Litaba pata
1 VAST Data Platform e Haheletsoeng ho Ithuta ka Tebileng
2 Litlhaloso
3 Selelekela
4 Tlhahlobo le Boikarabello
5 Mohaho oa VAST Cluster Architecture
6 Karolelano ea Boitsebiso le Phetoho
7 Asynchronous Replication
8 Boloka ho S3
9 Global Snapshot Clones
10 Qetello
11 LBH
12 Litokomane / Lisebelisoa
12.1 Litšupiso

TŠOANE-LOKO

VAST Data Platform e Haheletsoeng ho Ithuta ka Tebileng

Litlhaloso

  • Tlhaloso ea Boitsebiso: FIPS 140-3 li-ciphers tse netefalitsoeng
  • Tsamaiso ea Bohlokoa: Tsamaiso ea bohlokoa ea kantle
  • Taolo ea ho fihlella: RBAC, ABAC, ACLs, SELinux labeling
  • Netefatso: Ho kopanngoa le Active Directory, LDAP, NIS
  • Tšireletso ea Boitsebiso: Encryption nakong ea phomolo, netefatso e thehiloeng ho setifikeiti
  • Hlahloba: Ho rekoa ka botlalo ha liketsahalo tsa phihlello ea data

Selelekela

VAST Data Platform e fana ka likarolo tse felletseng tsa bokhoni ba ts'ireletso ho sireletsa lekunutu la data le ho nolofalletsa ho hira batho ba bangata bakeng sa mesebetsi e mengata e sa hlophisoang. E kopanya litsamaiso tse tsoetseng pele tsa phihlello, encryption, tlhahlobo, le mekhoa e sireletsehileng ea nts'etsopele ea software ho fihlela litlhoko tse thata tsa ts'ireletso le tsa ho latela.

Motheong oa eona, sethala se sebelisa Multi-Category Security (MCS) ho tsoa ho Security-Enhanced Linux (SELinux) ho abela mekhahlelo ho. files e nang le lintlha tsa bohlokoa tse sa hlophisoang joalo ka litokomane, litšoantšo le livideo. E lumelletsoe feela
basebelisi le lits'ebetso tse amanang le mekhahlelo eo ba ka fihlella data, ba thibela phihlello e sa lumelloeng. Sena se tlatselletsoa ke likarolo tse sireletsehileng tsa ho hira tse thehang maemo a ikhethileng kapa a 'mele bakeng sa lihlopha tse fapaneng, tse nang le taolo e pharalletseng holim'a kabo ea lisebelisoa, marang-rang le tumello ea phihlello.

Sethala se sebelisa mekhoa e matla ea netefatso le tumello, ho kenyeletsoa ho hokahana le Active Directory, LDAP, NIS, taolo ea basebelisi ba lehae, taolo ea phihlello e thehiloeng ho karolo (RBAC), le taolo ea phihlello e thehiloeng ho tšobotsi (ABAC). E ts'ehetsa ho saena ha motho a le mong (SSO), manane a taolo ea phihlello ea protocol (ACLs), le mabitso a SELinux bakeng sa files le li-directory tse fihletsoeng ka liprothokholo tsa NFS, SMB, le S3.

Ts'ireletso ea data e matlafatsoa ka ho ngolla data ha u phomotse ho sebelisoa li-ciphers tse netefalitsoeng tsa FIPS 140-3, taolo ea linotlolo tsa kantle, netefatso e thehiloeng ho setifikeiti, le bokhoni ba ho hlakola crypto. Tlhahlobo e felletseng e boloka liketsahalo tsohle tsa phihlello ea data, tse ka bolokoang polokelong ea sethala bakeng sa tlhahlobo.

Sethala sa phepelo ea software se sireletsehileng se kenyelletsa NIST Secure Software Development Framework, tlhahlobo ea sebopeho sa software, tlhahlobo e ikemetseng ea ts'ireletso, tlhahlobo ea ts'ireletso, le taolo e tiileng ea phihlello nakong eohle ea tsoelopele. Ka ho kopanya MCS e tsoetseng pele, ho hira ho sireletsehileng, ho patala, taolo ea phihlello, tlhahlobo le mekhoa e sireletsehileng ea nts'etsopele, VAST Data Platform e fana ka tharollo e matla ea ts'ireletso e etselitsoeng AI/ML le meroalo ea mesebetsi ea khoebo ho data e sa hlophisoang.

 

VAST-Data-Platform-Hahiloe-bakeng sa ho Ithuta-Tebile-FIG-1Taolo ea Lintlha le Tsamaiso ea Lintlha
VAST Data Platform e sebelisa encryption ea AES-XTS-256 bakeng sa data nakong ea phomolo le TLS 1.3 bakeng sa data e tsamaeang. E ts'ehetsa litharollo tsa mantlha tsa taolo ea kantle joalo ka Thales CipherTrust le Fornetix VaultCore.

  • Taolo ea NIST: SC-12 (Cryptographic Key Establishment and Management), SC-13 (Cryptographic Protection)
  • Setšupiso sa Tataiso ea Tsamaiso: Karolo: "Tšebiso ea Boitsebiso" [leq. 128]

Karolo ena e etsa bonnete ba hore data e patiloe ha u phomotse le ha u le leetong, ho e sireletsa ho fihlella ntle le tumello le ho netefatsa hore e latela melao ea cryptographic. Tšebeliso ea litsamaiso tsa bohlokoa tsa ka ntle li eketsa ts'ireletso ka ho beha bohareng le ho boloka mekhoa ea bohlokoa ea tsamaiso.

Taolo ea phihlello le tumello
Sebopeho: Sethala se kopanya Role-Based Access Control (RBAC) le Attribute-Based Access Control (ABAC) ho fana ka taolo ea phihlello e matla le ea granular.

  • Taolo ea NIST: AC-2 (Taolo ea Ak'haonte), AC-3 (Tiisetso ea Phihlello), AC-5 (Karohano ea Mesebetsi), AC-6 (Monyetla o Monyenyane)
  • Setšupiso sa Tataiso ea Tsamaiso: Karolo: "Tlhahiso e thehiloeng ho Attribute-Based Access Control (ABAC)" [leq. 269]

RBAC le ABAC li netefatsa hore phihlello ea lisebelisoa e fanoa ho ipapisitsoe le mesebetsi le litšoaneleho tsa basebelisi, ho tiisa molao-motheo oa ho se be le tokelo le ho netefatsa hore basebelisi ba fumana feela lisebelisoa tse hlokahalang bakeng sa mesebetsi ea bona. Sena se fokotsa kotsi ea phihlello e sa lumelloeng le litlolo tse ka bang teng tsa data.

Tlhahlobo le Boikarabello

  • Sebopeho: Bokhoni bo felletseng ba ho hlahloba ho kenyelletsa li-protocol le li-log tsa tlhahlobo ea admin.
  • Taolo ea NIST: AU-2 (Audit Events), AU-3 (Content of Audit Records), AU-6 (Audit Rekota)view, Tlhahlobo, le Tlaleho)
  • Reference Guide Guide: Karolo: Tlhahlobo ea Tsamaiso ea Ts'ebetso [leq. 243]

Likarolo tsa tlhatlhobo li fana ka lintlha tse qaqileng tsa lits'ebetso tsohle tsa phihlello le tsa tsamaiso, ho netefatsa hore mesebetsi eohle e ka lateloa le ho etsoa hape.viewed. Sena se bohlokoa bakeng sa ho lemoha le ho arabela litekong tse sa lumelloeng tsa phihlello le ho netefatsa ho tsamaellana le litlhoko tsa taolo.

Mohaho oa VAST Cluster Architecture

Eketsa Bokhoni ka boikemelo ho tsoa ho Ts'ebetso

VAST-Data-Platform-Hahiloe-bakeng sa ho Ithuta-Tebile-FIG-2

Phallo ea Boitsebiso le Karohano

  • Sebopeho: VLAN tagho hola le ho tlama, ho arola marang-rang, le ho laola phihlello ea protocol.
  • Taolo ea NIST: SC-7 (Tsireletso ea Moeli), SC-8 (Phetiso ea Lekunutu le Botšepehi)
  • Reference Guide Guide: Karolo: "Tagging Virtual IP Pools le VLANs” [leq. 147]

Ka ho arola marang-rang le ho laola phallo ea data ka VLAN tagging le ho tlama, sethala se tiisa hore data e arotsoe ebile e sirelelitsoe ho fihlella ho sa lumelloeng. Karolo ena e thusa ho boloka lekunutu le botšepehi ba data ha e ntse e tsamaea marang-rang.

Karolelano ea Boitsebiso le Phetoho

Sebopeho: Global Access e u lumella ho etsa hore karoloana ea sebaka sa mabitso sa sehlopha se baloe le ho ngola hore se fumanehe ho bareki ba lihlopha tse ling. Sena se nolofalletsa ho arolelana data ka mokhoa o sireletsehileng ha o ntse o boloka taolo holim'a phihlello.

  • Taolo ea NIST: AC-4 (Tlhahiso ea Phallo ea Litaba), SC-7 (Tsireletso ea Meeli)
  • Reference Guide Guide: Karolo: “ phihlello ea lefatše lohle” [leq. 413]

Karolo ena e fana ka taolo ea phihlello ea granular ho fihla boemong ba lethathamo la li-directory, linako tse lokiselitsoeng tsa ho felloa ke nako bakeng sa phihlello, le tlhahlobo ea liketsahalo tsa phihlello, ho netefatsa ho arolelana data ho sireletsehileng le ho laoloang lipakeng tsa lihlopha.

Asynchronous Replication

  • Sebopeho: Ho pheta-pheta ha Asynchronous ho lumella ho pheta-pheta karolo e nyane ea data ea sehlopha ho sehlopha se hole sa lithaka bakeng sa ho hlaphoheloa ha likoluoa ​​kapa merero ea ho aba data.
  • Taolo ea NIST: CP-9 (Bokapele ba Tsamaiso ea Litaba), SC-8 (Lekunutu la Phetiso le Botšepehi)
  • Reference Guide Guide: Karolo: "VAST Asynchronous Replication" [leq. 381]

Tšobotsi ena e tiisa hore ho ka 'na ha e-ba le phetisetso e sireletsehileng ho WAN, ho pheta-pheta ha granular boemong ba lenane, ho fihlella ho bala feela ho sepheo sa ho pheta-pheta, le ho beha leihlo boemo ba ho pheta-pheta, ho fana ka tšireletso e matla ea data le bokhoni ba ho khutlisa likoluoa.

Boloka ho S3

Sebopeho: U ka boloka data ho tsoa sehlopheng sa VAST ho ea lebenkeleng la lintho tse lumellanang le S3, ho nolofalletsa ho arolelana phihlello ea data eo.

  • Taolo ea NIST: CP-9 (Bokapele ba Tsamaiso ea Litaba), MP-5 (Tsireletso ea Lipalangoang tsa Mecha)
  • Reference Guide Guide: Karolo: "bekapo ho S3" [leq. 376]

Karolo ena e netefatsa phetisetso e sireletsehileng ho lipehelo tsa kantle tsa S3, bekapo ea granular boemong ba directory, ho se fetohe ha data ho sepheo sa S3, le ho lekola boemo ba bekapo, ho fana ka bekapo ea data e bolokehileng le e tšepahalang le bokhoni ba ho arolelana.

Global Snapshot Clones

  • Sebopeho: Theha li-clones tsa linepe ho tsoa sehlopheng sa lithaka tse hole, ho nolofalletsa phihlello e arolelanoang ea likopi tsa data tsa nako ka nako.
  • Taolo ea NIST: CP-9 (Bokapele ba Tsamaiso ea Litaba), SC-8 (Lekunutu la Phetiso le Botšepehi)
  • Reference Guide Guide: Karolo: "Li-Snapshot Clones tsa Lefatše le tsa Lehae" [leq. 425]

Karolo ena e fana ka phetisetso e sireletsehileng e patiloeng, ho kopanya granular maemong a snapshot, khokahano ea morao-rao ea liphetoho, le tlhahlobo ea liketsahalo tsa phihlello, ho netefatsa ho arolelana le ho laoloa ha data le ho hlaphoheloa.

Ts'ebetsong ea Zero Trust Architecture (ZTA).

  • Sebopeho: Ho ngolla data ka boiketsetso, ho lemoha ka mokhoa o sa hlakang, le linepe tse ke keng tsa senyeha.
  • Taolo ea NIST: CA-7 (Tlhokomelo e Tsoelang Pele), SI-4 (Tlhokomelo ea Tsamaiso ea Litaba)
  • Reference Guide Guide: Karolo: “Kopana ea Boitsebiso ba Zero Trust” [leq. 269]

Likarolo tsena li tšehetsa tlhahlobo e tsoelang pele le ho lemoha ka mokhoa o sa tloaelehang, e leng likarolo tsa bohlokoa tsa Zero Trust Architecture. Ho ngolla data ka boiketsetso ho netefatsa hore data e hlophisoa ka nepo ebile e sirelelitsoe, athe linepe tse sa senyeheng li fana ka mokhoa o tšepahalang oa ho khutlisa data le netefatso ea botšepehi.

Qetello

VAST Data Platform e eme ka pele ho indasteri ka ho kopanya likarolo tse tsoetseng pele tsa ts'ireletso le mehato ea ho lumellana le melao-motheo ea NIST Zero Trust Architecture (ZTA). Ka ho kenya ts'ebetsong ts'ireletso ea data e matla, taolo ea phihlello, tlhahlobo, le karohano ea phallo ea data, sethala se tiisa ts'ireletso e felletseng ea meroalo e sa hlophisoang ea data. Likarolo tsena ha li kopane feela empa li feta litlhoko tse thata tse behiloeng ke NIST, ho beha VAST Data e le moetapele oa tharollo e sireletsehileng ea taolo ea data.

Ho latela melao-motheo ea Zero Trust ea sethala ho bonahala ka ts'ebetsong ea eona e hlokolosi ea tlhahlobo e tsoelang pele, ho ngola data ka boiketsetso, le ho lemoha ka mokhoa o sa tloaelehang. Bokhoni bona bo netefatsa hore data e sirelelitsoe ka linako tsohle le hore litšokelo leha e le life tse ka bang teng li tsejoa ka potlako le ho fokotsoa. Tšebeliso ea Multi-Category Security (MCS) ho tsoa ho Security-Enhanced Linux (SELinux) ho abela mekhahlelo ho files e nang le lintlha tsa bohlokoa e boetse e fana ka mohlala oa boitlamo ba VAST Data ho melao-motheo ea Zero Trust, ho netefatsa hore basebelisi le lits'ebetso tse lumelletsoeng ke bona feela ba ka fihlelang tlhahisoleseling ea bohlokoa.

Kaha ke oa pele indastering ea ho fana ka likarolo tse ngata joalo tsa ts'ireletso tse lokiselitsoeng bakeng sa AI / ML le mesebetsi e mengata ea khoebo ho data e sa hlophisoang, VAST Data e beha maemo a macha bakeng sa ts'ireletso ea data. Ka ho sebelisa bokhoni bona bo tsoetseng pele, mekhatlo e ka khona ho laola le ho boloka lintlha tsa bona ka boits'epo, ho fihlela litlhoko tse thata tsa taolo le ho itšireletsa khahlanong le litšokelo tsa cyber. The VAST Data Platform ha e etelle pele indastering ea boqapi feela empa e boetse e fana ka motheo o tiileng oa ho kenya tšebetsong Zero Trust Architecture, ho netefatsa hore data e lula e bolokehile tikolohong e ntseng e rarahana ea dijithale.

Bakeng sa tlhaiso-leseling e batsi ka VAST Data Platform le hore na e ka u thusa joang ho rarolla mathata a kopo ea hau, ikopanye le rona ho hello@vastdata.com.
©2024 VAST Data, Inc. Litokelo tsohle li sirelelitsoe. Matshwao ohle a kgwebo ke a beng ba ona.

LBH

  • Zero Trust Architecture (ZTA) ke eng?
    • Zero Trust Architecture ke mohlala oa ts'ireletso o ipapisitseng le molao-motheo oa ho boloka taolo e tiileng ea phihlello le ho se tšepe mokhatlo ofe kapa ofe ka boiketsetso, ebang ke ka hare kapa kantle ho sebaka sa marang-rang.
  • VAST Data Platform e ntlafatsa ts'ireletso ea data joang?
    • VAST Data Platform e fana ka matla a ts'ireletso a tsoetseng pele joalo ka ho patala ha u phomotse, taolo e matla ea phihlello, tlhahlobo e felletseng, le ho hokahana le mekhoa e sireletsehileng ea netefatso ho sireletsa lekunutu le bots'epehi ba data.

Litokomane / Lisebelisoa

VAST Data Platform e Haheletsoeng ho Ithuta ka Tebileng [pdf] Bukana ea Mosebelisi
Sethala sa Boitsebiso se Ahetsoeng ho Ithuta ka Tebileng, Boitsebiso, Sethala se Ahiloeng Bakeng sa ho Ithuta ka botebo, se Haheletsoeng Thuto e tebileng, Thuto e tebileng, ho Ithuta.

Litšupiso

Tlohela maikutlo

Aterese ea hau ea lengolo-tsoibila e ke ke ea phatlalatsoa. Libaka tse hlokahalang li tšoailoe *