- I-TLS ivikela izikhathi ezithile zohlelo lokusebenza, kuyilapho i-VPN ibhala ngemfihlo yonke ithrafikhi edlula emhubheni wayo.
- I-IPsec isebenza kunethiwekhi futhi ilungele ama-VPN asuka kwenye indawo kuya kwenye kanye nokufinyelela okude okugcwele kunethiwekhi yangaphakathi.
- Ama-VPN e-SSL/TLS asekelwe kusiphequluli ahlinzeka ngokufinyelela okulawulwayo kuzinhlelo zokusebenza ezithile ngobunzima obuncane bokuzifaka.
- I-OpenVPN ihlanganisa i-TLS nemigudu yenethiwekhi eguquguqukayo, ewusizo kokubili ezindaweni zebhizinisi kanye nokusetshenziswa komuntu siqu.
Uma uqala ukubheka ukuthi ungavikela kanjani ukuxhumana kwakho ngendlela efanele, kulula ukudideka yizo zonke izifinyezo: I-TLS, i-SSL, i-VPN, i-IPsec, i-OpenVPN… njalo njalo. Uma uqala ukubheka, konke kuzwakala kufana: "ukubethela" kanye "nokuphepha," kodwa empeleni, akufezi indima efanayo noma kusetshenziswa ngendlela efanayo.
Kulesi sihloko sizochaza ngokuthula ukuthi umehluko phakathi kwe-TLS ne-VPNindlela ubuchwepheshe obufana ngayo I-IPsec, i-SSL/TLS kanye ne-OpenVPNIchaza ukuthi iyiphi inethiwekhi esebenza kuyo, ukuthi ibhala phansi ini, yiziphi izimo zokusebenzisa ezinazo emabhizinisini, nokuthi iyiphi okufanele uyisebenzise kuye ngesimo sakho. Konke kwethulwe ngolimi olucacile nolunengxoxo, kodwa ngaphandle kokulahla ubunzima bobuchwepheshe.
Iyini i-TLS (futhi kungani cishe wonke umuntu esasho i-SSL)
I-TLS (Ukuphepha Kwesendlalelo Sezokuthutha) Kuyiphrothokholi ye-cryptographic evikela ukuxhumana phakathi kwamaphuzu amabili ku-inthanethi, ngokuvamile phakathi kwesiphequluli neseva yewebhu, yize isetshenziselwa ne-imeyili, i-VoIP, i-VPN, ukuxhumana kwedatha, ama-API angaphakathi, i-IoT nokunye okuningi.
Umanduleli wakhe kwakungu I-SSL (Secure Sockets Layer)I-SSL, eyadalwa yi-Netscape maphakathi nawo-90s ukuze kuvikelwe ithrafikhi yewebhu, ikakhulukazi kwezentengiselwano ze-e-commerce kanye nezamabhange aku-inthanethi, yathandwa kakhulu kangangokuthi leli gama selizinzile manje, yize namuhla Zonke izinguqulo ze-SSL ziphelelwe yisikhathi Futhi esikusebenzisayo ngempela yi-TLS.
Isizathu soshintsho silula: i-SSL yayidonsa ubuthakathaka obukhulu (njengokuhlasela okudumile kwe-POODLE ku-SSL 3.0) okwavumela ulwazi olubucayi ukuthi lususwe ukubethela. Ukuze kulungiswe lezi zinkinga futhi kuqiniswe ukuphepha, i-TLS yaklanywa ngo-1999, manje eseyinguqulo 1.3 enentuthuko enkulu ekubetheleni, ukusebenza, kanye nokuvikelwa ekuhlaselweni kwanamuhla.
Empeleni, uma ubona umuntu ekhuluma "I-SSL VPN" noma “izitifiketi ze-SSL”, ngokuvamile empeleni zisebenzisa TLSIgama lomkhiqizo seliphelelwe yisikhathi, kodwa ubuchwepheshe obuvikela ukuxhumana buyinguquko yesimanje.
Indlela i-TLS esebenza ngayo ngokwejwayelekile
Uma iklayenti (isibonelo, isiphequluli sakho) lixhuma kuseva lisebenzisa i-HTTPS, lokho okubizwa ngokuthi Ukuxhawula kwe-TLS, "ukuxhawulana" kokuqala okusungula iseshini ephephile.
Kuleyo nqubo, iklayenti kanye neseva bayaxoxisana izinguqulo zephrothokholi kanye nama-algorithms okubethelaBashintshana ngolwazi ukuze bakhiqize okhiye bese iseva ithumela isitifiketi sedijithali, ekhishwe yi-Certification Authority ethembekile (CA).
Iklayenti liqinisekisa ukuthi isitifiketi siyasebenza, asikaphelelwa yisikhathi, sisayinwe yi-CA eyaziwayo, nokuthi isizinda esixhunywe kuso sifana neso esisesitifiketini. Kuphela uma konke kufana lapho uxhumano lwenziwa khona. isungula isiteshi esibethelwe.
Uma ukuxhawulana sekuqediwe, i-TLS isebenzisa i-cryptography ehambisanayo (enezihluthulelo zeseshini ezikhiqizwe ngokuphephile, ngokuvamile zisebenzisa I-Diffie-Hellman noma i-ECDH) kanye nezindlela zobuqotho ezifana I-HMAC ukuqinisekisa ukuthi idatha iyahamba ibhalwe ngemfihlo futhi ingashintshiwe.
Konke lokhu kwenzeka e- isendlalelo sohlelo lokusebenza Kumodeli ye-OSI: i-TLS yakhelwe phezu kwamaphrothokholi afana ne-HTTP, i-SMTP, i-IMAP, i-SIP, njll. Lokhu kusho ukuthi Ithrafikhi yohlelo lokusebenza kuphela ebethelwe ezilungiselelwe ngqo ukusebenzisa i-TLS, hhayi konke okuphuma kudivayisi.
Iyini i-VPN futhi ihluke kanjani ku-TLS?
Nakuba i-TLS ivikela izikhathi ezithile zohlelo lokusebenza, I-VPN (Inethiwekhi Yobumfihlo Ye-Virtual) Idala "umhubhe" obethelwe phakathi kwedivayisi yakho nenye inethiwekhi (ngokuvamile eyenkampani yakho, noma eyomhlinzeki we-VPN yezentengiselwano) nge-inthanethi.
Kuye ngephrothokholi esetshenziswa yi-VPN, lowo mhubhe usebenza ku- ungqimba lwenethiwekhi noma ku isendlalelo sohlelo lokusebenzaKodwa umqondo oyisisekelo uyafana: hlanganisa futhi ubhale phansi ithrafikhi ukuze, ku-inthanethi, kubonakale sengathi idivayisi yakho "ingaphakathi" kwaleyo nethiwekhi ekude.
Umehluko oyinhloko nge-TLS ububanzi: i-VPN elungiselelwe kahle ingakwazi bhala ngemfihlo yonke ithrafikhi yenethiwekhi kusuka kukhompyutha (hhayi isiphequluli nje kuphela), siqondise kabusha ngeseva ephakathi futhi sikunikeze ukufinyelela okusobala kwizinsizakusebenza zangaphakathi (amaseva wamafayela, amaphrinta, izizindalwazi, izinhlelo zokusebenza ezindala, njll.).
Uma abantu bebuza mayelana umehluko phakathi kwe-TLS ne-VPNEqinisweni, ngokuvamile iqhathanisa i-TLS ne I-IPsec VPN noma i-SSL/TLS VPNngoba lokhu kokugcina kuncike kumaphrothokholi okubethela (kufaka phakathi i-TLS) ukudala umhubhe.
Iyini i-IPsec futhi isetshenziswa kanjani ku-VPN?
I-IPsec (Ukuphepha Kwephrothokholi Ye-inthanethi) Kuyiqoqo lezinqubo ezenzelwe ukuhlinzeka ngokuphepha ezingeni lenethiwekhi ye-IP. I-IPsec iyaqinisekisa futhi ibethele iphakethe ngalinye le-IP yokuxhumana, ukuze ithrafikhi ephakathi kwamaphuzu amabili ivikelwe ngokuphelele, kufaka phakathi izihloko ezifanele.
Isetshenziswa kakhulu ezindaweni zezinkampani ukudala I-VPN yesiza-kuya (isibonelo, ukuxhumanisa ihhovisi elikhulu namagatsha) noma ukufinyelela kude lapho umsebenzisi ethola ukufinyelela okugcwele kunethiwekhi yangaphakathi.
I-IPsec ingasebenza kumodi umhubhe (kufaka wonke amaphakethe e-IP) noma kumodi ezokuthutha (ukuvikela umthwalo wephakheji). Kuzo zombili izimo, inikeza ubuqiniso, ubuqotho kanye nobumfihlo yedatha, futhi ivame ukuhlanganiswa ngokwendabuko kuma-router, ama-firewall, kanye nezinhlelo zokusebenza.
Inzuzo yayo eyinhloko ukuthi isebenza e- ungqimba lwenethiwekhi, okuvumela ukuthi ibethele yonke ithrafikhi phakathi kwama-endpoint e-VPN, kungakhathaliseki ukuthi yiziphi izinhlelo zokusebenza ezikhiqizayo. Lokhu kulungele ukuhlanganisa izingxenye zenethiwekhi yonke nokudala izimo eziyinkimbinkimbi. I-Net-to-Net noma i-Host-to-Net.
I-IPsec VPN: Izici, Ukusebenza, kanye Nokusetshenziswa Kwangempela
Una IPsec VPN Ithembele ku-IPsec ukwakha umhubhe ophephile phakathi kwedivayisi yomsebenzisi noma inethiwekhi ekude kanye nenethiwekhi yenkampani. Inqubo evamile iqala ngesigaba se ukuqinisekiswa okuhlangene kanye nokushintshaniswa kwezihluthulelo, futhi kuyaqhubeka nokubethela kwephakethe ngalinye ledatha.
Ngesikhathi sokudlulisa, i-IPsec ihlanganisa amaphakhejingokufaka izihloko ezithile (isibonelo, i-ESP – Encapsulating Security Payload) kanye nokubethela ulwazi. Indawo yokugcina kuphela enezinkinobho ezifanele engasusa ukubethela okuqukethwe.
Ama-VPN e-IPsec ayaziswa kakhulu ezinkampanini ngoba avumela ukuhlanganiswa okungenamthungo phakathi kwamanethiwekhi ahlukenengoba zilungiselelwe kuma-firewall noma kuma-router futhi ziyahambisana namapulatifomu amaningi. Ngokubuyisela, zivame ukudinga ukumisa okuyinkimbinkimbiikakhulukazi uma i-NAT, ama-subnet amaningi, izinqubomgomo zokuphepha ezinhle, noma ukuqinisekiswa okuthuthukisiwe kusebenza.
Ekufinyeleleni okukude, lolu hlobo lwe-VPN luvame ukudinga ikhasimende elithile kufakwe kukhompyutha yomsebenzisi. Uma esexhunyiwe, umsebenzisi uvame ukubonakala sengathi ungaphakathi kwenethiwekhi yenkampani, enokufinyelela kumaseva angaphakathi, amaphrinta, izinhlelo zokusebenza zangaphakathi, nezinye izinsiza.
Iyini i-SSL/TLS VPN futhi ihluke kanjani ku-IPsec?
Una I-SSL/TLS VPN (ngokuvamile ebizwa ngokuthi “i-SSL VPN”) isebenzisa iphrothokholi ye-SSL/TLS ukudala umhubhe obethelwe phakathi kwedivayisi yomsebenzisi kanye nesango le-VPN. Nakuba igama elithi “SSL” lisasetshenziswa, empeleni I-TLS yenza ukubethela.
Umehluko omkhulu ukuthi lolu hlobo lwe-VPN luvame ukuba "Kusekelwe kuwebhu"Umsebenzisi angafinyelela iphothali evikelekile ngesiphequluli esijwayelekile, aqinisekise, futhi afinyelele ngokuphephile izinhlelo zokusebenza zangaphakathi ze-HTTP/HTTPS, ngaphandle kwesidingo sokufaka isofthiwe yeklayenti eyengeziwe ezimweni eziningi.
Ngaphakathi, isiphequluli kanye nesango kusungula iseshini ephelele ye-TLS (ngokuxhawulana, izitifiketi, ukuxoxisana nge-algorithm, njll.), futhi yonke ithrafikhi phakathi kwazo iyahamba kubethelwe kusetshenziswa i-TLSLokhu kwenza i-SSL VPN iguquguquke kakhulu futhi kube lula ukuyisebenzisa, ikakhulukazi uma usebenza kude ngezikhathi ezithile noma ufinyelela izinhlelo zokusebenza ezithile.
Ngokungafani ne-IPsec, ebhala ngemfihlo yonke into ephuma ngenethiwekhi, i-SSL/TLS VPN Ngokuvamile igxila ezinhlelweni ezithile. (ikakhulukazi iwebhu), yize kunezinhlobo zohlobo lwe-tunnel ezingaqondisa kabusha ithrafikhi eningi, zisondela ekuziphatheni kwe-VPN "yakudala".
Izinhlobo zama-SSL VPN: i-portal kanye nomhubhe
izindlela ezimbili eziyinhloko Ngaphakathi kwama-VPN, ukuhlukaniswa kwe-SSL/TLS kuvame ukwenziwa okuchaza izinga lokufinyelela komsebenzisi nokuthi ithrafikhi ibethelwe ngempela.
Iyokuqala I-VPN ye-SSL Portal, eyaziwa nangokuthi i-VPN engenamakhasimende noma esekwe kuwebhu. Umsebenzisi ufaka i- Ingosi ye-HTTPSIyaqinisekisa futhi kusukela lapho iqala izinhlelo zokusebenza, ivule izixhumanisi zangaphakathi, ibuze amafayela, njll. Konke ekwenzayo kudlula ngesiphequluli futhi kubethelwe nge-TLS.
Le ndlela ilula kakhulu, njengoba umsebenzisi eyidinga kuphela isiphequluli sesimanjeKodwa inomkhawulo osobala: Ithrafikhi yesiphequluli kuphela ebethelweUma umsebenzisi evula olunye uhlelo lokusebenza (isibonelo, iklayenti ledeskithophu elixhumana neseva yangaphakathi), lelo thrafikhi ngeke lidlule ku-VPN, ngaphandle kokuthi sekubekwe indlela eyengeziwe.
Inketho yesibili yi- I-VPN ye-SSL Tunnel (ngezinye izikhathi ibizwa ngokuthi i-SSL network extender). Kulesi simo, kukhona Iklayenti le-VPN Isungula umhubhe obethelwe usebenzisa i-TLS futhi iqondise kabusha ithrafikhi yenethiwekhi (noma ingxenye yayo) ngaleyo mhubhe, ngakho-ke ulwazi lufana kakhulu ne-VPN yendabuko.
Le nketho ivumela ukufinyelela okubanzi kunethiwekhi yangaphakathi, kodwa ngokuzayo idinga ukufaka isofthiwe kumadivayisi nokuphatha umjikelezo wayo wokuphila. Ivame ukusetshenziswa ku- imishini eqondile ekude noma amaqembu amancane abasebenzisi ezidinga izinga eliphezulu lokuhlanganiswa nenethiwekhi yezinkampani.
Ukuqhathaniswa kwe-IPsec vs SSL/TLS: ungqimba lwe-OSI, ukubethela kanye nokuphepha
Umehluko obaluleke kakhulu phakathi kwe-IPsec ne-SSL/TLS yi- ungqimba lapho zisebenza khonaI-IPsec isebenza kusendlalelo senethiwekhi, kuyilapho i-SSL/TLS isebenza kusendlalelo sohlelo lokusebenza. Lokhu kuthinta kakhulu konke okunye.
Nge-IPsec, ukubethela kusetshenziswa ku- yonke ithrafikhi ye-IP edlula emhubheni: izinhlelo zokusebenza, amaphrothokholi angaphakathi, izinsizakalo ezindala, njll. Lokhu kunikeza ungqimba oluqinile nolulinganayo lokuvikela ukuxhumana phakathi kwamanethiwekhi wonke.
Ngakolunye uhlangothi, nge-SSL/TLS, kusetshenziswa ukubethela kuphela. izinhlelo zokusebenza ezihlanganiswa nephrothokholi (HTTP, SMTP, IMAP, njll.). Ku-VPN ye-SSL yohlobo lwe-portal, lokhu kusho ukuthi kuphela lokho okudlula kusiphequluli okubethelwe, kuyilapho yonke ithrafikhi isala ngaphandle komhubhe.
Ngokuphathelene nokuphepha, i-IPsec inikeza izinga eliphezulu kakhulu, nge ubuqiniso, ubuqotho kanye nobumfihlo ezingeni lenethiwekhi kanye nokuqina ngokumelene nezinhlobo eziningi zokuhlaselwa. I-SSL/TLS ingahlinzeka nangokuphepha okuhle kakhulu uma ihlelwe kahle, ngama-algorithms esimanje (i-AES, i-ECDHE, njll.), ukuqinisekiswa kwesitifiketi okuqinile, kanye nezinguqulo zakamuva zephrothokholi.
Isithende sika-Achilles se-SSL/TLS sivame ukuba ku- ukusetshenziswa okungekuhle noma ukucushwa okuxekethile (isibonelo, ukwamukela izitifiketi ezingavikelekile noma ukugcina izinguqulo eziphelelwe yisikhathi zephrothokholi zisebenza), kunokuba kube sekwakhiweni kwendinganiso ngokwayo.
Ukulula kokusetha, ukuhambisana nokusebenza
Ngokombono wokusebenza, zihlukile kakhulu I-IPsec kanye ne-SSL/TLS ngendlela ezisetshenziswa futhi ziphathwa ngayo.
I-IPsec iyi ihambisana kakhulu ngama-router, ama-firewall, kanye nezinhlelo zokusebenza zeseva nezedeskithophu, okwenza kube yisisekelo esiqinile kakhulu sezindawo zebhizinisi. Kodwa-ke, ukucushwa kwayo kuvame ukuba more complexikakhulukazi lapho kusetshenziswa imigudu eminingi, izinqubomgomo ezithuthukisiwe, ukuqinisekiswa kwesitifiketi, i-NAT, njll.
Ngakolunye uhlangothi, ama-VPN asekelwe ku-SSL/TLS ayasizakala ubuchwepheshe bewebhu obujwayelekileNgakho-ke, ezimweni eziningi isiphequluli sewebhu yisona kuphela esidingekayo. Ama-portal e-VPN anama-wizard nama-GUI asebenziseka kalula enza kube lula kakhulu ukubhaliswa komsebenzisi, ukwabiwa kwemvume, kanye nokusetshenziswa kwezinhlelo zokusebenza zangaphakathi.
Ngokuphathelene nokusebenza, i-IPsec ingaletha okungaphezu kancane kwalokho ukulayisha ngokweqile ngokubethela yonke ithrafikhi yenethiwekhi, kufaka phakathi i-IP header; uma ukhathazekile ngokuzinza, bheka ukuthi kanjani gcina uxhumano lwe-inthanethi luzinzileI-SSL/TLS, njengoba ivame ukuvikela izinhlelo ezithile kuphela, ivame ukuba lula kancane, yize empeleni zombili lezi zindlela zinikeza ukusebenza okwanele ngehadiwe yesimanje.
Lapho kunomehluko ocacile khona kuse- ukuphathwa kokufinyelelaI-IPsec ivame ukunikeza ukufinyelela "kwenethiwekhi" (ungafinyelela izinto eziningi ngesikhathi esisodwa), kuyilapho i-SSL/TLS ilula kakhulu uma ufuna ukunikeza ukufinyelela okuhlanganisiwe kwezinhlelo zokusebenza ezithile ngaphandle kokudalula yonke inethiwekhi.
I-OpenVPN: I-VPN esekelwe ku-SSL/TLS nge-OpenSSL
I-OpenVPN Ingenye yezindlela zokusebenzisa i-VPN ezisakazeke kakhulu, kokubili ezindaweni zezinkampani kanye naphakathi kwabahlinzeki bezentengiselwano. Ithembele kulabhulali I-OpenSSL ukusebenzisa i-cryptography ye-SSL/TLS nokudala imigudu evikelekile yezendlalelo ezintathu (umhubhe, tun) noma ku-layer 2 (ibhuloho, tap).
Enye yezinzuzo zayo ezinhle ukuguquguquka kwayo: ungayilungiselela kwimodi I-Host-to-Net (ukufinyelela okukude kusuka kukhompyutha kuya kunethiwekhi) noma I-Net-to-Net (xhumanisa wonke amanethiwekhi), bese ukhetha ukuthi uzokwenza nge-routing (inethiwekhi entsha ebonakalayo) noma nge-bridging (inethiwekhi efanayo neseva).
Ngokwengxenye ye-cryptographic, i-OpenVPN isebenzisa izitifiketi X.509 kanye ne-CA eyenziwe ngokwezifiso, engakhiqizwa kalula ngamathuluzi anjenge i-RSA elulaUmsebenzi ojwayelekile uhilela ukudala igunya lesitifiketi, isitifiketi/ukhiye weseva, kanye namapharamitha. UDiffie-Hellman kanye nezitifiketi zeklayenti ngalinye.
Kuseva, uhlobo lwesixhumi esibonakalayo luchazwa (dev tun o dev tap0), inethiwekhi ebonakalayo ezosetshenziselwa i-VPN, imizila ezokhangiswa kumakhasimende, kanye izindawo zezitifiketi nezihluthuleloI-OpenVPN inesibopho sokuqala ukuxhumana okuchazwe kumafayela .conf kusuka kufolda yokucushwa.
Kuklayenti, ukucushwa kuhlanganisa iseva yokusingatha kanye nemboboUhlobo lwedivayisi ebonakalayo (tun/tap), imizila okufanele idluliselwe nge-VPN, kanye nemizila yezitifiketi ze-CA kanye neklayenti uqobo kuyacaciswa. Ithrafikhi bese iqondiswa kabusha ngethuneli ngokuya ngefayela lokucushwa.
Imibuzo Evame Ukubuzwa: I-TLS vs VPN, i-SSL VPN vs i-VPN “yakudala”
Umbuzo ovame kakhulu ukuthi ngabe "I-SSL/TLS iphephile njenge-VPN"Impendulo efanele iwukuthi ziyizinto ezihlukile. I-TLS ivikela izikhathi zohlelo lokusebenzaI-VPN ivikela ukuxhumana kwenethiwekhi konke dlula emhubheni.
Ukusebenzisa i-TLS kuphela kusiphequluli sakho (i-HTTPS) kuvikela lokho okwenzayo kuwebhu, kodwa Ayibhali yonke ithrafikhi kusuka kudivayisi yakho (i-DNS, ezinye izinhlelo zokusebenza, njll.). I-VPN elungiselelwe kahle ingabhala ngemfihlo cishe yonke ithrafikhi, kufaka phakathi izinsizakalo ezingezona ezewebhu.
Ngakho-ke, ezimweni eziningi zezinkampani zombili izingqimba ziyahlanganiswa: eyodwa isungulwa I-IPsec noma i-SSL/TLS VPN ukufinyelela inethiwekhi yangaphakathi futhi, ngaphakathi kwaleyo nethiwekhi, izinhlelo zokusebenza ezibalulekile ziyaqhubeka nokusebenzisa I-HTTPS ene-TLSNgale ndlela, noma ngabe umhlaseli ukwazile ukungena ku-VPN, usazobhekana nokubethelwa kwe-TLS kwezinhlelo zokusebenza.
Okunye ukudideka okuvamile umehluko phakathi kwe- I-VPN “SSL” kanye "ne-VPN" ngaphandle kwencazelo eyengeziwe. Ngolimi oluvamile, abantu abaningi babiza izinsizakalo ze-VPN ngokuthi "ama-VPN". Ama-VPN ezentengiselwano, uhlobo lweklayenti (kusekelwe ku-IPsec, i-OpenVPN, i-WireGuard, njll.) ebhala ngemfihlo yonke ithrafikhi. Ngakolunye uhlangothi, i-“SSL VPN” ivame ukusetshenziselwa amaphothali okufinyelela kude asekelwe kusiphequluli avikela kuphela izinhlelo zokusebenza ezithile.
Ukukhetha phakathi kweyodwa noma enye kuzoncika ku- uhlobo lokufinyelela ofuna ukukunikeza, ulwazi lomsebenzisi olufunayo, kanye nezinga lokulawula inethiwekhi okudingeka uyilondoloze.
Amacala okusetshenziswa ajwayelekile e-TLS nama-VPN ahlukene
I-ecosystem yamanje I-TLS kanye ne-VPN kuhlanganiswa cishe kuwo wonke amabhizinisi aphakathi nendawo noma amakhulu, kanye nasemakhaya amaningi athatha ukuphepha ngokungathi sína.
TLS Isetshenziswa nsuku zonke ukuqinisekisa ukuthi I-HTTPSi-imeyili (i-TLS phakathi kweklayenti neseva naphakathi kwamaseva), i-VoIP, ukuxhumana kwedathabheyisi, ama-API omphakathi nawangasese, ukuhlanganiswa kwama-microservices ku-DevOps, ukuxhumana kwedivayisi ye-IoT nefu, ngisho nezinqubo zedeskithophu ezikude njenge-RDP.
I-Las IPsec VPN Ngokuvamile zigcinelwe isixhumanisi samanethiwekhi ayimfihlo (amagatsha, ozakwethu, izikhungo zedatha) kanye nokufinyelela kude ngabasebenzisi abadinga ukufinyelela cishe yonke indawo yangaphakathi ngokuphepha okuphezulu.
I-Las I-SSL/TLS VPN Amadivayisi ohlobo lwe-portal ayithuluzi elikhethwayo lokunikeza ukufinyelela okulawulwayo ku- izinhlelo zokusebenza zewebhu ezithile (ama-portal angaphakathi, i-webmail, izinhlelo zokusebenza zebhizinisi) ngaphandle kokuvula yonke inethiwekhi yangaphakathi. Iqiniso lokuthi zisebenza kusuka kuziphequluli ezijwayelekile lizenza zilungele ukusebenza kude kusetshenziswa amadivayisi omuntu siqu.
Izivumelwano ezifana I-OpenVPN Bahlanganisa okuhle kakhulu emhlabeni womabili ngokuthembela ku-TLS ukuze babhale ngemfihlo, kodwa banikeza umhubhe wenethiwekhi ophelele, oguquguqukayo kakhulu ngokwemigomo (i-Host-to-Net, i-Net-to-Net, ibhuloho vs umhubhe, njll.) futhi kulula ukuzivumelanisa nezimo ezahlukene.
Emkhakheni wasekhaya kanye namabhizinisi amancane, ama-VPN asekelwe ku-TLS ayi- inketho enenzuzo kakhulu ukunikeza ukufinyelela okukude okuphephile ngaphandle kokutshalwa kwezimali okukhulu kuhadiwe noma ukucushwa okweqile, uma nje kunakekelwa ngezitifiketi nezinguqulo zephrothokholi.
Zombili i-TLS kanye nezindlela ezahlukene ze-VPN zakha izingcezu ezihambisanayo zephazili efanayo: vikela ubumfihlo, ubuqotho kanye nobuqiniso idatha edluliselwayo. I-TLS igxile ekuvikeleni izinhlelo zokusebenza ezithile, kuyilapho ama-VPN (i-IPsec, i-SSL/TLS noma i-OpenVPN) enweba lokho kuvikelwa kumanethiwekhi aphelele noma kuwo wonke umthamo wedivayisi, okukuvumela ukuthi wakhe kusukela ekufinyeleleni okulula okukude kuya ekwakhiweni okuyinkimbinkimbi kwamanethiwekhi axhunyiwe anezinga eliphezulu lokuphepha.
