Amathiphu okusiza ukukugcina ungangeni
Ukhokhisiwe ngokulondoloza i- firewall yenethiwekhi yakho yenhlangano yakho? Lokhu kungaba umsebenzi okhwantayo, ikakhulu uma inethiwekhi evikelwe yi-firewall inomphakathi ohlukene wamaklayenti, amaseva, namanye amadivaysi enethiwekhi anezidingo zokuxhumana eziyingqayizivele.
Amaphulogi ahlinzeka ngesendlalelo esiyisihluthulelo sokuzivikela kwinethiwekhi yakho futhi yingxenye ebalulekile yesistimu yakho yokuphepha kwenethiwekhi yokuvikela inethiwekhi. Uma kungakaphethwe futhi kusetshenziswe kahle, i-firewall yenethiwekhi ingashiya izimbobo ezinokuphepha ekuvikeleni kwakho, okuvumela abaduni nabagebengu ukuthi bangene futhi baphume kwinethiwekhi yakho.
Ngakho-ke, uqala kuphi emzamweni wakho wokuqamba lesi silo?
Uma nje ungena ngaphakathi bese uqala ukuthungatha nge-Access Control Lists, ungahlukanisa ngokungenakuqondisa iseva ebaluleke kakhulu ye-mission engayithukuthela umphathi wakho bese ikukhipha.
Inethiwekhi yomuntu wonke ihlukile. Ayikho i-panacea noma i-cure-konke ngokudala ukumiswa kwe-firewall yenethiwekhi ye-hacker-proof, kodwa kunemikhuba enhle ephakanyisiwe yokuphatha umlilo we-firewall yakho. Njengoba yonke inhlangano iyingqayizivele, isiqondiso esilandelayo kungenzeka "singcono kakhulu" kuzo zonke izimo, kodwa okungenani kuzokunikeza iphuzu lokuqala lokukusiza uthole isibhamu sakho sokulawula umlilo ukuze ungashiswa.
Yakha iBhodi yokuLawula i-Firewall
Ukwakha ibhodi yokulawula isiphequluli se-firewall eyenziwe ngabamele abasebenzisi, abaphathi bezinhlelo, abaphathi, nabasebenzi bezokuphepha bangasiza ekusizeni ukukhulumisana phakathi kwamaqembu ahlukene futhi kungasiza ekugwemeni izingxabano, ikakhulukazi uma izinguquko ezihlongozwayo zixoxwa futhi zihlanganiswa nabo bonke abangathinteka ngaphambi kokushintsha.
Ukuba noshintsho ngalunye kuvotelwe kubuye kusize ukuqinisekisa ukuphendula uma izinkinga ezihlobene nokushintsha komlilo othile kwenzeka.
Abasebenzisi Bokuxwayisa Nezikhangiso Ngaphambi Kokushintshwa Kwemithetho Ye-Firewall
Abasebenzisi, abaphathi, kanye nokuxhumana kwe-server kungathinteka yizinguquko ku-firewall yakho. Ngisho nezinguquko ezincane ezibonakalayo emithethweni ye-firewall kanye ne-ACL zingaba nemithelela enkulu ekuxhumaneni. Ngenxa yalesi sizathu, kungcono ukuqaphela abasebenzisi ukuthi bahlongoze izinguquko kwimithetho ye-firewall. Abaphathi besistimu kufanele batshelwe ukuthi yiziphi izinguquko ezihlongozwayo nokuthi zizosebenza nini.
Uma abasebenzisi noma abaphathi banenkinga yokushintsha izinguquko zokulawulwa komlilo, kuhlelwe isikhathi esanele (uma kungenzeka) ukuze bakhulume ukukhathazeka kwabo ngaphambi kokuba kwenziwe izinguquko, ngaphandle uma kwenzeka isimo esiphuthumayo esidinga izinguquko ngokushesha.
Idokhumenti Yonke Imithetho kanye Nokusetshenziswa Amazwana Wokuchaza Injongo Yemithetho Ekhethekile
Ukuzama ukuthola injongo yombuso we-firewall kungaba nzima, ikakhulukazi lapho umuntu obhala ekuqaleni umthetho eshiye inhlangano futhi ushiywe ukuzama ukubona ukuthi ubani ongathinteka ukususwa komthetho.
Yonke imithetho kufanele ifakwe kahle ukuze abanye abaqondisi bakwazi ukuqonda umthetho ngamunye futhi banqume uma kuyadingeka noma kufanele kususwe. Amazwana emithethweni kufanele achaze:
- Inhloso yomthetho
- Insizakalo ukuthi umthetho ungubani
- Abasebenzisi / amaseva / amadivaysi abathintekayo ukubusa (Ubani okumele?)
- Usuku lo mthetho wanezelwa futhi isikhathi sokubusa okudingekayo (ie ingabe kungumthetho wesikhashana?)
- Igama lomlawuli we-firewall owenezela umthetho
Gwema ukusetshenziswa kwe & # 34; Noma ikuphi & # 34; ku-Firewall & # 34; Vumela & # 34; Imithetho
E-athikili ka-Cyberoam mayelana nemikhuba emihle yokulawula umlilo, bavikela ukugwema ukusebenzisa "Noma yikuphi" ku-"Vumela" imithetho yomlilo, ngenxa yezimoto ezingase zibe khona kanye nokulawulwa kokugeleza. Bakhombisa ukuthi ukusetshenziswa "Noma yikuphi" kungase kube nomphumela ongalindelekile wokuvumela yonke inqubo ngokusebenzisa i-firewall.
& # 34; Thinta konke & # 34; Okokuqala bese Wengeza Okungekho
Ama-firewalls amaningi athatha imithetho yawo ngokulandelana kusukela phezulu ohlwini lohlu kuze kube phansi. Ukuhleleka kwemithetho kubaluleke kakhulu. Cishe uzofuna ukuba nomthetho othi "Hlanganisa Konke" njengombuso wakho wokuqala we-firewall. Lokhu kubaluleke kakhulu kwemithetho nokubekwa kwayo kubalulekile. Ukubeka umthetho we- "Hlanganisa Konke" esimweni # 1 ngokuyisisekelo kusho ukuthi "Gcina wonke umuntu nakho konke okuphuma kuqala bese sizonquma ukuthi ubani nokuthi yini esifuna ukuyivumela".
Awusoze ufune ukuba ne-"Vumela Konke" ukubusa njengombuso wakho wokuqala ngoba lokho kuzobe kunqoba inhloso yokuba ne-firewall, njengoba usanda kuvumela wonke umuntu ukuba abe khona.
Uma usuphethe isimiso sakho se- "Deny All" endaweni engu-#, ungaqala ukwengeza imithetho yakho yokuvumela ngezansi ukuze uvumele ithrafikhi ethize ngaphakathi nangenethiwekhi yakho (ukuthatha imithetho yakho yezinqubo zomlilo we-firewall kusukela phezulu kuya phansi).
Ukubukeza Imithetho Ngokuvamile futhi Susa Imithetho Engasetshenzisiwe Ngokujwayelekile
Kuzo zombili izizathu zokusebenza nezizathu zokuphepha, uzodinga "ukuphuphuma ukuhlanza" i-firewall yakho ilawula ngezikhathi ezithile. Uma kunzima kakhulu futhi imithetho yakho eminingi, ukusebenza okuningi kuzoba nomthelela. Uma unemithetho eyakhelwe ama-worksstations namaseva angasenhlanganweni yakho futhi ungase ufune ukuwasusa ukuze usize ukunciphisa imithetho yakho yokucubungula ngaphezulu futhi usize ukunciphisa inani eliphelele lezinkampani zokusongela.
Hlela Imithetho Ye-Firewall yokusebenza
Ukuhlelwa kwemithetho yakho ye-firewall kungaba nomthelela omkhulu ekugqeni kwe-traffic yakho yenethiwekhi. I-EWEEk inesihloko esihle mayelana nemikhuba emihle yokuhlelwa kwemithetho yakho ye-firewall yokwandisa isivinini sezemoto. Esinye seziphakamiso zabo kuhlanganisa ukuthatha imithwalo yemithwalo ye-firewall yakho ngokuhlunga i-traffic engadingeki ngaphandle kwe-routers yakho enqenqemeni. Hlola isihloko sabo ngamanye amathiphu amakhulu.