728x90 inline31 Gigamon HC Series의 Inline Concept Gigamon 장비는 제품별로 다양한 Packet 처리가 가능하다.Mirror 트래픽을 전달 받아 가공을 통해 보안/모니터링/분석 장비에 전달함으로 효과를 얻을 수도 있고Inline에 직접 개입하여 보안 장비들을 효과적으로 사용할 수 있게 구성이 가능하다.참 재미난 Concept 이다. As-Is의 구성은 현재 많이 사용되는 이중화 구성이다. 예전에는 이 구성이 최적화된 구성이었으나 시대가 바뀌었고예전 구성에서의 문제점들을 해결할 수 있는 방법도 생겨났다. 2024. 10. 15. Gigamon HC Series의 이중화 및 iSSL에 관하여 Gigamon HC Series는 패킷 미러 처리 뿐 아니라 inline에 직접 연결해 다양한 inline-tool에게 최적의 패킷을 전달 하는 역활을 한다.보통의 Gigamon 이중화는 GRIP이라는 Gigamon에서 제공하는 이중화 프로토콜을 통해 이중화를 구성하며, 회선별 구성이 아닌 아래와 같이 상하단 구성을 주로 한다.기존 회선 이중화 방식에서 발생되는 문제점들을 Gigamon을 통해 다양한 문제점들의 해결이 가능해진다.- 보안 장비로 인한 네트워크 성능 저하- 여러 장애 포인트 존재- 비대칭 라우팅으로 인한 보안 장비 탐지의 어려움- 보안 장비 확장의 어려움- 보안장비 Firmware 업그레이드 혹은 교체시 네트워크 단절 위험- 네트워크 증속 시 보안도 동일 증속을 위한 투자- 보안 장비 한대.. 2023. 11. 15. To set up GRIP successfully, it is advised that you check the inline functions of each HC2 separately. To set up GRIP successfully, it is advised that you check the inline functions of each HC2 separately.https://gigamoncp.force.com/partnercommunity/s/article/HC2-GRIP-Configuration-example#loadedA. Set up Primary without GRIPa. ensure secondary is wire only (i.e physical bypass = enable)b. take primary out of bypass, configure all ports and forward inline traffic to inline toolOn secondary: inlin.. 2021. 1. 25. Gigamon Resiliency for Inline Protection (GRIP) You can configure Gigamon Resiliency for inline protection on H Series nodes (GigaVUE-HC1, GigaVUE-HC2, and GigaVUE-HC3). Example 18 is an inline bypass solution for GRIP using TAP-HC1-G10040 modules on GigaVUE-HC1 with copper ports. The same instructions apply to GigaVUE-HC2 and GigaVUE-HC3.Note: On the GigaVUE-HC2, the configuration steps will be the same as in this example, but the network po.. 2021. 1. 18. Gigamon Maps to Individual Inline Tool Group Members Example 17 is an inline bypass solution on GigaVUE-HC2 for an inline tool group with four tools. It is similar to Example 16: Asymmetrical Hashing in Inline Tool Group, but has four rule-based inline maps, one to each individual member of the inline tool group. In Example 17, asymmetrical hashing is used, but the hashing could also be symmetrical. The hashing only applies to the traffic sent to .. 2021. 1. 18. Gigamon Asymmetrical Hashing in Inline Tool Group Example 16 is an inline bypass solution on GigaVUE-HC2 for an inline tool group with four tools. The inline tool group uses asymmetrical hashing (unlike Example 5: Inline Tool Group (N+1) Redundancy which uses symmetrical hashing). The hashing is based on the source IP address for side A and the destination IP address for side B.A rule-based map (vlan 200) is configured from the inline network t.. 2021. 1. 18. Gigamon OOB Maps Originating from Inline Network Group Example 15 expands on Example 14 by combining out-of-band (OOB) maps with a map passall originating from an inline network group on GigaVUE-HC2.When the source port of an OOB map is associated with an inline network group, only one port is supported in the port list. In this case, multiple OOB maps are needed because each OOB map only accepts one inline network port as the input (the from argume.. 2021. 1. 18. Gigamon OOB Maps Originating from Inline Network Example 14 combines out-of-band (OOB) maps with a map passall originating from an inline network on GigaVUE-HC2. In Example 14, the map passall sends all traffic to the inline tool. The OOB rule-based map sends traffic to an OOB tool.When the source port of an OOB map is associated with an inline network, multiple source ports are supported in the port list (the from argument of the map command).. 2021. 1. 18. Gigamon Inline Flow Mapping Based Solution D Example 13 is an inline flow mapping based solution on GigaVUE-HC2. Example 13 has a variety of constructs: an inline network group made up of two protected inline networks, an inline tool group, an inline tool series, an individual inline tool, a rule-based map (VLAN 100) from the inline network group to the inline tool group, a rule-based map (portdst 80) from the inline network group to the i.. 2021. 1. 17. Gigamon Inline Flow Mapping Based Solution C Example 12 is an inline flow mapping based solution on GigaVUE-HC2. Example 12 has a single, unprotected inline network, two individual inline tools, a rule-based map (portdst 22) from the inline network to bypass, a rule-based map (portdst 80) from the inline network to the first inline tool, and a shared collector from the inline network to the second inline tool. Traffic that does not match t.. 2021. 1. 17. Gigamon Inline Flow Mapping Based Solution B Example 11 is an inline flow mapping based solution on GigaVUE-HC2. Example 11 has a single, unprotected inline network, a single inline tool, a rule-based map (VLAN 100) from the inline network to bypass, and a shared collector from the inline network to the inline tool. Traffic on VLAN 100 will not be inspected by the inline tool, while the remaining traffic will be inspected by the inline too.. 2021. 1. 17. Gigamon Inline Flow Mapping Based Solution A Example 10 is an inline flow mapping based solution on GigaVUE-HC2. Example 10 has a single, unprotected inline network, a single inline tool, a rule-based map (VLAN 100) from the inline network to the inline tool, and a shared collector from the inline network to bypass. Traffic on VLAN 100 will be inspected by the inline tool while the remaining traffic will not be inspected (will be bypassed).. 2021. 1. 17. 이전 1 2 3 다음 728x90