Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
開発と運用でサービスの信頼性を高める 「SRE」の実践/Mercari SRE in practice Enterprise Development Conference
Search
kazeburo
September 01, 2017
Technology
3
1.8k
開発と運用でサービスの信頼性を高める 「SRE」の実践/Mercari SRE in practice Enterprise Development Conference
開発と運用でサービスの信頼性を高める 「SRE」の実践
Enterprise Development Conference
kazeburo
September 01, 2017
Tweet
Share
More Decks by kazeburo
See All by kazeburo
DNS水責め攻撃と監視 / DNS water torture attack Monitoring and SLO
kazeburo
4
3.5k
DBやめてみた / DNS water torture attack and countermeasures
kazeburo
13
11k
IaaSにおけるPlatform Engineeringとこれから / Platform engineering in IaaS
kazeburo
2
1k
高信頼IaaSを実現するDevOps / DevOps for Highly Reliable IaaS
kazeburo
1
430
権威DNSサービスへのDDoSと ハイパフォーマンスなベンチマーカ / DNS Pseudo random subdomain attack and High performance Benchmarker
kazeburo
3
4.4k
DNS権威サーバのクラウドサービス向けに行われた攻撃および対策 / DNS Pseudo-Random Subdomain Attack and mitigations
kazeburo
7
11k
sacloudns
kazeburo
2
270
「orchestratorとGTID運用を支える監視」の勉強 / Monitoring orchestrator and GTID operation
kazeburo
2
1.2k
最近の監視(仮)/Recent system monitoring with mackerel
kazeburo
3
4.4k
Other Decks in Technology
See All in Technology
Microsoft Fabric 開発ガイド
ryomaru0825
6
2.7k
書を捨てよ、現場へ出よう
nwiizo
11
8.8k
サーバーとは何かを理解して、コンテナ1つで実行しよう | PHPerKaigi2024
sadnessojisan
31
11k
Proposal for a fictitious company presented by JAWS-UG DE&I team 'Naniwa Musume'
hiroramos4
PRO
0
120
あなたの知らないバグバウンティの世界
eurekaberry
1
1.4k
Skaffoldを用いたGKEアプリケーションの CD(Continuous Development)
kojake_300
1
120
JaSST_Tokyo経験発表_20240313.pdf
ktanizaki
0
190
第131回 雲勉【オンライン】AWSを9年触ってきて経験した落とし穴、ハマったポイント
iret
6
480
【OpsJAWS】EC2 のセキュリティの運用と監視について考えてみた件
hssh2_bin
4
590
庁舎DX推進事例集
senryakuka
0
1.6k
[AWS Expert Online for JAWS-UG]AWS SAW を使ったトラブルシューティング効率化のススメ
furuton
0
170
We Fear Change, for DevOpsDays LA 2024
cote
PRO
0
130
Featured
See All Featured
How To Stay Up To Date on Web Technology
chriscoyier
781
250k
Fashionably flexible responsive web design (full day workshop)
malarkey
397
65k
Building Adaptive Systems
keathley
29
1.8k
The Cult of Friendly URLs
andyhume
72
5.6k
From Idea to $5000 a Month in 5 Months
shpigford
376
45k
Six Lessons from altMBA
skipperchong
19
2.9k
Why Our Code Smells
bkeepers
PRO
330
56k
Reflections from 52 weeks, 52 projects
jeffersonlam
343
19k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
240
1.2M
Large-scale JavaScript Application Architecture
addyosmani
501
110k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
18
1.7k
GraphQLの誤解/rethinking-graphql
sonatard
48
9.1k
Transcript
։ൃͱӡ༻ͰαʔϏεͷ৴པੑΛߴΊΔ ʮSREʯͷ࣮ફ Enterprise Development Conference 2017/09/01 גࣜձࣾϝϧΧϦ Masahiro Nagano @kazeburo
ࣗݾհ • Masahiro Nagano / խ • @kazeburo (twitter/github) •
גࣜձࣾϝϧΧϦ ϓϦϯγύϧΤϯδχΞ Site Reliability Engineering (SRE) νʔϜ • BASE, Inc ٕज़ΞυόΠβʔ
ࣗݾհ(ܦྺɾ׆ಈ) • ܦྺ • 2006 mixi - ΞϓϦӡ༻νʔϜ • 2010
livedoor (LINE) - ։ൃࢧԉνʔϜ • 2015 ݱ৬ - SRE • 15Ҏ্ WebαʔϏεΛΠϯϑϥ͔Βࢧ͑Δۀ • ొஃʗࣥච • AWS Dev Day Tokyo 2017 ొஃ • WEB+DB PRESS Vol. 100 هࣄࣥච
ΞδΣϯμ • ࣗݾհ • ϝϧΧϦʹ͍ͭͯ • SREͱ • ϝϧΧϦͷSREͷࣄྫհ
ϝϧΧϦʹ͍ͭͯ
ϝϧΧϦ • ࠃ࠷େڃͷϑϦϚΞϓϦ • 3Ͱ؆୯ʹग़ 1) ࣸਅΛࡱΔ 2) ใΛهೖ 3)
ग़ϘλϯΛԡ͢ • ҆৺҆શͳܾࡁɾऔҾ • ΤεΫϩʔ • ͓ۚͷΓͱΓ͕ࣾؒʹհࡏ • ಗ໊ૹ
ถࠃ/ӳࠃ ͷల։ JP US UK
KPI μϯϩʔυ GMV(૯औҾֹ) 7500ສDL(JP+US) ݄ؒ100ԯԁҎ্ ग़ 1100ສҎ্ (ϐʔΫ࣌ؒଳ1ؒʹ1000ग़Ҏ্)
ϝϧΧϦγεςϜ֓ཁ ©2011 Amazon Web Services LLC or its affiliates. All
rights reserved. Client Multimedia Corporate data center Traditional server Mobile Client IAM Add-on Example: IAM Add-on ence ) Assignment/ Task Requester Workers ग़! DB Search 5-දࣔ ݕࡧө ©2011 Amazon Web Services LLC or its affiliates. All rights reserved. User Users Client Multimedia Corporate data center Traditional server Mobile Client Internet AWS Management Console IAM Add-on Example: IAM Add-on Amazon Mechanical Turk On-Demand Workforce Human Intelligence Tasks (HIT) Assignment/ Task Requester Workers Amazon Mechanical Turk Non-Service Specific ©2011 Amazon Web Services LLC or its affiliates. All rights reserved. User Users Client Multimedia Corporate data center Traditional server Mobile Client Internet AWS Management Console IAM Add-on Example: IAM Add-on Amazon Mechanical Turk On-Demand Workforce Human Intelligence Tasks (HIT) Assignment/ Task Requester Workers Amazon Mechanical Turk Non-Service Specific ©2011 Amazon Web Services LLC or its affiliates. All rights reserved. User Users Client Multimedia Corporate data center Traditional server Mobile Client Internet AWS Management Console IAM Add-on Example: IAM Add-on Amazon Mechanical Turk On-Demand Workforce Human Intelligence Tasks (HIT) Assignment/ Task Requester Workers Amazon Mechanical Turk Non-Service Specific ©2011 Amazon Web Services LLC or its affiliates. All rights reserved. User Users Client Multimedia Corporate data center Traditional server Mobile Client Internet AWS Management Console IAM Add-on Example: IAM Add-on Amazon Mechanical Turk On-Demand Workforce Human Intelligence Tasks (HIT) Assignment/ Task Requester Workers Amazon Mechanical Turk Non-Service Specific ©2011 Amazon Web Services LLC or its affiliates. All rights reserved. User Users Client Multimedia Corporate data center Traditional server Mobile Client Internet AWS Management Console IAM Add-on Example: IAM Add-on Amazon Mechanical Turk On-Demand Workforce Human Intelligence Tasks (HIT) Assignment/ Task Requester Workers Amazon Mechanical Turk Non-Service Specific ©2011 Amazon Web Services LLC or its affiliates. All rights reserved. User Users Client Multimedia Corporate data center Traditional server Mobile Client Internet AWS Management Console IAM Add-on Example: IAM Add-on Amazon Mechanical Turk On-Demand Workforce Human Intelligence Tasks (HIT) Assignment/ Task Requester Workers Amazon Mechanical Turk Non-Service Specific ©2011 Amazon Web Services LLC or its affiliates. All rights reserved. User Users Client Multimedia Corporate data center Traditional server Mobile Client Internet AWS Management Console IAM Add-on Example: IAM Add-on Amazon Mechanical Turk On-Demand Workforce Human Intelligence Tasks (HIT) Assignment/ Task Requester Workers Amazon Mechanical Turk Non-Service Specific ©2011 Amazon Web Services LLC or its affiliates. All rights reserved. User Users Client Multimedia Corporate data center Traditional server Mobile Client Internet AWS Management Console IAM Add-on Example: IAM Add-on Amazon Mechanical Turk On-Demand Workforce Human Intelligence Tasks (HIT) Assignment/ Task Requester Workers Amazon Mechanical Turk Non-Service Specific ©2011 Amazon Web Services LLC or its affiliates. All rights reserved. User Users Client Multimedia Corporate data center Traditional server Mobile Client Internet AWS Management Console IAM Add-on Example: IAM Add-on Amazon Mechanical Turk On-Demand Workforce Human Intelligence Tasks (HIT) Assignment/ Task Requester Workers Amazon Mechanical Turk Non-Service Specific ©2011 Amazon Web Services LLC or its affiliates. All rights reserved. User Users Client Multimedia Corporate data center Traditional server Mobile Client Internet AWS Management Console IAM Add-on Example: IAM Add-on Amazon Mechanical Turk On-Demand Workforce Human Intelligence Tasks (HIT) Assignment/ Task Requester Workers Amazon Mechanical Turk Non-Service Specific ©2011 Amazon Web Services LLC or its affiliates. All rights reserved. User Users Client Multimedia Corporate data center Traditional server Mobile Client Internet AWS Management Console IAM Add-on Example: IAM Add-on Amazon Mechanical Turk On-Demand Workforce Human Intelligence Tasks (HIT) Assignment/ Task Requester Workers Amazon Mechanical Turk Non-Service Specific େྔͷϦΫΤετ ©2011 Amazon Web Services LLC or its affiliates. All rights reserved. User Users Client Multimedia Corp data c Mobile Client Internet AWS Management Console IAM Add-on Example: IAM Add-on Human Intelligence Tasks (HIT) Assignment/ Task Requester Workers Amazon Mechanical Turk Non-Service Specific ϦΫΤετԠ DB Search ߪೖ! ඵʙ30ඵ ඵʙ ߴʹฒߦͯ͠େྔͷτϥϯβΫγϣϯΛѻ͏ ը૾ ܾࡁ AI ϑΟʔυόοΫ
ΠϯϑϥετϥΫνϟ JP US UK DNS: Amazon Route53 CDN: Akamai, Fastly,
ImageFlux Storage: Amazon S3 Analysis: Google BigQuery ܾࡁ/ྲྀαʔϏε ܾࡁ/ྲྀαʔϏε ܾࡁ/ྲྀαʔϏε
SREͱ
SREͱ • Site Reliability Engineering/Engineer ͷུ • Reliability = ৴པੑ
• γεςϜཧͱαʔϏεӡ༻ͷํ๏ͱͯ͠Googleͷӡ༻νʔϜΛ͍͍ͯͨ Ben Treynor͕ఏএ • USΛத৺ʹେنͳITΠϯϑϥΛӡ༻͢Δ֤ࣾʹ·Δ • ໌֬ͳఆٛͳ͍͕ʮιϑτΣΞΤϯδχΞϦϯάʹΑͬͯɺΠϯϑϥετϥΫ νϟɾαʔϏεશମͷՄ༻ੑɺੑೳɺηΩϡϦςΟΛվળ͢ΔʯΤϯδχΞ/νʔϜ
Google SRE • ιϑτΣΞΤϯδχΞϦϯάʹՃ͑ɺγεςϜɾӡ༻ͷೳྗ͕ٻΊΒΕ Δɻ·ͨ৫ɾνʔϜͷ͋ΓํؚΜͰ͍Δ • ιϑτΣΞΤϯδχΞϦϯάʮࣗಈԽʯʹϑΥʔΧε • SREͷਓαʔϏεͷنʹൺྫͤ͞ͳ͍(ݱ࣮తʹͰ͖ͳ͍) •
ʮτΠϧʯͷ໓ • ख࡞ۀͰߦΘΕɺࣗಈԽՄೳͰ܁Γฦ͢͜ͱʹՁΛ࣋ͨͳ͍
Google SRE • ۀ࣌ؒͷ50%ιϑτΣΞΤϯδχΞϦϯάΛߦ͏ • ࣗಈԽ(ࣗԽ)ɺ৴པੑ্ʹ͋ͯΔ • 50%Λ͑Δ͜ͱ͕͋Εۀͷେ෯ͳݟ͠ΛഭΒΕΔ • SLAɺΤϥʔόδΣοτ(༧ࢉ)ʹΑΔ։ൃऀͷརௐ
• ։ൃऀνʔϜͱՄ༻ੑͷඪΛαʔϏε͝ͱʹઃఆ • ΤϥʔόδΣοτʹ͋Δͱ͖։ൃऀੵۃతͳϦϦʔεΛߦ͍ɺ༧ࢉΛ ͑Δ߹৴པੑճ෮ͷͨΊͷ։ൃʹઐ೦͢Δ͜ͱ͕ٻΊΒΕΔ
ຊࠃͰͷSRE • 201511݄ ϝϧΧϦٕज़blogͰSREΛհ • RettyɺαΠϘζɺCookPadɺMixiɺͯͳͳͲWebܥاۀΛத৺ʹSREͷ࠾༻͕ਐΜͰ͍Δ • ΠϯϑϥνʔϜ/ΠϯϑϥΤϯδχΞ͔ΒͷҠߦ͕ଟ͍ • ΫϥυԽΛഎܠʹΠϯϑϥΤϯδχΞͱ͍͏ݺͼํ͕దͰͳ͘ͳ͖ͬͯͨ
• SRE Tech Talk։࠵ • ୈҰճ: 20166݄ɻୈೋճ: 20171݄ • 100໊Ҏ্ͷࢀՃऀ
SREͷظͷߴ·Γ • ॻ੶/ࡶࢽ • ΦϥΠϦʔʮSRE αΠτϦϥΠΞϏϦςΟΤϯδχΞϦϯάʯ • ܦBPʮܦSYSTEM 2017/7ʯ •
Πϯλʔωοτ্ͷಛूهࣄ • ITPro - άʔάϧൃͷ৽ख๏ʮSREʯɺຊͰ֦େ • http://itpro.nikkeibp.co.jp/atcl/column/14/346926/030600869/ • @IT - ಛूɿγεʹٻΊΒΕΔʮSREʯͱ͍͏৽ͨͳׂ • http://www.atmarkit.co.jp/ait/series/4503/
ϝϧΧϦ SRE
ϝϧΧϦ SRE • ͍ͭͰշద͔ͭ҆શʹར༻Ͱ͖Δʮ৴པੑͷߴ͍ʯαʔϏεͷ࣮ݱ • ʮ৽نαʔϏεͷ։ൃҎ֎ͷιϑτΣΞΤϯδχΞϦϯάશ෦Δʯ • ݱࡏϝϯόʔʮ10ਓʯ • શϝϯόʔ౦ژۈɻग़ுͰถࠃʹ͍͘͜ͱ
• େنͳWebαʔϏεͰͷܦݧ͕͋Δத్͕ଟ͍͕ɺ৽ଔϝϯόʔࡏ੶ • ࣾπʔϧͷӡ༻վળɺAIܥͷۀʹܞΘΔϝϯόʔ͍Δ
ϝϧΧϦͰSREΛ࠾༻ͨ͠ཧ༝ • ϝϧΧϦΛ͓٬͞·ʹͬͯ͘Β͏ʹʮ͍ͭͰշదʹ҆શʹ ͑Δʯ৴པੑ͕ॏཁ • ΠϯϑϥͰͳ͘ɺιϑτΣΞؚΊ৴པੑʹΛ࣋ͭ͜ͱΛ໌Β ͔ʹ͢Δ • ւ֎Ͱ௨͡Δ໊শ •
JP/US/UKͰͷల։ɻάϩʔόϧͰͷ࠾༻ৗʹҙࣝ • ઌਐతͳऔΓΈͱͯ͠ͷૂ͍
Mercari SRE ͷۀൣғ Operations Software Eng. ج൫ߏங OnCall (োରԠ) Automation
εέʔϥϏϦςΟɾՄ༻ੑվળ DBAɺϛυϧΣΞߏங ΞϓϦέʔγϣϯͷઃܭϨϏϡʔ ϩάऩूɾੳج൫ͷߏஙɺӡ༻ αʔόϓϩϏδϣχϯάɾσϓϩΠɺϚΠΫϩαʔϏεج൫ͷඋ ηΩϡϦςΟʗෆਖ਼ར༻ݕग़ γεςϜӡ༻ΛʮΈʯͱͯ͠ ࡞Γ্͛Δ͜ͱ͕ٻΊΒΕ͍ͯΔ
ϝϧΧϦ SREͷ࣮ફࣄྫ
ϝϧΧϦSRE࣮ફࣄྫ • OnCall/൪ରԠ • ηΩϡϦςΟͷऔΓΈ • ύεϫʔυϦετ߈ܸͷࣄྫ
OnCall/൪ରԠ
SRE൪/OnCall • ΞϥʔτରԠ • ΞϥʔτΛड͚औΔεϚϗΛৗʹOnʹ͠ɺҰ࣍ରԠΛߦ͏ • ి൪ • SlackΛ௨ͨ͡ۓٸిͷड৴ •
ʮোͷݕ͔ΒରԠ։࢝·Ͱͷ࣌ؒͷॖʯʮଞϦʔδϣϯ ͔ΒͷۓٸґཔͷରԠʯ͕త
SRE൪/OnCall • ༵0͔࣌Β༵24࣌·Ͱ1िؒͰަ • ฏνʔϜϝϯόʔ͕ग़ࣾ͢Δ·Ͱࣗػ • 9͔࣌Βࣗػ͠ɺUS͔ΒͷґཔͳͲʹରԠ • ٳ15-20ҎʹରԠ։࢝Ͱ͖Δ͜ͱ͕·͘͠ɺߦಈʹ੍ ݶ͋Δ
• ਂٳͷରԠͳͲɺՈͷڠྗඞཁ
൪/OnCall Λࢧ͑Δٕज़ • ࢹ • Mackerel • ௨/Scheduling • Slack,
PagerDuty • BotʹΑΔిݺͼग़͠
mackerel: ΫϥυܕࢹαʔϏε • גࣜձࣾͯͳ ఏڙͷࢹαʔϏε • ͯͳࣾͰͷαʔόӡ༻ϊϋ • ֤छAPI͕༻ҙ͞ΕDevOpsͱͷ૬ੑྑ͍ •
PluginͰࢹ߲ͷ֦ு͕Մೳ • 40ݸҎ্ͷSREνʔϜ։ൃͷPluginΛར༻ • αʔόͷঢ়ଶ͚ͩͰͳ͘ɺ֎ܗࢹɺαʔϏεʹؔΘΔͷՄࢹԽɺΞϥʔτઃఆՄೳ • Ξϥʔτͷ௨SlackΛ࢝Ί֤छαʔϏε࿈ܞ͕༻ҙ
slackͱΞϥʔτͷ • SlackϏδωε͚νϟοταʔϏε • OSSձࣾؒͷίϛϡχέʔγϣϯʹΘΕΔ • Chat botΛར༻ͨ͠ChatOpsͳͲߦ͏ • Ξϥʔτͷ௨ઌͱͯ͠దͰͳ͍߹
• ௨ԻͷΧελϚΠζͰ͖ͳ͍ • 1ճ͔͠௨Ͱ͖ͳ͍ɻྲྀΕ͕ͪ • ετϨε⤴ / ӡ༻ʹͳΓ͕ͪ
PagerDuty: Πϯγσϯτཧ • ΠϯγσϯτཧͷΫϥυαʔϏε • ༷ʑͳखஈʹΑΔ௨ • ௨ͷϩʔςʔγϣϯཧ • ΤεΧϨʔγϣϯϧʔϧͷઃఆ
PagerDutyʹΑΔ௨ • ༷ʑͳखஈͰ௨Λߦ͏͜ͱ͕Ͱ͖Δɻ Ԡ͢Δ·Ͱଓ͘ • mail • SMS • App
(iOS, Android) • ి • ʮ10Λ͑ͨͱ͜ΖͰҰిΛೖ ΕΔʯϧʔϧͰӡ༻
BotʹΑΔۓٸి • SlackͰbotʹର໋ͯ͠ྩ͢Δ͜ͱͰɺ൪ʹి͕ ͔͔ΔΈ • SRE͕։ൃɾӡ༻ • PagerDutyͷAPIΛར༻͠ɺ൪ͷ࿈བྷઌΛऔಘ • TwilioΛͬͯࣗಈͰి
• US/UKؚΊɺؾܰʹͬͯΒ͑ΔΑ͏ࣾࠂ ࠷ۙͰSREνʔϜͰΤεΧϨʔγϣϯతͰ ར༻ ☎
༷ʑͳ ChatOps • ൪ͷిͷଞʹbotΛར༻ͨ͠ӡ༻Λߦͳͬͯ ͍·͢ • ൪ใ • CDNͷΩϟογϡΫϦΞ •
ຊ൪ڥͰͷSQLͷ࣮ߦܭը֬ೝ • σϓϩΠ
ηΩϡϦςΟͷऔΓΈ ύεϫʔυϦετ߈ܸͷࣄྫ
ύεϫʔυϦετ߈ܸ • ͓٬͞·ͷΞΧϯτʹରͯ͠ɺϥϯμϜͳύεϫʔυ͘͠ผͰ࿙Ӯ ͨ͠ύεϫʔυจࣈྻΛ͍ϩάΠϯΛࢼߦɺෆਖ਼ϩάΠϯΛߦ͏ • ͞·͟·ͳنͷ߈ܸ͕ߦΘΕɺଞͷαʔϏεͰͷࣄྫଟ͍
ύεϫʔυϦετ߈ܸͷରԠ • Ϧετ߈ܸͷݕ • ߈ܸ͕ߦΘΕ͍ͯΔ͜ͱΛͰ͖ΔݶΓૣ͘ݕ͠ɺΞϥʔτΛ͋͛Δ • ߈ܸ؇ࡦͷ࣮ࢪ • ΞΫηεύλʔϯ͔ΒࣗಈͰޚ •
߈ܸΛड͚ͨΞΧϯτͷύεϫʔυϦηοτ
ύεϫʔυϦετ߈ܸͷݕ • ϩάΠϯࣦഊΛAPIͷϩάͱͯ͠ه • ϩάΛϦΞϧλΠϜͰूܭɺ mackerelͰՄࢹԽͱࢹΛߦ͏ • ϝϧΧϦ͕TVʹऔΓ্͛ΒΕΔͱ Ξϥʔτ͕དྷΔ͜ͱ
ύεϫʔυϦετ߈ܸͷ؇ • ൺֱత୯७ͳ߈ܸΞϓϦέʔγϣϯͰࣗಈతʹޚ • ಉҰͷϝʔϧΞυϨεʹΑΔෳճͷϩάΠϯࢼߦ • ಉҰͷIPΞυϨεʹΑΔෳΞΧϯτͷϩάΠϯࢼߦ • ߈ܸͱஅ͞Εͨ߹֘IPΛҰఆظؒڋ൱ •
ϩάΠϯ͞ΕͨͱࢥΘ͖͠ɺ͓٬͞·ʹύεϫʔυͷϦηοτଅ͢
େنͳύεϫʔυϦετ߈ܸࣄྫ • ւ֎͚αʔϏεࠃ͚αʔϏεΑΓ߈ܸΛड͚Δճ͕ଟ͍ • ߈ܸͷن͕େ͖͘ͳΓɺखޱෳࡶʹͳΔ
େنύεϫʔυϦετ߈ܸࣄྫ • 2016ʹ࣮ࡍʹى͖ͨ߈ܸͷΞΫ ηεݩͷࠃ • ࣍ʑʹIPΛมߋ͠ɺͦΕͧΕͷIPͰ ճ͔͠ϩάΠϯࢼߦͤͣɺࣗಈ Ͱ͙͜ͱ͕͍͠ ͦͷଞ 18%
Armenia 2% Azerbaijan 2% Bahrain 2% Georgia 2% Japan 2% Russian 2% Indonesia 3% Nepal 3% Pakistan 5% Thailand 5% Taiwan 6% Viet Nam 6% Brazil 10% India 30%
େنύεϫʔυϦετ߈ܸͷඋ͑ • ߈ܸ͞Ε͍͢Web൛ͰreCAPTCHAΛಋೖ • Client Reputation ͷར༻ • GeoIP: IPΞυϨε͔Βࠃఆ
• ಗ໊ϓϩΩγͷར༻ͷ༗ແ • IP Reputation
Client reputation/GeoIP • ֎෦ͷIPσʔλϕʔεΛར༻ • ࠃ/भ/ݝ/ࢢϨϕϧ·Ͱਪఆ • σʔληϯλʔ͕ར༻͍ͯ͠ΔIP • ಗ໊ԽϓϩΩγͷఆ
• ࠃෆಠࣗʹऩू https://www.ip2location.com/demo
Client reputation/IP reputation • ओʹSPAMϑΟϧλͳͲʹΘΕΔٕज़ • աڈʹSPAMͷૹ৴Λ͓͜ͳͬͨIPɺBotnetͱ ͯ͠ΘΕͨIPΛݕग़ • ௐࠪͷ݁ՌɺύεϫʔυϦετ߈ܸʹΘΕ
͍ͯΔ͜ͱ͕໌ • ϦεΫͷߴ͍IP͔ΒͷΞΫηεڋ൱͢Δ http://www.cyren.com/security-center/ip-reputation-check
߈ܸݩIP Reputation • 2016ͷ߈ܸݩௐࠪͷ݁Ռ • 4ׂ͙͜ͱ͕Ͱ͖ͨՄೳੑ͕͋Δ* • ݱࡏͰɺ༷ʑͳใϦιʔεΛΈ߹Θͤͯ αʔϏεͷ҆શੑΛߴΊ͍ͯ·͢ -PX
.JEEMF )JHI * ߈ܸͷ͋ͬͨλΠϛϯάͷreputationͰͳ͍ͷͰଟগζϨ͕͋Γ·͢
·ͱΊ • SREͱ • Googleʹ͓͚ΔγεςϜӡ༻ͷ࣮ફ • ιϑτΣΞΤϯδχΞϦϯάʹΑͬͯ৴པੑΛ্ͤ͞Δ • ϝϧΧϦͷSREͷࣄྫհ •
OnCall/ӡ༻൪ • ύεϫʔυϦετ߈ܸ͔Βͷޚࣄྫ
͝੩ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠ ຊεϥΠυspeakerdeckʹͯެ։͠·͢ https://speakerdeck.com/kazeburo/