株式会社グローバルアイティー | Network & Security Engineering

投稿者: 69578300

  • Russian verbal prefixes

    Russian verbal prefixes

    Для сетевых инженеров

    Для компьютерных сетевых инженеров
    Дальше — инфинитивных:所属・性質(形容詞語尾)
    вых:「系」っぽく見えるが、語彙依存(固定表現)

    “`html

    Technical Inquiry

    If this article relates to your network architecture, security design, or infrastructure modernization, feel free to contact us.

    Email:
    contact@g-i-t.jp

    Related Architecture Solutions

    Typical network architecture solutions designed and implemented by GIT. These patterns are derived from real enterprise environments and long-term operational experience.

    View Network Architecture Solutions
    Back to Home

    “`

  • Мы можем предоставить L2-коммутатор, который функционирует как межсетевой экран нового поколения.Этот режим называется «прозрачный режим» (Transparent Mode).

    Мы можем предоставить L2-коммутатор, который функционирует как межсетевой экран нового поколения.Этот режим называется «прозрачный режим» (Transparent Mode).

    Тема этой статьи сама по себе не является новой технологией, но сейчас я занимаюсь исследованиями сетевых технологий, которые будут актуальны через пять и более лет.
    На время я приостановлю обновление статей, чтобы сосредоточиться на исследовательской работе.

    “`html

    Technical Inquiry

    If this article relates to your network architecture, security design, or infrastructure modernization, feel free to contact us.

    Email:
    contact@g-i-t.jp

    Related Architecture Solutions

    Typical network architecture solutions designed and implemented by GIT. These patterns are derived from real enterprise environments and long-term operational experience.

    View Network Architecture Solutions
    Back to Home

    “`

  • On Traditional NGFWs and NGINX

    On Traditional NGFWs and NGINX

    Referring to next-generation firewalls as “traditional” may sound like a black joke.
    However, with the wider adoption of HTTP/3 and QUIC, the scope of encryption has expanded to the point where even DNS traffic is encrypted. Under such conditions, concerns are emerging that techniques such as URL filtering and FQDN-based routing may no longer function as expected.

    When NGINX was acquired by F5 in 2019, I initially assumed that appliance-based load balancers were approaching the end of their lifecycle. For a moment, it seemed reasonable to think that the era of BIG-IP would continue for quite some time. More recently, however, discussions around freenginx have surfaced, adding another layer of nuance to that assumption.

    As was also the case with Netscreen, the interpretation of corporate acquisitions and related developments can vary significantly depending on the reader’s professional background. This highlights the importance of being someone who can read and interpret such information carefully—particularly as an engineer, but not only as one.

  • Risk reduction and cost reduction can be achieved simultaneously

    Risk reduction and cost reduction can be achieved simultaneously

    I consider this to be a very obvious point.

    However, in practice, many people seem to assume that these factors are a trade-off — that they are inherently in conflict with one another.

    I will begin by discussing concrete examples from a micro-level, on-the-ground perspective.

    How to strHigh-risk tasks are typically addressed at an early stage.
    The reasoning is straightforward: if a rollback were to become necessary, the time required could be kept to a minimum.

    Additionally, in the initial phases, extra time buffers are intentionally allocated to higher-risk action items.
    As the project progresses, the remaining tasks generally tend to involve lower levels of risk, which can help reduce overall time pressure and stress.
    This approach often contributes to a higher likelihood of success over the course of the project.ucture a WBS and timeline

    Risk management is not about pushing risks to the later stages, but rather about addressing them early by design.

    Reduction of non-compliant or unjustified expenses

    t is not uncommon to encounter organizations where a culture persists in which unnecessary business trips are justified under the pretext of network maintenance.
    This represents a direct inefficiency in terms of cost, and at the same time poses a risk to organizational integrity and morale.

    Case Example 1: Unnecessary On-Site Work for Firewall Deployment

    • In the past, each new customer required an on-site visit for firewall deployment.
      However, these customers were, in effect, comparable to tenants occupying the same building.

    Improvement approach:
    A single pair of firewalls was placed on-site, and the design was revised so that additional SVI instances (virtual interfaces, effectively functioning as virtual firewalls) could be provisioned remotely as needed.

    As a result, business travel costs were effectively reduced to zero.

    Case Example 2: Business Travel Solely for Packet Capture

    • In one organization, staff members were traveling on-site solely to perform packet capture.

    Improvement approach:
    A combination of remote desktop access and remote SPAN was implemented, allowing mirrored traffic (referred to in IPA terminology as a “mirror port”) to be forwarded to a remote location for packet capture.

    This approach reduced travel-related costs and labor time, and also helped alleviate the psychological burden on the personnel involved.

    Rationalization of Equipment Procurement

    • We asked the vendor whether it would be possible to keep a small amount of inventory on hand, even if sourced from surplus originally allocated to larger customers.
    • The rationale is straightforward.
    • Large, one-time purchases tend to concentrate construction and design work into a short period, which may require temporary increases in staffing.
    • By contrast, smaller and more continuous purchases make it more likely that projects can be handled within the existing workforce.
    • This approach is intended to maintain a balanced relationship between cash flow, labor costs, and operational risk.

    Risk needs to be approached deliberately and with care.

    I tend to view risk in the following way.

    The more predictable the potential impact of damage is, the thicker the ice can be considered.
    The less predictable the impact is, the thinner that ice becomes.

    In other words, when crossing thin ice, one deliberately steps on the parts that are considered the thickest.
    Rather than ignoring risk, the focus is placed on areas that can be reasonably anticipated, while avoiding entry into unknown territory.

    Some concluding observations

    Risk reduction and cost reduction can be achieved together.

    In many cases, deferring risk tends to lead to higher costs over the long term.

    Focusing solely on cost reduction may, in turn, create larger risks.

    For this reason, I tend to choose a design approach in which the thickest parts of the “thin ice” are addressed first, deliberately resolving the risks that should be dealt with early on.
    As a result, costs are often reduced, and the overall operational burden becomes lighter.


  • 初期費用1.5億円を800万円にするお話

    初期費用1.5億円を800万円にするお話

    実際に行った設計として「出張を激減させるNW」と言うものを提案/ご導入いただいた実績がありますがもっと凄いの思いつきました。

    「良くある構成」つまり、外部/内部FW計4台と、複数のSW(Cat9300等)やルータ(C8200等)で計20台程度の機器を購入する場合を1.5億円と見積もりました(ChatGPTが)
    私の設計する構成と調達方法(調達業者を変更する)では800万円~600万円で済むそうです。(金額はChatGPTが弾いています)※通信帯域は100Mbps以下の想定)
    もちろん、無料ではお話しできません。

  • Articles promoting Forti Wi-fi

    Articles promoting Forti Wi-fi

    Since we cannot publish what we learned on-site (generally, we recognize that we do not own the intellectual property rights to things discovered using our own verification/measuring equipment),
    we will link to a conversation with ChatGPT to explain how we implemented this (accuracy requires actual verification, but we have already purchased a verification machine).

    Switching even though it’s Wi-Fi?

    Forti Wi-Fi Features Overview

    *We plan to post an article on SDN with FortiSW at a later date. (Test machine already purchased)

    “`html

    Technical Inquiry

    If this article relates to your network architecture, security design, or infrastructure modernization, feel free to contact us.

    Email:
    contact@g-i-t.jp

    Related Architecture Solutions

    Typical network architecture solutions designed and implemented by GIT. These patterns are derived from real enterprise environments and long-term operational experience.

    View Network Architecture Solutions
    Back to Home

    “`

  • Learning Russian for Network Engineers

    Learning Russian for Network Engineers

    This section documents ongoing research conducted by the principal engineer
    and also illustrates how musical perception is applied
    to engineering and language analysis.

    As part of a long-term effort with a clearly defined endpoint,
    I am currently executing a structured learning plan
    scheduled to conclude in June 2030.
    The plan consists of approximately 900 hours in total,
    based on 30 minutes per day over a five-year period.
    This duration corresponds to nearly 90% of the commonly cited time
    required for a Japanese speaker to become conversational in Russian.

    The intent of this plan extends beyond language acquisition itself
    and focuses on developing sensitivity to timing, pitch,
    and continuous variation within a fixed time horizon.

    During this process, I encountered an unexpected realization:
    Russian pronunciation contains phenomena that closely resemble blue notes.
    Certain vowel transitions and interrogative intonations
    do not settle on fixed pitches,
    but instead occupy intermediate regions between tones.
    Recognizing this was a moment of genuine surprise.

    My initial attempt to analyze these characteristics relied on the piano.
    However, I soon realized a fundamental limitation:
    a piano, by design, does not allow any form of pitch bending.
    Each key produces a fixed, discrete pitch,
    making it impossible to represent the soft,
    elastic transitions that characterize Russian phonetics.
    This rigidity forces pitch decisions to occur too early
    and obscures the continuous nature of the sound.

    At first, I found the guitar to be a more suitable instrument.
    String bending and vibrato made it possible
    to approximate the required microtonal variation,
    and the physical nature of the instrument
    helped reveal the presence of pitch movement.
    However, while the guitar excels at expressive bending,
    it lacks the precision and repeatability
    needed for systematic analysis.

    This led me to conclude that a synthesizer keyboard
    offers the most appropriate balance.
    Unlike a piano, it is not constrained to fixed pitch behavior,
    and unlike a guitar, it allows controlled, repeatable manipulation
    of pitch, sustain, and timing.

    In addition, keyboard-based instruments provide
    a wide variety of ways to stop or release sound:
    key release timing, envelope shaping,
    velocity sensitivity, and controlled decay.
    This diversity makes it possible to model
    the subtle softness, fading, and articulation
    that are essential to Russian pronunciation,
    particularly at phrase endings.

    References to blue notes, guitar techniques,
    and synthesizer keyboard control are therefore included here
    not as musical hobbies,
    but as analytical instruments.
    They provide a practical framework
    for reason

    As a single practical note related to “musical notes,”
    I have adopted a simple workaround for interrogative intonation.

    If forming a question feels difficult,
    one option is to append a word equivalent to “OK?”
    at the end of the sentence.
    The word I use is “верно” (verno).

    As a mnemonic, I associate it with “verna”
    from the Italian word “taverna” (a small restaurant),
    which makes it easier to recall.

    The pitch movement can be approximated as:
    C → D → D♯

    However, the sharp should not be treated as a fixed pitch.
    It is better expressed by bending up to the note after picking,
    then gradually releasing the bend while maintaining sustain.

    For explaining how sounds are sustained and released,
    I find it more effective to use a keyboard-based instrument.
    That said, compared to the strong mechanical resistance
    of a piano keyboard,
    a synthesizer keyboard feels more suitable for this purpose.

    👉 From here onward, a list of random example sentences follows.
    👉 The table below has not yet been translated and is currently in Japanese.

    Ш л ю зп оу м о л ч а н и юн а с т р о е нн е п р а в и л ь н о
    Gatewaybydefaultconfiguredincorrectly
    シュリュースウモルチャーニユナストロエンニェプラーヴィルナ
    Ш л ю зп оу м о л ч а н и юн ео т в е ч а е т
    Gatewaybydefaultnotresponding
    シュリュースウモルチャーニユニェエトヴェチャーエット
    Ш л ю зп оу м о л ч а н и ю192.168.1.1
    Gatewaybydefaultis192.168.1.1
    シュリュースウモルチャーニユダッシュ192.168.1.1

    ※数値は英語読みでも通じるそうです。

    次はWi-fiネタです。

    W i – F iн еп о д к л ю ч ё н
    Wi‑Finotconnected
    ワイファイニェパドクリュチョーン
    В в е д и т еп а р о л ьо тW i – F i
    EnterpasswordforWi‑Fi
    ヴヴェーディチェパローリオトワイファイ
    Э т ас е т ьW i – F iз а щ и щ е н а
    ThisnetworkWi‑Fiis protected
    エータセーチワイファイザシシナ

    ふと思いついて、自分で考えた語呂合わせとAIに考えて貰った語呂合わせを100個列挙します。

    ✅ ネットワーク基礎系

    1. シュリュース → шлюз(ゲートウェイ)=シュールなゲートウェイ
    2. ポウ!盛る茶new! → по умолчанию(デフォルト)
    3. 江戸笛茶えっと → отвечает(応答する)
    4. ニェ江戸笛茶えっと → не отвечает(応答しない)
    5. パウリの排他原理 → пароль(パスワード)
    6. すこーしか? → Сколько?(いくつ?)
    7. パチェムー? → Почему?(なぜ?)
    8. シトー? → Что?(何?)
    9. カク ドールガ? → Как долго?(どれくらい長く?)
    10. ビードナ? → видна?(見えてる?)
    11. ビージェン? → виден?(見えてる?男性名詞用)
    12. セーチ → сеть(ネットワーク)=精緻なネットワーク
    13. エクラン → экран(画面)=絵クラン!(映す)
    14. 絵蔵ん → экран(画面=スクリーンに絵を蔵)
    15. エクレアん → экран(スクリーン見ながらエクレア)

    ✅ Wi‑Fi / SSID関連

    1. SSID ビードナ? → SSID見えてる?
    2. スラッシュはスラッシュ → slash
    3. ノリノリ → ноль/ноль(0/0)
    4. イーペーアドリェス → IP-адрес(IPアドレス)
    5. イーペーアドリェス 江戸笛茶えっと → IPアドレスが応答する
    6. イーペーアドリェス ニェ江戸笛茶えっと → IPアドレスが応答しない

    ✅ 設定・UI関連

    1. ナストロイキ → настройки(設定)=成すトロい機器
    2. アブナヴィーチ → обновить(更新)=危ない位置は更新
    3. ウダリーチ → удалить(削除する)=打ち切る
    4. プラヴィラ → правило(ルール)=プラモデルのルール
    5. ブランドマウエル → брандмауэр(ファイアウォール)=ブランド守る壁
    6. サエディネーニエ → соединение(接続)=さぁいぃデネ!接続
    7. サエディニーチ → соединить(接続する)

    ✅ VPN / トンネル系

    1. ヴィーペーエン → VPN(そのまま)
    2. トゥンネル → туннель(トンネル)
    3. ピング! → пинг(ping)
    4. マスカ → маска(マスク/サブネットマスク)
    5. ポッツェチ → подсеть(サブネット=ポッと精緻)

    ✅ ファイアウォール / ポート系

    1. ポルト → порт(ポート)
    2. ノーメル ポルタ → номер порта(ポート番号)
    3. ラズレシーチ → разрешить(許可する)=ラズでレシートOK
    4. ザプリチーチ → запретить(禁止する)=ザ・ブレーキ!チーッ!
    5. プラヴィラ ファイアウォール → firewall rule
    6. разрешить доступ → 許可するアクセス(ラズレシーチ+ドストゥプ)
    7. запретить доступ → アクセス禁止

    ✅ プロトコル / サービス系

    1. プロタコール → протокол(プロトコル)=プロのタコ
    2. プロタコリロヴァニエ → протоколирование(ロギング)=プロのタコがリロする
    3. スルージバ → служба(サービス)=する?芝?サービスする?
    4. プロツェス → процесс(プロセス)=そのまま
    5. スルジェーブヌイ → служебный(管理用)=スルージバ+管理用

    ✅ サーバ / 機器系

    1. セルベル → сервер(サーバ)=サーバがセルフでベル鳴らす
    2. マルシュルチザートル → маршрутизатор(ルータ)=マルチルーター
    3. オボルドヴァニエ → оборудование(ハードウェア/機材)=おぼるどばにえ

    ✅ ユーザー / アクセス権限系(追加)

    1. ポリゾヴァーチ → пользователь(ユーザー)=ポリ蔵ばーち
    2. パーロリザツィヤ → авторизация(認証)
    3. ドストゥプ → доступ(アクセス)
    4. ウチョトナヤ ザピース → учётная запись(アカウント)=打ち音なや雑ピーす
    5. グルッパ → группа(グループ)

    ✅ セキュリティ系(追加)

    1. シグナトゥーラ → сигнатура(シグネチャ)
    2. ザシータ → защита(保護)=座敷田で保護
    3. ウグローザ → угроза(脅威)=ウグイのローザ=脅威
    4. ウヤズヴィモスチ → уязвимость(脆弱性)=ウヤズヴィもうスチ!

    ✅ 管理・操作系(追加)

    1. ペレザプスチーチ → перезапустить(再起動する)=ペレザップしてチーッ!
    2. ザプスチーチ → запустить(起動する)=ザップしてチーッ!
    3. アスタノーヴィチ → остановить(停止する)=明日伸びチ

    ✅ さらに追加のネットワーク用語

    1. マルシュルート → маршрут(ルート)
    2. アドミニストラートル → администратор(管理者)
    3. プロバイデル → провайдер(プロバイダ)
    4. スヴャーズ → связь(通信)=スパイ奴ず!通信

    ✅ その他の管理UI系

    1. インターフェース → интерфейс(インターフェイス)
    2. パネル ウプラヴレーニヤ → панель управления(コントロールパネル)
    3. クノープカ → кнопка(ボタン)=くのーぷか!

    ✅ サービス系(追加)

    1. オブスルジヴァーニエ → обслуживание(メンテナンス/保守)=オブするジバニエ
    2. ペレナストロイカ → перенастройка(再設定)
    3. プラヴィーチ → править(修正する)

    ✅ 認証 / 暗号化系

    1. シフロヴァーニエ → шифрование(暗号化)=シフロバー!
    2. ラズシフロヴァーニエ → расшифрование(復号化)
    3. クルーチ → ключ(鍵)

    ✅ プロトコル例

    1. HTTPS → HTTPS(エイチテーペーエス)そのまま
    2. FTP → ФТП(エフテーペー)
    3. SMTP → СМТП(エスメテーペー)
    4. DNS → ДНС(デーエヌエス)

    ✅ OS・管理系

    1. システーマ → система(システム)
    2. プログラムマ → программа(プログラム)
    3. プロセスィ → процессы(プロセス複数)

    ✅ データ・ログ系

    1. ロギ → логи(ログ)
    2. ジュルナール → журнал(ログ/ジャーナル)
    3. ダンニエ → данные(データ)

    ✅ 時間・状態系

    1. ヴレーミャ → время(時間)
    2. ザダーチャ → задача(タスク)
    3. ソスタヤーニエ → состояние(状態)

    ✅ 監視・通知系

    1. ウヴェドメーニエ → уведомление(通知)
    2. ナブリュデーニエ → наблюдение(監視)

    ✅ バックアップ系

    1. レザルヴナヤ コーピヤ → резервная копия(バックアップ)
    2. ヴススターノヴィチ → восстановить(復元する)

    ✅ 仮想化・クラウド系

    1. ヴィルトゥアリザーツィヤ → виртуализация(仮想化)
    2. オブラーカ → облако(クラウド)=雲

    ✅ パフォーマンス系

    1. ナグルーズカ → нагрузка(負荷)
    2. プロイゾヴォディーテリノスチ → производительность(パフォーマンス)

    ✅ バージョン・更新

    1. ヴェールシヤ → версия(バージョン)
    2. オブノヴレーニエ → обновление(アップデート)

    ✅ 管理者操作系

    アフターリザーツィヤ → авторизация(認証/認可)

    今後都度都度、追記して行きます。

    ウダリョンナヤ ラボータ → удалённая работа(リモート作業)

    ドスターヴカ → доставка(デリバリー)

    クルグローソーチナ → круглосуточно(24時間稼働)

  • إلى عملائنا في الدول الناطقة بالروسية والدول العربية،

    إلى عملائنا في الدول الناطقة بالروسية والدول العربية،


    ‏FortiGate مصنوع في آسيا، ولكنه يلتزم بالمعايير الأمنية الغربية.

  • スミスチャートについて

    スミスチャートについて

    ChatGPTとの会話をまとめています。初心者向けの記事となります。

  • 未来のWi-fiについて

    未来のWi-fiについて

    ネットワーク機器が仮想環境に吸い込まれてしまうと、クライアント側のWi-fiしかNW技術者の生きる道は無いと考えますが、(サバ・クラの時代に戻ってしまう)
    更なる未来は肉体労働ですらロボットに代替されてもWi-fiは残る(法律が変わらない限り)
    と考えています。(サーバもアプリもAIに代替されてしまっても尚、Wi-fiは残る訳です)
    直近の懸念としてはHTTP3です。NGFW/UTMですらレガシFWとしてしか働けなくなります(暗号化される領域が増えるため。全部SASE上でやっていくことになる=仮想環境に吸い込まれてしまう訳です)
    ■リンク先に「ISMバンド」についての説明を載せています。

    現代のWi-fiについて「無線LANアクセスポイントの最適な設置個所をご提案可能です。
    (理論値です。つまり経験や勘では有りません。審査の厳しい顧客へ提案する事を前提としています)
    ■リンク先に、初歩理論から入る形で無線LANアクセスポイントの設置個所について、ChatGPTに説明させています