Ke alakaʻi ʻia nei e ka hoʻololi kikohoʻe, ʻaʻole he "mau kaula liʻiliʻi e pili ana i nā kamepiula." Me ka hoʻonui ʻana o nā mea IoT, ka neʻe ʻana o nā lawelawe i ke ao, a me ka hoʻonui ʻana i ka hana mamao, ua pahū ka ʻoihana pūnaewele, e like me ke kaʻa ma ke ala. Eia nō naʻe, ʻo kēia piʻi ʻana o ke kaʻa kaʻa e hōʻike ana i nā luʻi: ʻaʻole hiki i nā mea hana palekana ke hopu i ka ʻikepili koʻikoʻi, ua hoʻopiha ʻia nā ʻōnaehana kiaʻi e ka ʻike hou aʻe, a ʻaʻole ʻike ʻia nā mea hoʻoweliweli i hūnā ʻia i nā kaʻa i hoʻopili ʻia. ʻO kēia kahi i hiki mai ai ka "mea kīʻaha ʻike ʻole" i kapa ʻia ʻo Network Packet Broker (NPB). Ke hana nei ma ke ʻano he alahaka naʻauao ma waena o ka neʻe ʻana o ka pūnaewele a me nā mea hana kiaʻi, mālama ia i ke kahe ʻana o ke kaʻa ma waena o ka pūnaewele holoʻokoʻa aʻo ka hānai pono ʻana i nā hāmeʻa nānā i ka ʻikepili a lākou e pono ai, e kōkua ana i nā ʻoihana e hoʻoponopono i nā pilikia pūnaewele "ʻike ʻole ʻia, hiki ʻole". I kēia lā, e hāʻawi mākou i ka ʻike piha o kēia kuleana koʻikoʻi i ka hana pūnaewele a me ka mālama ʻana.
1. No ke aha e ʻimi nei nā hui i nā NPB i kēia manawa? — ʻO ka "Visibility Need" o nā pūnaewele paʻakikī
E noʻonoʻo i kēia: Ke holo nei kāu pūnaewele i nā haneli o nā mea IoT, nā haneli o nā kikowaena kapuaʻi, a me nā limahana e komo mamao ana mai nā wahi a pau, pehea ʻoe e hōʻoia ai ʻaʻole e komo nā kaʻa ʻino? Pehea ʻoe e hoʻoholo ai i nā loulou i hoʻopaʻa ʻia a hoʻolohi i nā hana ʻoihana?
ʻAʻole lawa nā ʻano hana nānā kuʻuna: ʻaʻole hiki i nā mea hana nānā ke nānā wale i nā ʻāpana kaʻa kikoʻī, nalo nā node kī; a i ʻole lākou e hāʻawi i nā kaʻa a pau i ka hāmeʻa i ka manawa hoʻokahi, no laila hiki ʻole iā ia ke hoʻokaʻawale i ka ʻike a hoʻolohi i ka maikaʻi o ka nānā ʻana. Eia kekahi, me ka ʻoi aku o 70% o nā kaʻa i hoʻopili ʻia i kēia manawa, ʻaʻole hiki ke ʻike pono nā mea hana kuʻuna ma o kāna ʻike.
ʻO ka puka ʻana o nā NPB e kamaʻilio i ka ʻeha ʻeha o "ka nele o ka ʻike pūnaewele." Noho lākou ma waena o nā wahi komo kaʻa a me nā mea hana nānā, ka hōʻuluʻulu ʻana i nā kaʻa i hoʻopuehu ʻia, kānana ʻana i ka ʻikepili redundant, a hope loa ka hāʻawi ʻana i nā kaʻa pololei i IDS (Intrusion Detection Systems), SIEMs (Security Information Management Platforms), nā mea hana loiloi hana, a me nā mea hou aku. ʻO kēia ka mea e hōʻoia ai ʻaʻole pōloli a ʻaʻole i hoʻopiha ʻia nā mea hana nānā. Hiki i nā NPB ke hoʻokaʻawale a hoʻopili i nā kaʻa, pale i ka ʻikepili koʻikoʻi a hāʻawi i nā ʻoihana me kahi ʻike maopopo o ko lākou kūlana pūnaewele.
Hiki ke ʻōlelo ʻia i kēia manawa inā loaʻa kahi ʻoihana i ka palekana o ka ʻoihana, ka hoʻokō pono ʻana a i ʻole ka hoʻokō pono ʻana, ua lilo ʻo NPB i mea koʻikoʻi hiki ʻole ke pale aku.
He aha ka NPB? — He Hoʻomāliʻi maʻalahi mai ka Architecture a hiki i nā Koko
Manaʻo ka poʻe he nui ka huaʻōlelo "packet broker" i kahi pale ʻenehana kiʻekiʻe i ke komo ʻana. Eia nō naʻe, ʻoi aku ka maʻalahi o ka hoʻohana ʻana i kahi "express delivery sorting center": ʻo ka neʻe ʻana o ka pūnaewele he "express parcels," ʻo ka NPB ka "sorting center," a ʻo ka hāmeʻa mākaʻikaʻi ʻo ia ka "receiving point." ʻO ka hana a ka NPB ʻo ka hōʻuluʻulu ʻana i nā ʻāpana i hoʻopuehu ʻia (hui), wehe i nā ʻāpana kūpono ʻole (ka kānana ʻana), a hoʻokaʻawale iā lākou ma ka helu wahi (māhele). Hiki iā ia ke wehe a nānā i nā ʻāpana kūikawā (decryption) a wehe i ka ʻike pilikino (massaging) - maikaʻi a pololei ke kaʻina holoʻokoʻa.
1. ʻO ka mea mua, e nānā kākou i ka “skeleton” o NPB: ʻekolu mau ʻano hoʻohālike kumu.
ʻO ke kaʻina hana NPB e hilinaʻi piha i ka hui pū ʻana o kēia mau modules ʻekolu; ʻaʻole hiki ke nalowale kekahi o lākou:
○Module Access Traffic: Ua like ia me ka "express delivery port" a ua hoʻohana pono ʻia no ka loaʻa ʻana o ka ʻoihana pūnaewele mai ka port mirror port (SPAN) a i ʻole splitter (TAP). ʻAʻole paha inā he kaʻa mai kahi loulou kino a i ʻole kahi pūnaewele virtual, hiki ke hōʻiliʻili ʻia ma ke ʻano lokahi.
○Enekinia Hana: ʻO kēia ka "lolo lolo o ke kikowaena helu" a nona ke kuleana no ka "hoʻoponopono" koʻikoʻi - e like me ka hoʻohui ʻana i nā kaila multi-link (hui), kānana ʻana i nā kaʻa mai kahi ʻano IP (filtering), kope ʻana i ka huakaʻi like a hoʻouna ʻia i nā mea hana like ʻole (kopi), decrypting SSL/TLS encrypted traffic (decryption), etc. Ua pau nā "hana maikaʻi" a pau.
○Māhele Māhele: Ua like ia me ka "courier" nana e puunaue pololei i ke kalaiwa i hanaia i na mea hana nana e pili ana a hiki no hoi ke hana i ka hookau kaulike ana - no ka la'ana, ina he paahana loa ka mea hana ana hana, e puunaueia kekahi hapa o ke kaa i ka mea paahana e pale ai i ka hoouka ana i ka mea hana hookahi.
2. Nā "Hard Core Capabilities" o NPB: 12 mau hana koʻikoʻi e hoʻonā i ka 90% o nā pilikia pūnaewele.
He nui nā hana a NPB, akā e nānā kākou i nā mea maʻamau i hoʻohana ʻia e nā ʻoihana. Hoʻopili kēlā me kēia me kahi ʻeha kūpono:
○Hoʻopili hou / hōʻuluʻulu + kānanaNo ka laʻana, inā loaʻa i kahi ʻoihana nā loulou pūnaewele 10, hoʻohui mua ka NPB i ke kaʻa o nā loulou 10, a laila kānana i nā "packet data duplicate" a me "traffent irrelevant" (e like me ke kaʻa ʻana mai nā limahana e nānā ana i nā wikiō), a hoʻouna wale i nā kaʻa pili pili i ka ʻoihana i ka hāmeʻa nānā - hoʻomaikaʻi pololei i ka pono e 300%.
○SSL/TLS Decryption: I kēia mau lā, hūnā ʻia ka nui o nā hoʻouka kaua ʻino i loko o nā kaʻa hoʻopunipuni HTTPS. Hiki i ka NPB ke hoʻokaʻawale i kēia kaʻa, e ʻae i nā mea hana e like me IDS a me IPS e "ʻike" i ka ʻike i hoʻopili ʻia a hopu i nā mea hoʻoweliweli huna e like me nā loulou phishing a me nā code malicious.
○ʻIkepili huna / Desensitization: Inā loaʻa ka ʻikepili koʻikoʻi e like me nā helu kāleka hōʻaiʻē a me nā helu palekana, e "holoi" ʻo NPB i kēia ʻike ma mua o ka hoʻouna ʻana i ka mea hana nānā. ʻAʻole pili kēia i ka nānā ʻana o ka mea hana, akā e hoʻokō pū me PCI-DSS (hoʻokō uku) a me nā koi HIPAA (hoʻokō mālama ola) e pale i ka leakage ʻikepili.
○Hoʻouka Kaulike + FailoverInā loaʻa i kahi ʻoihana ʻekolu mau mea hana SIEM, e puʻunaue like ka NPB i nā kaʻa i waena o lākou e pale aku i kekahi mea hana mai ka luhi ʻana. Inā hāʻule kekahi mea hana, e hoʻololi koke ka NPB i ke kaʻa i ka mea hana hoʻihoʻi e hōʻoia i ka nānā ʻole ʻana. He mea koʻikoʻi kēia no nā ʻoihana e like me ke kālā a me ka mālama olakino kahi i ʻae ʻole ʻia ka downtime.
○Hoʻopau Tunnel: VXLAN, GRE a me nā "Tunnel Protocols" i kēia manawa ke hoʻohana mau ʻia nei i nā pūnaewele ao. ʻAʻole hiki ke hoʻomaopopo i nā mea hana kuʻuna i kēia mau protocol. Hiki i ka NPB ke "hoʻokaʻawale" i kēia mau tunnels a wehe i ke kaʻa maoli i loko, e ʻae i nā mea hana kahiko e hana i nā kaʻa i nā kaiapuni ao.
ʻO ka hui pū ʻana o kēia mau hiʻohiʻona e hiki ai iā NPB ke "ʻike ma o" i nā kaʻa i hoʻopili ʻia, akā "pale" i ka ʻikepili koʻikoʻi a "hoʻololi" i nā ʻenehana pūnaewele paʻakikī - ʻo ia ke kumu e hiki ai ke lilo i mea nui.
III. Ma hea kahi i hoʻohana ʻia ai ka NPB? - ʻElima mau hiʻohiʻona koʻikoʻi e pili ana i nā pono ʻoihana maoli
ʻAʻole ʻo NPB he mea paahana hoʻokahi; akā, hoʻololi maʻalahi i nā hiʻohiʻona like ʻole. Inā he kikowaena ʻikepili, he 5G pūnaewele, a i ʻole ke ao ao, loaʻa iā ia nā noi pololei. E nānā kākou i kekahi mau hihia maʻamau e hōʻike i kēia manaʻo:
1. Kikowaena ʻIkepili: ʻO ke kī i ka nānā ʻana i ke kaʻa kaʻa Hikina-West
Ke nānā wale nei nā kikowaena ʻikepili kuʻuna ma ka ʻākau a me ka hema (ka kaʻa mai nā kikowaena a i ka honua waho). Eia naʻe, i loko o nā kikowaena ʻikepili virtualized, 80% o nā kaʻa he hikina-komohana (ka kaʻa ma waena o nā mīkini virtual), ʻaʻole hiki ke hopu wale i nā mea hana kuʻuna. ʻO kēia kahi e hiki mai ai nā NPB:
No ka laʻana, hoʻohana kahi hui pūnaewele nui i VMware e kūkulu i kahi kikowaena data virtualized. Hoʻopili pololei ʻia ka NPB me vSphere (kahi kahua hoʻokele o VMware) no ka hopu pololei ʻana i nā kaʻa hikina-komohana ma waena o nā mīkini virtual a hāʻawi iā ia i nā IDS a me nā mea hana hana. ʻAʻole kēia e hoʻopau wale i ka "mālama ʻana i nā wahi makapō," akā e hoʻonui pū i ka pono o ka mea hana ma ka 40% ma o ke kānana ʻana, e ʻoki pololei ana i ka mean-time-to-repair (MTTR) o ka ʻikepili i ka hapalua.
Eia hou, hiki i ka NPB ke nānā i ka ukana kikowaena a hōʻoia i ka hoʻokō ʻana o ka ʻikepili uku me PCI-DSS, e lilo i "koi hana pono a mālama pono" no nā kikowaena data.
2. Ke Kaiapuni SDN/NFV: Nā kuleana maʻalahi e hoʻololi ana i ka pūnaewele i wehewehe ʻia i nā polokalamu
Nui nā hui e hoʻohana nei i ka SDN (Software Defined Networking) a i ʻole NFV (Network Function Virtualization). ʻAʻole paʻa hou nā pūnaewele, akā nā lawelawe lako polokalamu maʻalahi. Pono kēia i nā NPB e lilo i mea maʻalahi:
No ka laʻana, hoʻohana ke kulanui i ka SDN no ka hoʻokō ʻana i ka "Bring Your Own Device (BYOD)" i hiki i nā haumāna a me nā kumu ke hoʻopili i ka pūnaewele puni honua me ka hoʻohana ʻana i kā lākou kelepona a me nā kamepiula. Hoʻohui ʻia ʻo NPB me kahi mea hoʻoponopono SDN (e like me OpenDaylight) e hōʻoia i ka hoʻokaʻawale ʻana o ke kaʻa ma waena o ke aʻo ʻana a me nā wahi keʻena ʻoiai e puʻunaue pololei ana i nā kaʻa mai kēlā me kēia wahi i nā mea hana nānā. ʻAʻole pili kēia ʻano i ka hoʻohana ʻana o nā haumāna a me nā kumu, a hiki ke ʻike i ka manawa kūpono o nā pilina maʻamau, e like me ke komo ʻana mai nā leka uila IP waho o ka pā kula.
Pela no na kaiapuni NFV. Hiki i ka NPB ke nānā i ke kaʻa o nā pā ahi virtual (vFWs) a me nā mea kaulike hoʻouka uila (vLBs) e hōʻoia i ka hana paʻa o kēia mau "pololei", ʻoi aku ka maʻalahi ma mua o ka nānā ʻana i nā lako kamepiula.
3. Pūnaehana 5G: Hoʻokele i nā ʻāpana ʻāpana a me nā Nodes Edge
ʻO nā hiʻohiʻona koʻikoʻi o 5G he "wikiwiki kiʻekiʻe, haʻahaʻa haʻahaʻa, a me nā pilina nui", akā lawe mai kēia i nā luʻi hou i ka nānā ʻana: no ka laʻana, hiki i ka ʻenehana "network slicing" 5G ke hoʻokaʻawale i ka ʻenehana kino like i loko o nā ʻenehana loea (no ka laʻana, kahi ʻāpana haʻahaʻa haʻahaʻa no ka hoʻokele autonomous a me kahi ʻāpana pili nui no IoT), a pono ke nānā ʻia ke kaʻa o kēlā me kēia ʻāpana.
Ua hoʻohana kekahi mea hoʻohana i ka NPB no ka hoʻoponopono ʻana i kēia pilikia: ua kau ʻo ia i ka nānā ʻana i ka NPB kūʻokoʻa no kēlā me kēia ʻāpana 5G, ʻaʻole hiki ke ʻike wale i ka latency a me ka throughput o kēlā me kēia ʻāpana i ka manawa maoli, akā ke aʻe pū kekahi i nā kaʻa like ʻole (e like me ke komo ʻole ʻia ma waena o nā ʻāpana) i ka manawa kūpono, e hōʻoia ana i nā koi latency haʻahaʻa o nā ʻoihana koʻikoʻi e like me ka hoʻokele autonomous.
Eia hou, ua hoʻopuehu ʻia nā node computing edge 5G ma ka ʻāina, a hiki nō hoʻi iā NPB ke hāʻawi i kahi "ʻano māmā" i kau ʻia ma nā nodes e nānā i nā kaʻa kaʻahele a pale i nā lohi i hoʻoiho ʻia e ka hoʻouna ʻana i ka ʻikepili.
4. Cloud Environment/Hybrid IT: Wehe i nā Pale o ka nānā ʻana i ke ao a me ka pilikino
Ke hoʻohana nei ka hapa nui o nā ʻoihana i kahi hoʻolālā kapua hybrid — aia kekahi mau hana ma Alibaba Cloud a i ʻole Tencent Cloud (nā ao lehulehu), kekahi ma kā lākou mau ao pilikino, a ʻo kekahi ma nā kikowaena kūloko. Ma kēia hiʻohiʻona, hoʻopuehu ʻia nā kaʻa ma nā wahi he nui, e hoʻopau maʻalahi i ka nānā ʻana.
Ke hoʻohana nei ʻo China Minsheng Bank i ka NPB e hoʻoponopono i kēia wahi ʻeha: hoʻohana kāna ʻoihana i nā Kubernetes no ka waiho ʻana i ka pahu. Hiki i ka NPB ke hopu pololei i nā kaʻa ma waena o nā ipu (Pods) a hoʻopili i ke kaʻa ma waena o nā kikowaena kapuaʻi a me nā ao pilikino e hoʻokumu i ka "nānā hope-to-end" - me ka nānā ʻole inā aia ka ʻoihana i ke ao ākea a i ʻole ke ao pilikino, ʻoiai he pilikia ka hana, hiki i ka hui hana a me ka mālama ʻana ke hoʻohana i ka ʻikepili traffic NPB e ʻimi koke inā he pilikia me nā kelepona inter-container a i ʻole ka hoʻopili ʻana i ka ʻoihana diagnostics e 6%.
No nā ao lehulehu lehulehu, hiki i ka NPB ke hōʻoia i ka noho kaʻawale ʻana ma waena o nā ʻoihana like ʻole, pale i ka leakage ʻikepili, a hoʻokō i nā koi o ka ʻoihana kālā.
I ka hopena: ʻAʻole ʻo NPB he "koho" akā he "pono"
Ma hope o ka nānā ʻana i kēia mau hiʻohiʻona, ʻike ʻoe ʻaʻole ʻo NPB kahi ʻenehana niche akā he mea hana maʻamau no nā ʻoihana e hoʻokō i nā pūnaewele paʻakikī. Mai nā kikowaena ʻikepili a hiki i 5G, mai nā ao pilikino a i ka IT hybrid, hiki i ka NPB ke hana i kahi kuleana ma nā wahi āpau e pono ai ka ʻike pūnaewele.
Me ka piʻi nui ʻana o AI a me ka computing edge, e ʻoi aku ka paʻakikī o ka neʻe ʻana o ka pūnaewele, a e hoʻonui hou ʻia nā mana NPB (no ka laʻana, me ka hoʻohana ʻana iā AI no ka hoʻomaopopo ʻana i nā kaʻa like ʻole a hiki i ka hoʻololi ʻana i ka māmā i nā node lihi). No nā ʻoihana, ʻo ka hoʻomaopopo ʻana a me ka lawe ʻana i nā NPB i ka wā mua e kōkua iā lākou e hopu i ka hoʻolālā pūnaewele a pale i nā alahele i kā lākou hoʻololi kikohoʻe.
Ua ʻike paha ʻoe i nā pilikia nānā ʻana i ka ʻoihana ma kāu ʻoihana? No ka laʻana, ʻaʻole hiki ke ʻike i ke kaʻa i hoʻopili ʻia, a i ʻole ke hoʻopau ʻia ka nānā ʻana i ke ao hybrid? E ʻoluʻolu e kaʻana like i kou mau manaʻo ma ka ʻaoʻao ʻōlelo a e ʻimi pū kākou i nā hopena.
Ka manawa hoʻouna: Sep-23-2025
