzisa DHCP snooping kanye ne-dynamic ARP inspection ukulungiselela kwiingxaki ezihlanjwayo phakathi kwezinye nakunye (man-in-the-middle) kanye nezervera zeDHCP ezingalunganga. Le mizobo ihlangana ukuqinisekisa ubumfihlisi benetwekhi yakho ngokulinganisa iindaba zeDHCP kwaye ulungiselele izixhobo ezingazange ziqalwe nguARP.

Izinhlelo Zokuphepha Ezinhle

Imithetho Yeqiniso Le-VLAN

Ukumisela kahle kwe-VLAN ku-inthanethi yakho ye-Brocade ikhiye kakhulu ekugcineni kwebhrodi-cast neqiniso. Sebenzisa i-private VLANs ukuqinisekisa ukuthi abasebenzisi nezimpondo zihlukaniswe ngaphakathi kwe-domain efanayo yokubhroda. Vula ukususwa kwe-VLAN ukuze kube yimali iviki le-VLAN engalindelekile emaqeshini aphakeme, lokhu kuyakwala inkinga yesimo esingcono sokuthulwa.

Lungise imithetho yeqiniso ye-native VLAN ukuze uphazamise izinyathelo zokuthupha kwe-VLAN. Qiniseka ukuthi wonke amaphoyinti angasolwanga ayabelwe kwi-VLAN ephathelene ngequ ethunywa ngaphandle kokufinyelela kwenethiwekhi. Donsela kakhulu kuzindlela zokusebenza kwe-VLAN futhi susa konke okungahleliwe okungaba khona okungafaka inkinga.

Umthetho Nokudala Kwe-Traffic

Ukusebenzisa umyalo omehlo futhi izindlela zokulawula ukubhayizeni kusiza ekukhokheni ukulawulwa kwenethiwekhi nokufinyelela okungavumelekile. Vula umlawulo wosuku olunzulu ukuze uphindeleke kuzintaba ze-broadcast, multicast, ne-unknown unicast uzungezile okungakhubazeki kumsebenzi wenethiwekhi. Lungenisa izinhambisano zokusebenza (QoS) ukuze uthintele indlela ebalulekile futhi uvikele kuzimiso ezinamandla.

Sebenzisa Izilungiselelo Zokwamukela (ACLs) ukuze uhlekle umlando ngokwemigomo ethile, njengekheli lekhasi/endaweni yesingeniso, iiprotokholi, nezinombolo zepoti. Ukuhlolwa kanye nokuvuselela okuqhubekayo kwezinhambisano ze-ACL kusiza ekugcineni ubunzima bezinhambisano zakho zokuphepha kanti kugcine umsebenzi ophepha kwenethiwekhi.

6-1.jpg

Inkonzo Yokohlola Nokuphathwa

Ukuthintela Kwezimali Nokuhlola

Ukusekelwa kwezinhlelo ezihlukene zokuthenga nokubhaliweyo kwindawo yakho ye-Brocade switch kuyisidingo esibalulekile ekulondolozini nasekuqiniseni iqiniso. Sisitshenzise i-syslog servers ukuze kuthunyelwe nezenze izilungiso ze-switch ukuzivocavoca. Vula ubhalo oluthile ngamandla e-port security violation ukuze ufake umbiko wemithwalo engavumelekile kanye namathiphu okholo angakwenzeka.

Sebenzisa i-SNMP monitoring ngezinguqulelo ezihloniphekile (SNMPv3) ukuze uthole ulwazi olusha ngamahora mayelana nesimo sezindawo zakho nezimiso zokholo. Ukubheka kahle kwezilungiso zokholo kusiza ukuthola izinhlobo zezinto ezingalindelekile kanye namathiphu okholo angakwenzeka ngaphambi kokuba akhuphukeke kizinkinga eziphakeme.

Ukulawula Kwefirmware

Ukugcina izinguqulelo ezikhona zefirmware kwindawo yakho ye-Brocade switch yindlela ebalulekile ekulondolozeni. Dala isikheleli esihlanjwayo sokuvuselela kanye nokulungisa i-firmware ukuze kube yinxenye yesimo esithile. Dala indawo yokuchazela ukuqinisekisa i-firmware updates ngaphambi kokuzilungiselela kumakhigijhe amasebenzayo.

Bhali konke okuqondilekileyo kumshinelulo wesimiso futhi uzilondoloze izincwadi ezithile zezinhloso. Sebenzisa imigomo yokugcina isimiso ukuqinisekisa ukuvikela ngokushesha uma kube khona imiba ngexesha lokuvuselela umshinelulo. Ukuphatha kanjalo kwesimiso kususa kubaluleka ukulungiswa kwezivumelwano zasekhubeni, ngakho-ke kuhlele indlela esebenzayo yekhiswishi.

Imibuzo Evame Ukubuzwa

Kungakanjani isikhathi esifanele sokubheka izimiselo zesivumelwano kwi-khiswishi ye-Brocade?

Kumele kube yizinsuku ezine ngonyaka izimiselo zesivumelwano zibhekwe, nangaphezu kwebheki ngemva kanye yezinguquko ezinkulu zolenzo olunye noma iziganeko zesivumelwano. Ibhagi ezihlanjwayo zihlenga ukuqinisekisa ukuthi izindlela zesivumelwano zisebenza ngempela futhi zihlanganiswe nezidingo zomphakathi ngamanje nezinhlotshwa eziphathelene nendlela efanele.

Yiziphi iziphawu zesivumelwano ezibalulekile kakhulu ukuze zenze ngohlelo lwe-Brocade?

Izici ezibalulekile kakhulu zokuphepha kufana nezici ezinamandla yokuthembeka, ukuphepha kwesipodi, ukwahlukaniswa kwe-VLAN, nokugcina izinhloga ngokuphelele. Ngaphezu kwalokho, ukusebenzisa izimo ezivikela umphathi, amalungelo okufinyelela, nezibuyekezo eziphakeme ngokushesha zibalulekile ukuqinisekisa ukuthi iswitchi ihlale iphephile.

Ngani angikwazi ngakho ukulungiselela iswitchi sami ye-Brocade kulelo kufinyelela engavumelekile?

Lungiselela kulelo kufinyelela engavumelekile ngokusebenzisa izimvo zempilo ezinamandla, ungqalisela i-SSH ukuhlawulwa kude, faka i-RADIUS noma i-TACACS+ yokuthembeka, futhi usebenzise izici zokuphepha kwesipodi. Izahluko ezihlanjwayo zokuphepha nezobuyiselwa kumehluko wokufinyelela kusiza ekuboneni nokulungiselela iziphumo ezinokwenzeka.

Phambilini :I-Switch yeBrocade kusuka eCisco: Ukulinganisa Kwenkondlo yoEnterprise

Okulandelayo :Lungiselela Ukusetshenziswa Kwamandla Kwiserver: Izindlela Zomkani Nokuthulula

Uhlu Lwezinto Eziqukethwe