Ọ bụrụ n’ịchọrọ imepụta sava VPN, ka m gwa gị na enwere nhọrọ dị oke mma nke ị nwere ike iji kwado onwe gị iji mezuo ebumnuche gị yana nke ahụ bụ ọrụ ahụ. Firezone na -etolite sava VPN pIji hazie ohere ịnweta ndị ọbịa na netwọkụ dị n'ime dịpụrụ adịpụ na ngwaọrụ onye ọrụ dị na netwọk mpụga.
Ọrụ ahụ na -ezube inweta oke nchekwa ma mee ka usoro mmemme VPN dị mfe.
Banyere Firezone
Ọrụ ahụ a na -emepụta ya site na Cisco Security Automation Engineer, onye nwara imepụta ihe ga -eme ka ọrụ rụọ ọrụ na nhazi ndị ọbịa wee wepu nsogbu ha chere ihu mgbe ha na -ahazi nnweta nchekwa na VPC na igwe ojii.
Ogwe ọkụ na -arụ ọrụ dị ka interface maka ma WireGuard kernel module maka netfilter kernel subsystem. Mepụta interface WireGuard (nke a na-akpọ wg-firezone na ndabara) yana tebụl netfilter ma gbakwunye ụzọ kwesịrị ekwesị na tebụl ụzọ. Mmemme ndị ọzọ na -agbanwe tebụl ụzọ Linux ma ọ bụ firewall netfilter nwere ike igbochi ọrụ Firezone.
Enwere ike iche na Firezone dị ka onye na -emepe emepe na OpenVPN Access Server, nke ewuru n'elu WireGuard kama OpenVPN.
A na -eji WireGuard hazie ọwa nkwukọrịta na Firezone. Firezone nwekwara arụmọrụ firewall arụnyere na-eji nftables.
Na ụdị ya ugbu a, firewall nwere oke site na igbochi okporo ụzọ na -apụ apụ na ndị ọbịa ma ọ bụ obere ihe ntanetị N'ime netwọkụ dị n'ime ma ọ bụ na mpụga, nke a bụ n'ihi na Firezone bụ sọftụwia beta, yabụ maka ugbu a, a na -atụ aro iji ya naanị site na ịmachi ohere netwọkụ ahụ na ngwa onye ọrụ weebụ iji zere ikpughe ya na ịntanetị ọha.
Firezone chọrọ asambodo SSL dị mma yana ndekọ DNS dabara ka ọ rụọ ọrụ na mmepụta, nke ngwa Encrypt nwere ike mepụta ma jikwaa ya iji mepụta asambodo SSL efu.
Na akụkụ nke nchịkwa, ekwuru na a na -eme nke a site na ntanetị weebụ ma ọ bụ na ọnọdụ ahịrị iwu site na iji ọkụ firezone-ctl. E wuru interface weebụ dabere na Admin One Bulma.
Ugbu a, ihe niile Firezone na -arụ n'otu sava, Mana a na -ebido ọrụ ahụ site na anya na modular, na ọdịnihu, a na -eme atụmatụ ịgbakwunye ikike ikesa ihe maka interface weebụ, VPN na firewall na ndị ọbịa dị iche iche.
Atụmatụ ahụ kwukwara njikọta nke onye na-egbochi mgbasa ozi dabere na DNS, nkwado maka ndepụta nnabata na subnet, ikike iji nyochaa site na LDAP / SSO, yana ike njikwa onye ọrụ ọzọ.
N'ime njirimara akpọrọ Firezone:
- Ngwa ngwa: jiri WireGuard mee ngwa ngwa ugboro 3-4 karịa OpenVPN.
- Enweghị ntụkwasị obi: a na -ekekọta ntụkwasị obi niile maka Chef Omnibus.
- Dị Mfe: na -ewe nkeji ole na ole iji melite. Jikwaa site na CLI API dị mfe.
- Nchekwa: na -arụ ọrụ na -enweghị ihe ùgwù. A na -etinye HTTPS.
- Kuki ezoro ezo.
- Firewall gụnyere - Na -eji Linux nftables igbochi okporo ụzọ ọpụpụ na -achọghị.
Maka nrụnye, a na -enye ngwugwu rpm na deb maka nsụgharị dị iche iche nke CentOS, Fedora, Ubuntu na Debian, onye nrụnye ha anaghị achọ ịdabere na mpụga, ebe ọ bụ na etinyela ihe ndabere niile dị mkpa site na iji ngwa Chef Omnibus.
Na-arụ ọrụ, naanị ihe ị chọrọ bụ nkesa Linux nke nwere kernel Linux tupu 4.19 yana modul kernel jikọtara ya na WireGuard VPN.. Dị ka onye edemede si kwuo, ịmalite na ịhazi sava VPN nwere ike ime n'ime nkeji ole na ole. Akụkụ nke ihe nchọgharị weebụ na-agba n'okpuru onye ọrụ na-enweghị ihe ùgwù yana ịnweta ga-ekwe omume naanị na HTTPS.
Firezone nwere otu ngwugwu Linux na -ekesa nke onye ọrụ nwere ike itinye ma jikwaa ya. Edere koodu ọrụ ahụ na Elixir na Ruby, ma kesaa ya n'okpuru ikike Apache 2.0.
Finalmente ma ọ bụrụ na ị nwere mmasị ịmatakwu banyere ya ma ọ bụ ịchọrọ ịgbaso ntuziaka nwụnye, ị nwere ike mee ya site na njikọ na-esonụ.
Bụrụ onye mbụ ịza ajụjụ