Zamkatimu kubisa
1 VAST Data Platform Yopangidwira Kuphunzira Mozama
2 Zofotokozera
3 Mawu Oyamba
4 Audit ndi Accountability
5 The VAST Cluster Architecture
6 Kugawana Data ndi Kubwereza
7 Asynchronous Replication
8 Sungani ku S3
9 Global Snapshot Clones
10 Mapeto
11 FAQ
12 Zolemba / Zothandizira
12.1 Maumboni

VAST-LOGO

VAST Data Platform Yopangidwira Kuphunzira Mozama

Zofotokozera

  • Kubisa Kwa data: FIPS 140-3 zilembo zovomerezeka
  • Kuwongolera Mfungulo: Kuwongolera makiyi akunja
  • Access Control: RBAC, ABAC, ACLs, SELinux kulemba
  • Kutsimikizira: Kuphatikiza ndi Active Directory, LDAP, NIS
  • Chitetezo cha Data: Kubisa pakupuma, kutsimikizika kozikidwa pa satifiketi
  • Kuwunika: Kudula mitengo mwathunthu kwa zochitika zofikira pa data

Mawu Oyamba

VAST Data Platform imapereka mwayi wokwanira wachitetezo kuti muteteze chinsinsi cha data ndikupangitsa kuti pakhale chitetezo chambiri pazantchito zosakonzedwa. Imaphatikiza zowongolera zotsogola, kubisa, kuwunika, ndi njira zotetezedwa zamapulogalamu kuti zikwaniritse zofunikira zachitetezo ndi kutsata.

Pachimake, nsanjayi imagwiritsa ntchito Multi-Category Security (MCS) kuchokera ku Security-Enhanced Linux (SELinux) kuti igawire magulu ku. files omwe ali ndi data yosasinthika ngati zolemba, zithunzi, ndi makanema. Zololedwa zokha
ogwiritsa ntchito ndi njira zomwe zimagwirizanitsidwa ndi magulu amenewo amatha kupeza deta, kulepheretsa kupeza kosaloledwa. Izi zimaphatikizidwa ndi zinthu zotetezedwa zomwe zimapanga malo omveka bwino kapena owoneka bwino amagulu osiyanasiyana, ndikuwongolera pang'onopang'ono pakugawidwa kwazinthu, maukonde, ndi zilolezo zofikira.

Pulatifomuyi imagwiritsa ntchito njira zotsimikizirika komanso zololeza, kuphatikiza kuphatikiza ndi Active Directory, LDAP, NIS, kasamalidwe ka ogwiritsa ntchito am'deralo, kuyang'anira njira zolumikizirana ndi maudindo (RBAC), ndi kuwongolera kochokera pamalingaliro (ABAC). Imathandizira kusaina kamodzi (SSO), mindandanda yowongolera ma protocol (ACLs), ndi zilembo za SELinux za files ndi maulalo ofikira kudzera pa ma protocol a NFS, SMB, ndi S3.

Chitetezo cha data chimalimbikitsidwa kudzera mu kubisa kwa data popumula pogwiritsa ntchito FIPS 140-3 zovomerezeka za ciphers, kasamalidwe ka makiyi akunja, kutsimikizika kozikidwa pa satifiketi, ndi kuthekera kochotsa crypto. Kuwunika kwatsatanetsatane kumalowetsa zochitika zonse zopezera deta, zomwe zitha kusungidwa mu database ya nsanja kuti ziwunikenso.

Pulogalamu yotetezedwa yapulogalamuyi imaphatikizapo NIST Secure Software Development Framework, kusanthula kapangidwe ka mapulogalamu, kuyezetsa chitetezo chodziwikiratu, kuyang'ana pachiwopsezo, ndikuwongolera mosamalitsa mwayi wofikira pachitukuko chonse. Kuphatikiza MCS yapamwamba, kukhala ndi nyumba zotetezedwa, kubisa, kuwongolera mwayi wofikira, kuwunika, ndi njira zotetezedwa zachitukuko, VAST Data Platform imapereka yankho lolimba lachitetezo logwirizana ndi AI/ML ndi kuchuluka kwa mabizinesi pazinthu zosakonzedwa.

 

VAST-Data-Platform-Yomangidwira-Kuphunzira Mwakuya-FIG-1Kubisa kwa Data ndi Key Management
VAST Data Platform imagwiritsa ntchito encryption ya AES-XTS-256 kuti ipeze data popuma ndi TLS 1.3 pa data paulendo. Imathandizira mayankho ofunikira akunja monga Thales CipherTrust ndi Fornetix VaultCore.

  • NIST Control: SC-12 (Cryptographic Key Establishment and Management), SC-13 (Cryptographic Protection)
  • Maupangiri Otsogolera: Gawo: "Kubisa Kwa data" [p. 128]

Izi zimatsimikizira kuti deta imasungidwa mwachinsinsi popuma komanso podutsa, ndikuyiteteza kuti isapezeke mwachisawawa ndikuwonetsetsa kuti ikutsatira mfundo zachinsinsi. Kugwiritsiridwa ntchito kwa kasamalidwe kazinthu zakunja kumawonjezera chitetezo mwa kuika pakati ndi kuteteza njira zazikulu zoyendetsera ntchito.

Access Control ndi Authorization
Chiwonetsero: Pulatifomu imaphatikiza Role-Based Access Control (RBAC) ndi Attribute-Based Access Control (ABAC) kuti ipereke chiwongolero champhamvu komanso chaching'ono.

  • NIST Control: AC-2 (Akaunti Kasamalidwe), AC-3 (Kuthandizira Kupeza), AC-5 (Kulekanitsa Maudindo), AC-6 (Mwayi Wochepa)
  • Zolozera Zautsogoleri: Gawo: "Attribute-Based Access Control (ABAC)" [p. [Chithunzi patsamba 269]

RBAC ndi ABAC zimawonetsetsa kuti mwayi wopeza zinthu umaperekedwa potengera maudindo ndi zomwe ogwiritsa ntchito, kutsata mfundo yamwayi wocheperako ndikuwonetsetsa kuti ogwiritsa ntchito ali ndi mwayi wopeza zofunikira pazantchito zawo. Izi zimachepetsa chiwopsezo cha mwayi wofikira mosaloledwa komanso kuphwanya kwa data komwe kungachitike.

Audit ndi Accountability

  • Mbali: Kuthekera kowunikira kokwanira kuphatikiza ma protocol ndi ma admin audit logs.
  • Kuwongolera kwa NIST: AU-2 (Audit Events), AU-3 (Content of Audit Records), AU-6 (Audit Review, Analysis, ndi Reporting)
  • Maupangiri a Administrator: Gawo: Kuwunika kwa Protocol [p. [Chithunzi patsamba 243]

Zowunikira zimapereka zidziwitso zatsatanetsatane za njira zonse zopezera ndi kuyang'anira, kuwonetsetsa kuti zochitika zonse zitha kutsatiridwa ndi kukonzanso.viewed. Izi ndizofunikira kwambiri pakuzindikira ndikuyankha zoyeserera zosaloleka ndikuwonetsetsa kuti zikutsatira zofunikira.

The VAST Cluster Architecture

Silitsani Mphamvu Mopanda Pantchito

VAST-Data-Platform-Yomangidwira-Kuphunzira Mwakuya-FIG-2

Kuyenda kwa Data ndi Kugawa

  • Mbali: Zithunzi za VLAN tagging ndi kumanga, kugawanika kwa maukonde, ndi kulamulira pa ma protocol.
  • Kuwongolera kwa NIST: SC-7 (Chitetezo cha Malire), SC-8 (Kutumiza Chinsinsi ndi Kukhulupirika)
  • Maupangiri a Administrator: Gawo: "Tagging Maiwe a Virtual IP okhala ndi ma VLAN" [p. 147]

Mwa kugawa maukonde ndikuwongolera kuyenda kwa data kudzera mu VLAN tagging ndi kumangiriza, nsanja imatsimikizira kuti deta ili yokha ndikutetezedwa ku mwayi wosaloledwa. Gawoli limathandizira kusunga chinsinsi ndi kukhulupirika kwa deta pamene ikuyenda pa netiweki.

Kugawana Data ndi Kubwereza

Mbali: Global Access imakupatsani mwayi wopanga magawo ang'onoang'ono a mayina a gulu kuti awerenge ndi kulemba kuti makasitomala amagulu ena azipezeka. Izi zimathandiza kugawana deta motetezedwa kwinaku mukusunga njira zofikira.

  • Kuwongolera kwa NIST: AC-4 (Information Flow Enforcement), SC-7 (Chitetezo cha Malire)
  • Maupangiri a Administrator: Gawo: “Kufikira Padziko Lonse” [p. 413]

Izi zimapereka mwayi wofikira pang'onopang'ono mpaka mulingo wa chikwatu, nthawi yotha ntchito yobwereketsa kuti mufikire, ndi kuwunika zochitika zopezeka, kuwonetsetsa kugawana deta yotetezedwa ndi yoyendetsedwa pakati pamagulu.

Asynchronous Replication

  • Mbali: Kubwereza kwa Asynchronous kumathandizira kubwereza kagawo kakang'ono ka gulu ku gulu la anzawo akutali kuti athe kubwezeretsanso tsoka kapena kugawa deta.
  • Kuwongolera kwa NIST: CP-9 (Zosunga Zosunga Zachidziwitso), SC-8 (Chinsinsi Chotumiza ndi Kukhulupirika)
  • Maupangiri a Administrator: Gawo: "VAST Asynchronous Replication" [p. 381]

Izi zimatsimikizira kubwereza kwachinsinsi pa WAN, kubwerezabwereza pang'onopang'ono pamndandanda wazinthu, mwayi wowerenga-pokha pa chandamale chobwereza, ndi kuyang'anira momwe kubwerezera, kupereka chitetezo champhamvu cha deta ndi mphamvu zobwezeretsa masoka.

Sungani ku S3

Mbali: Mutha kusungitsa deta kuchokera pagulu la VAST kupita ku sitolo yogwirizana ndi S3, zomwe zimathandizira kugawana datayo.

  • Kuwongolera kwa NIST: CP-9 (Zosunga Zosunga Zachidziwitso), MP-5 (Chitetezo cha Media Transport)
  • Maupangiri a Administrator: Gawo: "Kusunga zosunga zobwezeretsera ku S3" [p. 376]

Izi zimatsimikizira kusamutsa kotetezedwa ku zolinga zakunja za S3, zosunga zobwezeretsera pang'onopang'ono pamasinthidwe, kusasinthika kwa data pa chandamale cha S3, ndikuwunika momwe zilili zosunga zobwezeretsera, kupereka zotetezedwa ndi zodalirika zosunga zobwezeretsera ndikugawana.

Global Snapshot Clones

  • Mbali: Pangani zithunzi zowerengera / kulemba kuchokera kugulu la anzanu akutali, ndikupangitsa mwayi wogawana nawo makope a data-in-time.
  • Kuwongolera kwa NIST: CP-9 (Zosunga Zosunga Zachidziwitso), SC-8 (Chinsinsi Chotumiza ndi Kukhulupirika)
  • Maupangiri a Administrator: Gawo: "Zojambula Zapadziko Lonse ndi Zam'deralo" [p. 425]

Mbali imeneyi imapereka kusamutsa kotetezedwa kotetezedwa, kupangidwa kwa granular pamlingo wazithunzi, kulunzanitsa zakumbuyo kwa zosintha, ndi kuwunikira zochitika zofikira, kuonetsetsa kugawana kotetezedwa ndi kuwongolera deta ndikuchira.

Zero Trust Architecture (ZTA) Implementation

  • Mbali: Kulemba ma data paotomatiki, kuzindikira mosadziwika bwino, ndi zithunzi zosawonongeka.
  • Kuwongolera kwa NIST: CA-7 (Continuous Monitoring), SI-4 (Information System Monitoring)
  • Maupangiri a Administrator: Gawo: "Zero Trust Data Pillar" [p. [Chithunzi patsamba 269]

Izi zimathandizira kuwunika kosalekeza komanso kuzindikira kosadziwika bwino, zomwe ndizofunikira kwambiri pa Zero Trust Architecture. Kulemba ma data pawokha kumatsimikizira kuti deta imasankhidwa moyenerera ndikutetezedwa, pomwe zithunzi zosawonongeka zimapereka njira yodalirika yobwezeretsa deta ndikutsimikizira kukhulupirika.

Mapeto

VAST Data Platform imayima patsogolo pamakampaniwo pophatikiza zida zapamwamba zachitetezo ndi njira zotsatirira zomwe zimagwirizana ndi mfundo za NIST Zero Trust Architecture (ZTA). Pogwiritsa ntchito kubisa kwa data kolimba, kuwongolera mwayi wofikira, kuwunika, ndi kugawa magawo amtundu wa data, nsanja imatsimikizira chitetezo chokwanira chazochulukira za data zomwe sizinapangidwe. Izi sizimangokwaniritsa komanso kupitilira zofunikira zokhazikitsidwa ndi NIST, ndikuyika VAST Data ngati mtsogoleri pakuwongolera njira zotetezedwa.

Kutsatiridwa kwa nsanja ku mfundo za Zero Trust kumawonekera pakukhazikitsa kwake mosalekeza kuwunika mosalekeza, kulemba ma data pawokha, komanso kuzindikira molakwika. Kuthekera kumeneku kumawonetsetsa kuti deta imatetezedwa nthawi zonse komanso kuti ziwopsezo zilizonse zomwe zitha kuzindikirika ndikuchepetsedwa. Kugwiritsa ntchito Multi-Category Security (MCS) kuchokera ku Security-Enhanced Linux (SELinux) kuti agawire magulu ku files omwe ali ndi chidziwitso chodziwika bwino akuwonetseranso kudzipereka kwa VAST Data ku mfundo za Zero Trust, kuwonetsetsa kuti ogwiritsa ntchito ovomerezeka okha ndi njira zomwe angathe kupeza zambiri.

Monga woyamba m'makampani kuti apereke chitetezo chokwanira chotere cha AI / ML ndi ntchito zamabizinesi pazinthu zosasinthika, VAST Data ikukhazikitsa mulingo watsopano woteteza deta. Pogwiritsa ntchito luso lapamwambali, mabungwe amatha kuyang'anira ndi kuteteza deta yawo molimba mtima, kukwaniritsa zofunikira zowongolera ndikudziteteza kuti asawopsezedwe pa intaneti. VAST Data Platform sikuti imangotsogolera bizinesiyo muzatsopano komanso imapereka maziko olimba pakukhazikitsa Zero Trust Architecture, kuwonetsetsa kuti deta imakhalabe yotetezeka m'malo ovuta kwambiri a digito.

Kuti mumve zambiri pa VAST Data Platform ndi momwe ingakuthandizireni kuthana ndi zovuta zanu, lemberani ku hello@vastdata.com.
©2024 VAST Data, Inc. Ufulu wonse ndi wotetezedwa. Zizindikiro zonse ndi za eni ake.

FAQ

  • Kodi Zero Trust Architecture (ZTA) ndi chiyani?
    • Zero Trust Architecture ndi chitsanzo chachitetezo chozikidwa pa mfundo yosunga zowongolera zofikira komanso osadalira chilichonse mwachisawawa, kaya mkati kapena kunja kwa netiweki.
  • Kodi VAST Data Platform imakulitsa bwanji chitetezo cha data?
    • VAST Data Platform imapereka mphamvu zotsogola zachitetezo monga kubisa popuma, kuwongolera kolowera, kuwunika kokwanira, ndikuphatikiza ndi njira zotsimikizira zotetezedwa kuti muteteze chinsinsi ndi kukhulupirika kwa data.

Zolemba / Zothandizira

VAST Data Platform Yopangidwira Kuphunzira Mozama [pdf] Buku Logwiritsa Ntchito
Platform ya Data Yopangidwira Kuphunzira Mozama, Deta, Pulatifomu Yopangidwira Kuphunzira Mozama, Yopangidwira Kuphunzira Mozama, Kuphunzira Mozama, Kuphunzira

Maumboni

Siyani ndemanga

Imelo yanu sisindikizidwa. Minda yofunikira yalembedwa *