반응형

DeepFinder H/W, Proxy, Reverse Proxy 웹방화벽의 SSL 처리 방식과 달라 가속기 등의 추가 구매 없이, 성능/속도 저하없이 SSL 트래픽을 필터링합니다.
Cloud 시대에 어플라이언스 타입의 WAF가 해결하기 어려운 부분을 쉽게 구성할 수 있다.
기존 WAF의 운영에서 불편한 인증서 관리가 필요 없고 SSL암복호화 수행을 따로 하지 않기 때문에 리소스의 저하도 발생 하지 않는다.


반응형

'업무이야기 > Security' 카테고리의 다른 글

How to Deploy and Manage FortiEndpoint | Endpoint Security  (7) 2024.11.08
Juniper SRX(방화벽) 패스워드 초기화  (5) 2024.10.24
FortiGate SIP Debug  (1) 2023.05.02
SRX IPSec Tunnel Sample  (0) 2023.05.02
AhnLab Network Solutions  (0) 2022.11.21
반응형
반응형
반응형

##
## Network interface configuration
##
interface eth0
  no dhcp
  ip address 192.168.1.13 /24
  exit
##
## Network interface IPv6 configuration
##
interface eth0
  no ipv6 dhcp client enable
  exit
##
## Routing configuration
##
ip default-gateway 192.168.1.1 eth0
##
## Other IP configuration
##
hostname HC1
ip domain-list inner
ip name-server 168.126.63.1
##
## Other IPv6 configuration
##
no ipv6 enable
##
## Logging configuration
##
logging 192.168.1.245
logging 192.168.1.245 trap warning
##
## Port level configurations
##
port 1/1/g1 type network
port 1/1/g1 params admin enable
port 1/1/g2 type tool
port 1/1/g2 params admin enable
##
## Gigastream hash configurations
##
gigastream advanced-hash slot 1/cc1 default
##
## Gsgroup configurations
##
gsgroup alias GSHS port-list 1/1/e1
##
## IP Interface configurations
##
ip interface alias IN-VPN
  attach 1/1/g1
  ip address 192.168.1.10 /24
  gw 192.168.1.1
  gsgroup add GSHS
  exit
##
## Gs params configurations
##
gsparams gsgroup GSHS
  cpu utilization type total rising 80
  dedup-action drop
  dedup-ip-tclass include
  dedup-ip-tos include
  dedup-tcp-seq include
  dedup-timer 50000
  dedup-vlan ignore
  diameter-packet timeout 2
  diameter-s6a-session limit 10000
  diameter-s6a-session timeout 30
  eng-watchdog-timer 60
  erspan3-timestamp format none
  flow-mask disable
  flow-sampling-rate 5
  flow-sampling-timeout 1
  flow-sampling-type device-ip
  generic-session-timeout 5
  gtp-control-sample enable
  gtp-flow timeout 48
  gtp-persistence disable
  gtp-persistence file-age-timeout 30
  gtp-persistence interval 10
  gtp-persistence restart-age-time 30
  gtp-randomsample disable
  gtp-randomsample interval 12
  ip-frag forward enable
  ip-frag frag-timeout 10
  ip-frag head-session-timeout 30
  lb failover disable
  lb failover-thres lt-bw 80
  lb failover-thres lt-pkt-rate 1000
  lb replicate-gtp-c disable
  lb use-link-spd-wt disable
  node-role disable
  resource buffer-asf disable
  resource cpu overload-threshold 90
  resource hsm-ssl buffer disable
  resource hsm-ssl packet-buffer 1000
  resource inline-ssl standalone enable
  resource metadata disable
  resource packet-buffer overload-threshold 80
  resource xpkt-pmatch num-flows 0
  session logging level none
  sip-media timeout 30
  sip-nat disable
  sip-session timeout 30
  sip-tcp-idle-timeout 20
  ssl-decrypt decrypt-fail-action drop
  ssl-decrypt enable
  ssl-decrypt hsm-pkcs11 dynamic-object enable
  ssl-decrypt hsm-pkcs11 load-sharing enable
  ssl-decrypt hsm-timeout 1000
  ssl-decrypt key-cache-timeout 10800
  ssl-decrypt non-ssl-traffic drop
  ssl-decrypt pending-session-timeout 60
  ssl-decrypt session-timeout 300
  ssl-decrypt tcp-syn-timeout 20
  ssl-decrypt ticket-cache-timeout 10800
  tunnel-health-check action pass
  tunnel-health-check disable
  tunnel-health-check dstport 54321
  tunnel-health-check interval 600
  tunnel-health-check protocol icmp
  tunnel-health-check rcvport 54321
  tunnel-health-check retries 5
  tunnel-health-check roundtriptime 1
  tunnel-health-check srcport 54321
  xpkt-pmatch disable
  exit
##
## Gsop configurations
##
gsop alias gsope1 strip-header vxlan 0 port-list GSHS
##
## Traffic map connection configurations
##
map alias 01.G2-G1_HS_MAP
  type regular byRule
  roles replace admin to owner_roles
  use gsop gsope1
  rule add pass ipver 4
  rule add pass ipver 6
  to 1/1/g2
  from 1/1/g1
  exit
##
## SNMP configuration
##
no snmp-server host 192.168.1.245 disable
snmp-server host 192.168.1.245 traps port 162 version 2c public

반응형
반응형

 

 

 

 

 

반응형
반응형

NHN Cloud 교육 참석을 통해 Cloud에 대한 많은 견문이 넓혀진 것 같습니다.

교육을 참석 하신분들은 다 아시는 내용이지만 미참석자를 위해 정보 전달 드립니다.

NHN Cloud에 가입 하신 후 결제 수단을 등록 하시면 20만원의 크레딧이 지급됩니다.

아래 링크 클릭하여 회원 가입을 하시고

https://www.nhncloud.com/kr

아래와 같이 결제 수단 페이지에서 "[가입 축하 크레딧 신청]"을 클릭하시면 됩니다.

반응형
반응형

https://www.gigamon.com/products/optimize-traffic/traffic-intelligence/gigasmart/tunneling-erspan-termination.html

 

Remote Traffic Tunneling | ERSPAN Termination | GigaSMART | Gigamon

GigaSMART® Tunneling helps alleviate blindness of business-critical traffic at remote sites, virtualized data centers or hosted in a public cloud.

www.gigamon.com

Extend monitoring to remote sites and the cloud

The Tunneling feature is a licensable addition to the GigaSMART® engine that helps alleviate blindness of business-critical traffic at remote sites, virtualized data centers, or hosted in a public cloud. Tunneling is used in conjunction with Flow Mapping® technology to select traffic at remote sites that should be subject to additional inspection. That traffic subset can then be forwarded via IP/UDP or L2GRE encapsulation to centralized monitoring and security resources. Tunneling also works with GigaVUE-VM for VMware, GigaVUE-VM for OpenStack, and Visibility Platform for AWS to select and tunnel traffic from within virtual environments to the Gigamon® Visibility Platform via L2GRE tunnels. With Tunneling, physical networks can utilize cloud-based tools and load balance across multiple instances.

Benefits of the Tunneling feature

  • Provides security teams with access to suspicious traffic anywhere within the organization, local or remote, physical or virtual.
  • Eliminates the cost of deploying and managing tools at branch offices and remote sites.
  • Preserves the processing power of hypervisors to handle workload, instead of management and monitoring.
  • Immediately extends monitoring and security to new acquisitions or temporary installations until other arrangements can be made.
  • Enables load balancing across multiple IP-addressable virtual and cloud-based tools.
  • Allows operators to take advantage of existing Cisco NEXUS features by forwarding traffic via ERSPAN tunnels to the Gigamon Visibility Platform.

 

반응형

'업무이야기 > 패킷전달플랫폼' 카테고리의 다른 글

Application Visualization  (0) 2020.06.04
Adaptive Packet Filtering  (0) 2020.06.04
Load Balancing  (0) 2020.06.04
Masking  (0) 2020.06.04
Packet Slicing  (0) 2020.06.04
반응형

 

반응형

+ Recent posts