OpenZiti -Iyo yakavhurika sosi purojekiti yekushandisa zero trust overlay network 

Darkcrizt

4 maminitsi

OpenZiti

OpenZiti ndeye yemahara uye yakavhurika sosi purojekiti yakatarisana nekubatanidza zero trust networking nheyo.

A zero trust network inzira yekuchengetedza based tichifunga kuti kubatana kwese uye kupera kunoonekwa sekutyisidzira, kunyangwe ivo vari mukati mekambani kana yakavimbika network. Panzvimbo pekuvimba zvachose zvishandiso kana vashandisi, zero-trust network inogara ichisimbisa kuzivikanwa uye kuchengetedza mamiriro ega ega chikamu chetiweki isati yapa mukana kune zviwanikwa kana data.

Iyo zero trust yekuchengetedza modhi inova nechokwadi chekuti data uye zviwanikwa hazviwanikwe nekukasira. Vashandisi Ivo vanogona chete kuvawana kusvika pamwero wakati mune chaiwo mamiriro, izvo zvinozivikanwa sekunge rombo rakanaka kuwana. Iyi modhi inosimbisa uye inobvumidza kubatana kwega kwega, senge kana mushandisi abatanidza application kana software kune seti yedata kuburikidza neapplication programming interface (API), kuve nechokwadi chekuti kudyidzana kunosangana nezvinodiwa nesangano rekuchengetedza.

MuLinux kune akasiyana mhinduro kuitira kuita zero trust network uye OpenZiti mumwe wavo.

Chii chinonzi OpenZiti?

OpenZiti inoratidzwa seti yezvishandiso izvo inofambisa kubatanidzwa kwekushanda kwekudyidzana mumatiweki akagoverwa uye kugadzira mambure epamusoro yakanangana nemashandisirwo arikugadziridzwa, anoshanda pamusoro peyakajairika Internet uye kushandisa mesh nzira inobatanidza imwe neimwe poindi yetiweki kuburikidza nevavakidzani node.

OpenZiti ndiye pakutanga yakagadzirirwa kuvaka network inovimbisa kuchengetedza traffic uye kuzviparadzanisa nevamwe munzvimbo dzisina kuchengetedzwa, uko node dzinogona kukanganisa (ichitevera Zero Trust architecture). Iyi tekinoroji inogona kushandiswa kugadzirisa kutaurirana nemaapplication pane kuvimba neVPN. Iyo network inoshanda kuburikidza nemutongi anogadzirisa zvigadziriso, kutendeseka uye masevhisi, pamwe nemanodhi anoita sema routers achigadzira mesh network uye chiteshi traffic kuburikidza ivo pachavo. Masevhisi anogona kuwedzerwa kuyera kuyera uye kukanganisa kushivirira.

Kuwana kune yakavharidzirwa network ndeye OpenZiti Edge mutengi iyo inokutendera kuti ubatanidze kubva kune yekunze network kune yakawandisa network yakagadzirwa neOpenZiti. Iye To inogonesa kugadzirwa kwematanho uye maseva eproxy kuti adzore traffic pakati peyakajairwa uye overlay network, kufambisa kupindirana kubva kunze nemashandisirwo emukati uye kuwana kune zviripo zvikumbiro izvo zvisati zvave nerutsigiro rweiyo overlay network.

El Kuwana kunetiweki uye kugamuchira data kubva kuDNS maseva zvinogoneka chete mushure mekupfuura nekubvumidzwa kwemvumo uye kuvimbiswa.. Pasina mvumo inoenderana, mutengi haakwanise kuona kuwanikwa kwesevhisi kana kubatana nayo. Yese traffic inodzivirirwa uchishandisa mTLS (mutual authentication, apo mutengi uye server inosimbisa mumwe nemumwe) uye yekupedzisira-kusvika-kumagumo encryption (uchishandisa ChaCha20-Poly1305), izvo zvinoreva kuti kukanganisa network node hazvibvumire traffic kuti ionekwe . Kune encryption, mabasa kubva ku libsodium raibhurari anoshandiswa.

Pakati pezvishandiso zvakakurumbira vanoshandisa OpenZiti vanowana iyo data exchange platform Zrok uye browZer ecosystem, izvo zvinoita kuti zvive nyore kuendesa mawebhusaiti pane inodarika network. Pamusoro pekugadzira mashandisirwo etiweki akaparadzirwa, OpenZiti inokodzera kugadzira yakavanzika network inokwanisa kuwana maAPI, mawebhusaiti kana akavanzika dhatabhesi. Iyo zvakare inobvumidza iwe kuvanza Kubernetes-yakavakirwa masisitimu mukati meinovharira network uye kutonga masisitimu nemidziyo kure pasina chikonzero chekugadzirisa firewall kana kushandisa VPNs.

Iye zvino, OpenZiti iri muvhezheni 1.0 uye mariri API kugadzikana kwema routers uye controller (kare, kugadzikana kwaivimbiswa chete kune vatengi). Kutanga nekuburitswa uku, iyo API neCLI ichave kumashure inoenderana, uye chero chinhu chinobviswa chinotevedzera pre-deprecation maitiro asati abviswa zvachose, kana paine shanduko yakakosha munhamba yeshanduro. Shanduro itsva iyi inosanganisirawo kumwe kuyedzwa, sekufananidza kwekutadza kwechikamu chetiweki, ichibvumira kusimbiswa kwekugadzikana kwetiweki mumamiriro ezvinhu ekukurumidzira uye kugona kwayo kupora nekudzoka kune yakajairika kushanda mushure mekukanganisa kwagadziriswa.

Kana iwe uchifarira kudzidza zvakawanda nezvazvo, iwe unofanirwa kuziva kuti application yacho yakagoverwa pasi peApache 2.0 rezinesi uye unogona kubvunza iwo ruzivo pa. chinotevera chinongedzo.


Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira iyo data: Miguel Ángel Gatón
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako