[](https://www.paloaltonetworks.com/?ts=markdown) * CN * [USA (ENGLISH)](https://www.paloaltonetworks.com/) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * CHINA (简体中文) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [联系我们](https://www.paloaltonetworks.cn/contact?ts=markdown) * [资源](https://www.paloaltonetworks.cn/resources?ts=markdown) * [获得支持](https://support.paloaltonetworks.com/support) * [遭遇攻击?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * 产品 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 产品 [人工智能驱动的网络安全平台](https://www.paloaltonetworks.cn/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.cn/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown) * [云交付的安全服务](https://www.paloaltonetworks.cn/network-security/security-subscriptions?ts=markdown) * [高级威胁预防](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.cn/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown) * [企业数据丢失防护](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-device-security?ts=markdown) * [医疗物联网安全](https://www.paloaltonetworks.cn/network-security/medical-iot-security?ts=markdown) * [工业 OT 安全](https://www.paloaltonetworks.cn/network-security/industrial-ot-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown) * [新一代防火墙](https://www.paloaltonetworks.cn/network-security/next-generation-firewall?ts=markdown) * [硬件防火墙](https://www.paloaltonetworks.cn/network-security/hardware-firewall-innovations?ts=markdown) * [软件防火墙](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.cn/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.cn/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.cn/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.cn/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.cn/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.cn/sase?ts=markdown) * [应用加速](https://www.paloaltonetworks.cn/sase/app-acceleration?ts=markdown) * [自主数字体验管理](https://www.paloaltonetworks.cn/sase/adem?ts=markdown) * [企业 DLP](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.cn/sase/access?ts=markdown) * [Prisma 浏览器](https://www.paloaltonetworks.cn/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.cn/sase/sd-wan?ts=markdown) * [远程浏览器隔离](https://www.paloaltonetworks.cn/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown) [基于 AI 的安全运营平台](https://www.paloaltonetworks.cn/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown) * [应用安全](https://www.paloaltonetworks.cn/cortex/cloud/application-security?ts=markdown) * [云态势安全](https://www.paloaltonetworks.cn/cortex/cloud/cloud-posture-security?ts=markdown) * [云运行时安全](https://www.paloaltonetworks.cn/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.cn/prisma/cloud?ts=markdown) * [Unit 42 托管检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown) * [人工智能驱动的 SOC](https://www.paloaltonetworks.cn/cortex?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.cn/cortex/advanced-email-security?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.cn/cortex/exposure-management?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.cn/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.cn/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.cn/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.cn/cortex/cortex-xpanse?ts=markdown) * [托管 XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown) * 解决方案 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 解决方案 AI 安全 * [安全的人工智能生态系统](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown) * [安全使用 GenAI](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown) 网络安全 * [云网络安全](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown) * [数据中心安全](https://www.paloaltonetworks.cn/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown) * [入侵检测和防御](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown) * [IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-device-security?ts=markdown) * [5G 安全](https://www.paloaltonetworks.cn/network-security/5g-security?ts=markdown) * [确保所有应用、用户和位置的安全](https://www.paloaltonetworks.cn/sase/secure-users-data-apps-devices?ts=markdown) * [确保分支机构转型的安全](https://www.paloaltonetworks.cn/sase/secure-branch-transformation?ts=markdown) * [确保任何设备上的工作安全](https://www.paloaltonetworks.cn/sase/secure-work-on-any-device?ts=markdown) * [VPN 替代](https://www.paloaltonetworks.cn/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web 和网络钓鱼安全](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown) 云安全 * [应用安全态势管理 (ASPM)](https://www.paloaltonetworks.cn/cortex/cloud/application-security-posture-management?ts=markdown) * [软件供应链安全](https://www.paloaltonetworks.cn/cortex/cloud/software-supply-chain-security?ts=markdown) * [代码安全](https://www.paloaltonetworks.cn/cortex/cloud/code-security?ts=markdown) * [云安全态势管理 (CSPM)](https://www.paloaltonetworks.cn/cortex/cloud/cloud-security-posture-management?ts=markdown) * [云基础架构权限管理 (CIEM)](https://www.paloaltonetworks.cn/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [数据安全态势管理 (DSPM)](https://www.paloaltonetworks.cn/cortex/cloud/data-security-posture-management?ts=markdown) * [AI 安全态势管理 (AI-SPM)](https://www.paloaltonetworks.cn/cortex/cloud/ai-security-posture-management?ts=markdown) * [云检测与响应 (CDR)](https://www.paloaltonetworks.cn/cortex/cloud-detection-and-response?ts=markdown) * [云工作负载保护 (CWP)](https://www.paloaltonetworks.cn/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web 应用及 API 安全 (WAAS)](https://www.paloaltonetworks.cn/cortex/cloud/web-app-api-security?ts=markdown) 安全运营 * [云检测和响应](https://www.paloaltonetworks.cn/cortex/cloud-detection-and-response?ts=markdown) * [网络安全自动化](https://www.paloaltonetworks.cn/cortex/network-security-automation?ts=markdown) * [事件案例管理](https://www.paloaltonetworks.cn/cortex/incident-case-management?ts=markdown) * [SOC 自动化](https://www.paloaltonetworks.cn/cortex/security-operations-automation?ts=markdown) * [威胁情报管理](https://www.paloaltonetworks.cn/cortex/threat-intel-management?ts=markdown) * [托管的检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown) * [攻击面管理](https://www.paloaltonetworks.cn/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [合规性管理](https://www.paloaltonetworks.cn/cortex/cortex-xpanse/compliance-management?ts=markdown) * [互联网运营管理](https://www.paloaltonetworks.cn/cortex/cortex-xpanse/internet-operations-management?ts=markdown) 端点安全 * [端点防护](https://www.paloaltonetworks.cn/cortex/endpoint-protection?ts=markdown) * [扩展的检测和响应](https://www.paloaltonetworks.cn/cortex/detection-and-response?ts=markdown) * [勒索软件防护](https://www.paloaltonetworks.cn/cortex/ransomware-protection?ts=markdown) * [数字取证](https://www.paloaltonetworks.cn/cortex/digital-forensics?ts=markdown) [行业](https://www.paloaltonetworks.cn/industry?ts=markdown) * [公共部门](https://www.paloaltonetworks.com/industry/public-sector) * [金融服务](https://www.paloaltonetworks.com/industry/financial-services) * [制造](https://www.paloaltonetworks.com/industry/manufacturing) * [医疗保健](https://www.paloaltonetworks.com/industry/healthcare) * [中小型企业解决方案](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio) * 服务 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 服务 [威胁情报和事件响应服务](https://www.paloaltonetworks.cn/unit42?ts=markdown) * [评估](https://www.paloaltonetworks.cn/unit42/assess?ts=markdown) * [AI 安全评估](https://www.paloaltonetworks.cn/unit42/assess/ai-security-assessment?ts=markdown) * [攻击面评估](https://www.paloaltonetworks.cn/unit42/assess/attack-surface-assessment?ts=markdown) * [防泄露准备工作审核](https://www.paloaltonetworks.cn/unit42/assess/breach-readiness-review?ts=markdown) * [BEC 准备情况评估](https://www.paloaltonetworks.com/bec-readiness-assessment) * [云安全评估](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment) * [入侵评估](https://www.paloaltonetworks.cn/unit42/assess/compromise-assessment?ts=markdown) * [网络风险评估](https://www.paloaltonetworks.cn/unit42/assess/cyber-risk-assessment?ts=markdown) * [并购网络尽职调查](https://www.paloaltonetworks.cn/unit42/assess/mergers-acquisitions-cyber-due-dilligence?ts=markdown) * [渗透测试](https://www.paloaltonetworks.cn/unit42/assess/penetration-testing?ts=markdown) * [紫队演习](https://www.paloaltonetworks.cn/unit42/assess/purple-teaming?ts=markdown) * [勒索软件就绪评估](https://www.paloaltonetworks.cn/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC 评估](https://www.paloaltonetworks.com/unit42/assess/soc-assessment) * [供应链风险评估](https://www.paloaltonetworks.cn/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [桌面演习](https://www.paloaltonetworks.cn/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 顾问人员](https://www.paloaltonetworks.cn/unit42/retainer?ts=markdown) * [响应](https://www.paloaltonetworks.cn/unit42/respond?ts=markdown) * [云事故响应](https://www.paloaltonetworks.cn/unit42/respond/cloud-incident-response?ts=markdown) * [数字取证](https://www.paloaltonetworks.cn/unit42/respond/digital-forensics?ts=markdown) * [事件响应](https://www.paloaltonetworks.cn/unit42/respond/incident-response?ts=markdown) * [托管检测与响应](https://www.paloaltonetworks.cn/unit42/respond/managed-detection-response?ts=markdown) * [托管威胁追踪](https://www.paloaltonetworks.cn/unit42/respond/managed-threat-hunting?ts=markdown) * [托管 XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown) * [Unit 42 顾问人员](https://www.paloaltonetworks.cn/unit42/retainer?ts=markdown) * [转型](https://www.paloaltonetworks.cn/unit42/transform?ts=markdown) * [事故响应计划制定与审核](https://www.paloaltonetworks.cn/unit42/transform/incident-response-plan-development-review?ts=markdown) * [安全计划设计](https://www.paloaltonetworks.cn/unit42/transform/security-program-design?ts=markdown) * [虚拟 CISO](https://www.paloaltonetworks.cn/unit42/transform/vciso?ts=markdown) * [零信任咨询](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory) [全球客户服务](https://www.paloaltonetworks.cn/services?ts=markdown) * [教育与培训](https://www.paloaltonetworks.com/services/education) * [专业服务](https://www.paloaltonetworks.com/services/consulting) * [成功工具](https://www.paloaltonetworks.com/services/customer-success-tools) * [支持服务](https://www.paloaltonetworks.com/services/solution-assurance) * [客户成功](https://www.paloaltonetworks.com/services/customer-success) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) Unit 42 顾问人员 为满足企业的需求而定制,您可以选择将顾问人员工时数分配给我们的任意产品,包括主动网络风险管理服务。了解如何一键呼叫世界一流的 Unit 42 事故响应团队。 了解更多](https://www.paloaltonetworks.cn/unit42/retainer?ts=markdown) * 合作伙伴 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 合作伙伴 NextWave 合作伙伴 * [NextWave 合作伙伴社区](https://www.paloaltonetworks.com/partners) * [云服务提供商](https://www.paloaltonetworks.com/partners/nextwave-for-csp) * [全球系统集成商](https://www.paloaltonetworks.com/partners/nextwave-for-gsi) * [技术合作伙伴](https://www.paloaltonetworks.com/partners/technology-partners) * [服务提供商](https://www.paloaltonetworks.com/partners/service-providers) * [解决方案提供商](https://www.paloaltonetworks.com/partners/nextwave-solution-providers) * [托管安全服务提供商](https://www.paloaltonetworks.com/partners/managed-security-service-providers) 采取行动 * [门户网站登录](https://www.paloaltonetworks.com/partners/nextwave-partner-portal) * [管理的服务计划](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program) * [成为合作伙伴](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [请求访问](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [查找合作伙伴](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE 代表了因其安全专业知识而值得信赖的前 1% 的合作伙伴工程师。 了解更多](https://www.paloaltonetworks.com/cyberforce) * 公司 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 公司 Palo Alto Networks * [关于我们](https://www.paloaltonetworks.cn/about-us?ts=markdown) * [管理团队](https://www.paloaltonetworks.com/about-us/management) * [投资者关系](https://investors.paloaltonetworks.com/) * [地点](https://www.paloaltonetworks.com/about-us/locations) * [道德与合规性](https://www.paloaltonetworks.com/company/ethics-and-compliance) * [企业责任](https://www.paloaltonetworks.com/about-us/corporate-responsibility) * [军人和退伍军人](https://jobs.paloaltonetworks.com/military) [为什么选择 Palo Alto Networks?](https://www.paloaltonetworks.cn/why-paloaltonetworks?ts=markdown) * [Precision AI 安全](https://www.paloaltonetworks.cn/precision-ai-security?ts=markdown) * [我们的平台方法](https://www.paloaltonetworks.cn/why-paloaltonetworks/platformization?ts=markdown) * [加速网络安全转型](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio) * [获得的奖项与表彰](https://www.paloaltonetworks.com/about-us/awards) * [客户案例](https://www.paloaltonetworks.cn/customers?ts=markdown) * [全球认证](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance) * [全方位信任计划](https://www.paloaltonetworks.com/resources/whitepapers/trust-360) 职业生涯 * [概述](https://jobs.paloaltonetworks.com/) * [文化与福利](https://jobs.paloaltonetworks.com/culture) [《新闻周刊》评选出的最受欢迎的工作场所 善待员工的企业 阅读更多](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021) * 更多内容 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 更多内容 资源 * [博客](https://www.paloaltonetworks.com/blog/?lang=zh-hans) * [Unit 42 威胁研究博客](https://unit42.paloaltonetworks.com/) * [社区](https://www.paloaltonetworks.com/communities) * [内容库](https://www.paloaltonetworks.cn/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.cn/cyberpedia?ts=markdown) * [技术内幕](https://techinsider.paloaltonetworks.com/) * [知识库](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks 频道](https://tv.paloaltonetworks.com/) * [领导者的视角](https://www.paloaltonetworks.com/perspectives/) * [《网络视角》杂志](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine) * [区域云位置](https://www.paloaltonetworks.cn/products/regional-cloud-locations?ts=markdown) * [技术文档](https://docs.paloaltonetworks.com/) * [安全态势评估](https://www.paloaltonetworks.cn/security-posture-assessment?ts=markdown) * [威胁载体播客](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) 联系 * [在线社区](https://live.paloaltonetworks.com/) * [活动资讯](https://events.paloaltonetworks.com/) * [高管简报中心](https://www.paloaltonetworks.com/about-us/executive-briefing-program) * [演示](https://www.paloaltonetworks.cn/demos?ts=markdown) * [联系我们](https://www.paloaltonetworks.cn/company/contact-sales?ts=markdown) [博客 了解行业趋势和全球最大网络安全公司的最新创新 了解更多](https://www.paloaltonetworks.com/blog/?lang=zh-hans) * CN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com/) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * CHINA (简体中文) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [联系我们](https://www.paloaltonetworks.cn/contact?ts=markdown) * [资源](https://www.paloaltonetworks.cn/resources?ts=markdown) * [获得支持](https://support.paloaltonetworks.com/support) * [遭遇攻击?](https://start.paloaltonetworks.com/contact-unit42.html) * [立即开始](https://www.paloaltonetworks.cn/get-started?ts=markdown) 搜索 Close search modal [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.cn/cyberpedia?ts=markdown) 2. [Network Security](https://www.paloaltonetworks.com/cyberpedia/network-security?ts=markdown) 3. [什么是 VPN 隧道?](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-vpn-tunnel?ts=markdown) 目录 * [VPN 隧道是如何工作的?](#vpn-tunneling) * [VPN 隧道协议类型](#types) * [什么是 VPN 分离隧道?](#split-tunneling) * [VPN 隧道常见问题](#faq) # 什么是 VPN 隧道? 目录 * [VPN 隧道是如何工作的?](#vpn-tunneling) * [VPN 隧道协议类型](#types) * [什么是 VPN 分离隧道?](#split-tunneling) * [VPN 隧道常见问题](#faq) 1. VPN 隧道是如何工作的? * [1. VPN 隧道是如何工作的?](#vpn-tunneling) * [2. VPN 隧道协议类型](#types) * [3. 什么是 VPN 分离隧道?](#split-tunneling) * [4. VPN 隧道常见问题](#faq) ![企业浏览器](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/vpn-tunnel.jpg) close VPN 隧道是网络设备与 VPN 服务器之间的安全加密连接,可保障互联网数据传输的安全。 VPN 隧道创建了一条私人通道,保护传输的信息不被拦截和未经授权的访问。加密算法可在传输过程中将数据转换为不可读的代码,确保即使数据被截获,也无法访问和安全。 ## VPN 隧道是如何工作的? ![用路由器和箭头显示互联网上安全网络之间 VPN 隧道的示意图。](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-vpn-tunneling.png "用路由器和箭头显示互联网上安全网络之间 VPN 隧道的示意图。") [*VPN*](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-vpn?ts=markdown) 隧道传输是指在网络(通常是互联网)上建立安全加密的连接。这种连接被称为 "隧道",因为它为设备和 VPN 服务器之间的数据传输提供了一条安全通道。 VPN 隧道可以隐藏用户的 IP 地址,并对其数据进行加密。这可以提供保护,尤其是在使用不安全的公共 Wi-Fi 时。加密过程可以比作通过邮件发送一个密封的信封。即使邮政工作人员看到或处理了信封,除非有人打开,否则信封内容仍然是保密的。 VPN 隧道包括一些保障措施,如致命开关,它能在 VPN 连接中断时停止互联网流量。这可以防止用户的公共 IP 地址被看到,从而保持安全隧道的完整性。 隧道传输过程涉及多个步骤,以确保安全性和隐私性: ### 1. 启动 VPN 连接 用户必须选择 VPN 服务,并将设备连接到所选的 VPN 服务器。 ### 2. 建立加密隧道 用户设备上的 VPN 应用程序会生成一个加密通道。当互联网流量通过用户的互联网连接传输到 VPN 服务器时,这种加密技术可以防止未经授权的访问。 ### 3. 数据加密 通过隧道传输的数据使用特定协议进行加密,将信息转换成一种被称为 "密文 "的编码格式。没有适当的解密密钥,任何人都无法破译这些加密数据。 ### 4. 在 VPN 服务器解密 VPN 服务器接收加密数据并使用密钥解密。一旦解密,数据就能持续到达互联网上的预定目的地。 ### 5. 将数据返回用户设备 从互联网发回用户的数据也要经过加密隧道,确保双向的隐私和安全。 ## VPN 隧道协议类型 ![用路由器和箭头显示互联网上安全网络之间 VPN 隧道的示意图。](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/types-of-vpn-tunneling-protocols.png "用路由器和箭头显示互联网上安全网络之间 VPN 隧道的示意图。") ### 点对点隧道协议(PPTP) ![PPTP 描述的是客户端通过网络接入服务器和互联网连接到 PPTP 服务器,采用 PPP 和 TCP/IP 连接。](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/pptp.png "PPTP 描述的是客户端通过网络接入服务器和互联网连接到 PPTP 服务器,采用 PPP 和 TCP/IP 连接。") [*PPTP*](https://www.paloaltonetworks.cn/cyberpedia/what-is-pptp?ts=markdown) 有助于在互联网上创建专用网络,实现安全的数据传输。该协议对数据包进行封装。易于设置是其主要优势,只要求最低限度的配置。PPTP 提供的加密功能不如较新的协议强大,因此容易出现安全漏洞。 ### 第 2 层隧道协议 (L2TP)/IPSec ![L2TP 显示远程用户调制解调器通过 PPP 连接 NAS/LAC,然后通过 L2TP 通过互联网连接到 LNS。](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/l2tp.png "L2TP 显示远程用户调制解调器通过 PPP 连接 NAS/LAC,然后通过 L2TP 通过互联网连接到 LNS。") L2TP/IPSec 是两个协议的组合:[*L2TP*](https://www.paloaltonetworks.cn/cyberpedia/what-is-l2tp?ts=markdown) 创建隧道,而 [*IPSec*](https://www.paloaltonetworks.cn/cyberpedia/what-is-ipsec?ts=markdown)用于数据加密和安全通信。 ![L2TP 显示远程用户调制解调器通过 PPP 连接 NAS/LAC,然后通过 L2TP 通过互联网连接到 LNS。](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/ipsec.png "L2TP 显示远程用户调制解调器通过 PPP 连接 NAS/LAC,然后通过 L2TP 通过互联网连接到 LNS。") 该协议因其与各种设备和操作系统的兼容性而广受认可。不过,双层安全可能会降低传输速度。此外,它使用的固定端口可能会导致某些防火墙出现问题。 ### 安全套接字隧道协议(SSTP) ![SSTP 协议由通过 SSL/TLS 握手和 443 端口 HTTP 请求连接到 SSTP 服务器的 VPN 客户端表示。](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/sstp.png "SSTP 协议由通过 SSL/TLS 握手和 443 端口 HTTP 请求连接到 SSTP 服务器的 VPN 客户端表示。") [*SSTP*](https://www.paloaltonetworks.cn/cyberpedia/what-is-sstp?ts=markdown) 利用 SSL 3.0 确保数据安全通过隧道。它以强大的加密功能而闻名。SSTP 不依赖于固定端口。因此,它的一个显著优势就是能够绕过防火墙。该协议的局限性在于其平台专属性,因为它不支持非 Windows 系统。 ### OpenVPN ![SSTP 协议由通过 SSL/TLS 握手和 443 端口 HTTP 请求连接到 SSTP 服务器的 VPN 客户端表示。](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/openvpn.png "SSTP 协议由通过 SSL/TLS 握手和 443 端口 HTTP 请求连接到 SSTP 服务器的 VPN 客户端表示。") [*OpenVPN*](https://www.paloaltonetworks.cn/cyberpedia/what-is-openvpn?ts=markdown) 是一个开放源码协议,提供强大的加密功能,并能在多个操作系统中运行。它采用 AES 256 位加密技术,在灵活性和安全强度方面备受好评。虽然 OpenVPN 允许大量定制,但它要求更复杂的设置程序,这可以通过使用配置软件来缓解。 ### Internet 密钥交换版本 2 (IKEv2)/IPSec ![IKEv2 的示意图,显示发起方和响应方之间的交换过程。](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/how-ikev2-works.png "IKEv2 的示意图,显示发起方和响应方之间的交换过程。") [*IKEv2*](https://www.paloaltonetworks.cn/cyberpedia/what-is-ikev2?ts=markdown) 与 IPSec 结合可提供安全、高效的 VPN 体验。它能在切换网络时迅速重新建立 VPN 连接,因此是移动设备的最佳选择。某些平台(如 iOS)的原生支持增加了它的吸引力,不过在非原生平台上的设置可能会很复杂。 ### 导线保护 ![WireGuard 协议显示各种设备通过安全 VPN 通道连接到 WireGuard 服务器,然后再连接到网站 IP 地址。](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/wireguard.png "WireGuard 协议显示各种设备通过安全 VPN 通道连接到 WireGuard 服务器,然后再连接到网站 IP 地址。") [*WireGuard*](https://www.paloaltonetworks.cn/cyberpedia/what-is-wireguard?ts=markdown) 是一种现代 VPN 协议,因其简约的设计和高性能而备受赞誉。它采用最先进的加密技术,既安全又快捷。WireGuard 的轻量级特性使其易于实施和审计,因而越来越受欢迎,尤其是在移动应用中。 ## 什么是 VPN 分离隧道? ![显示 VPN 分离隧道的图表,以及直接和安全隧道连接的百分比。](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/vpn-split-tunneling.png "显示 VPN 分离隧道的图表,以及直接和安全隧道连接的百分比。") VPN 分离隧道是一种功能,允许用户通过安全 VPN 路由部分互联网流量,而其他流量则绕过 VPN 直接访问互联网。这种方法允许将网络流量分为两个流。一个数据流经过加密并通过 VPN 隧道传输,另一个数据流则连接到互联网。当要求同时访问专用网络和公共网络的资源时,这一点尤其有用。 分裂隧道技术的优势在于其效率。通过 VPN 只引导必要的流量,可以节省带宽,提高不需要加密的活动的速度。例如,员工可以通过 VPN 访问公司的内部文件,同时直接通过本地互联网连接串流音乐,而这并不需要 VPN 的安全保障。 不过,这也有潜在的风险。不使用 VPN 的流量是未加密的,因此很容易受到数据拦截等威胁。虽然分离隧道技术可以优化网络性能,但必须谨慎实施,以在最需要的地方维护网络安全。该功能取决于 VPN 服务提供商的支持,不同的设备和操作系统可能会有所不同。 ## VPN 隧道常见问题 ### VPN 隧道有什么作用? VPN 隧道对通过互联网传输的业务数据进行加密,确保远程用户和分支机构安全访问企业资源,同时保护敏感信息免受网络威胁。 ### 什么是 VPN 中的隧道? 在 VPN 中,隧道是指数据传输的安全加密路径。该通道与其他网络流量隔离,以促进远程用户与企业网络之间的安全通信。 ### VPN 如何实现隧道传输? 在虚拟专用网络中,隧道传输是通过将网络协议封装在第二个网络所传输的数据包中来实现的。加密数据通过互联网上的安全隧道传输。这样,网络节点之间就能通过潜在的不安全网络(如公共互联网)进行安全连接。 ### 哪些工具属于隧道协议? VPN 使用的隧道协议包括安全套接字隧道协议 (SSTP)、第二层隧道协议 (L2TP)、点对点隧道协议 (PPTP)、OpenVPN 和互联网协议安全 (IPSec)。这些协议旨在通过在公共网络上建立和维护网络连接来确保数据传输安全。 ### VPN 和 VPN 隧道有什么区别? 虚拟专用网络(VPN)可通过互联网安全访问专用网络。VPN 隧道是 VPN 中特定的加密连接,可在数据在设备和网络之间传输时提供保护。 ### 我需要 VPN 通道吗? 企业需要 VPN 隧道来实现对网络的安全远程访问,以保护敏感数据并保持机密性。 ### VPN 隧道安全吗? VPN 隧道使用加密协议保护数据传输,降低了数据泄露和网络威胁的风险,因此对企业来说通常是安全的。不过,安全级别取决于 VPN 配置和最佳实践的遵守情况。 ### 哪两种是 VPN 隧道的主要类型? 企业的 VPN 隧道主要有远程访问和站点到站点 VPN 隧道两种类型,每种类型都能满足不同的网络设置需求。站点到站点是将整个网络相互连接起来,而远程访问则允许单个用户远程连接到网络。 ### 如何在两个站点之间创建 VPN 隧道? 要在两个地点之间创建 VPN 通道,请在每个地点使用 VPN 网关建立安全连接。使用兼容的隧道协议(如 IPSec)配置网关,并设置共享加密和验证方法。定义流量规则,允许数据在站点之间安全流动。 ### 如何设置 VPN 隧道? 要建立 VPN 隧道,需要选择 IPSec 或 OpenVPN 等 VPN 协议,在两端配置 VPN 服务器和客户端软件,通过身份验证和加密建立安全连接,并设置网络路由规则以引导流量通过隧道。确保兼容性和安全措施到位。 相关内容 [用于远程访问的 VPN 替代方案 用于安全远程访问的 VPN 替代方案,有时也被称为 VPN 替代方案,是除传统虚拟专用网络(VPN)之外,用于确保安全远程访问的其他方法。](https://www.paloaltonetworks.cn/cyberpedia/vpn-alternatives-for-remote-access?ts=markdown) [GlobalProtect GlobalProtect 不仅仅是一个 VPN。它为各地的所有用户提供灵活、安全的远程访问。](https://www.paloaltonetworks.cn/sase/globalprotect?ts=markdown) [为什么说 SASE 网络和安全方法是打击复杂... 了解随着 SASE 方法逐渐发展成为现代安全策略的基石,为什么 SASE 会成为安全领导者议程上的首要议题。](https://www.paloaltonetworks.com/resources/whitepapers/why-the-sase-approach-to-network-and-security-is-the-answer-to-combatting-sophisticated-cyberattacks) [SASE CIO 电子书:通过全企业范围的 SASE 推动未来工作的发展 首席信息官规划与实施指南](https://www.paloaltonetworks.com/resources/ebooks/sase-cio-ebook-driving-the-future-of-work-through-enterprise-wide-sase) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=%E4%BB%80%E4%B9%88%E6%98%AF%20VPN%20%E9%9A%A7%E9%81%93%EF%BC%9F&body=VPN%20%E9%9A%A7%E9%81%93%E6%98%AF%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E4%B8%8E%20VPN%20%E6%9C%8D%E5%8A%A1%E5%99%A8%E4%B9%8B%E9%97%B4%E7%9A%84%E5%AE%89%E5%85%A8%E5%8A%A0%E5%AF%86%E8%BF%9E%E6%8E%A5%EF%BC%8C%E5%8F%AF%E4%BF%9D%E9%9A%9C%E4%BA%92%E8%81%94%E7%BD%91%E6%95%B0%E6%8D%AE%E4%BC%A0%E8%BE%93%E7%9A%84%E5%AE%89%E5%85%A8%E3%80%82%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-is-a-vpn-tunnel) 返回页首 {#footer} ## 产品和服务 * [实时人工智能驱动的网络安全](https://www.paloaltonetworks.cn/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.cn/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown) * [云交付的安全服务](https://www.paloaltonetworks.cn/network-security/security-subscriptions?ts=markdown) * [高级威胁预防](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.cn/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown) * [企业数据丢失防护](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-iot-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.cn/network-security/medical-iot-security?ts=markdown) * [工业 OT 安全](https://www.paloaltonetworks.cn/network-security/industrial-ot-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown) * [新一代防火墙](https://www.paloaltonetworks.cn/network-security/next-generation-firewall?ts=markdown) * [硬件防火墙](https://www.paloaltonetworks.cn/network-security/hardware-firewall-innovations?ts=markdown) * [软件防火墙](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.cn/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.cn/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.cn/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.cn/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.cn/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.cn/sase?ts=markdown) * [应用加速](https://www.paloaltonetworks.cn/sase/app-acceleration?ts=markdown) * [自主数字体验管理](https://www.paloaltonetworks.cn/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.cn/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.cn/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.cn/sase/sd-wan?ts=markdown) * [远程浏览器隔离](https://www.paloaltonetworks.cn/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown) * [基于 AI 的安全运营平台](https://www.paloaltonetworks.cn/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.cn/cortex/cloud/application-security?ts=markdown) * [云态势安全](https://www.paloaltonetworks.cn/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.cn/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.cn/prisma/cloud?ts=markdown) * [人工智能驱动的 SOC](https://www.paloaltonetworks.cn/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.cn/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.cn/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.cn/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.cn/cortex/cortex-xpanse?ts=markdown) * [Unit 42 托管检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown) * [威胁情报和事件响应服务](https://www.paloaltonetworks.cn/unit42?ts=markdown) * [主动评估](https://www.paloaltonetworks.cn/unit42/assess?ts=markdown) * [事故响应](https://www.paloaltonetworks.cn/unit42/respond?ts=markdown) * [安全策略转型](https://www.paloaltonetworks.cn/unit42/transform?ts=markdown) * [发现威胁情报](https://www.paloaltonetworks.cn/unit42/threat-intelligence-partners?ts=markdown) ## 公司 * [关于我们](https://www.paloaltonetworks.cn/about-us?ts=markdown) * [人才招聘](https://jobs.paloaltonetworks.com/en/) * [联系我们](https://www.paloaltonetworks.cn/company/contact-sales?ts=markdown) * [企业责任](https://www.paloaltonetworks.com/about-us/corporate-responsibility) * [客户](https://www.paloaltonetworks.cn/customers?ts=markdown) * [投资者关系](https://investors.paloaltonetworks.com/) * [位置](https://www.paloaltonetworks.com/about-us/locations) * [新闻资讯](https://www.paloaltonetworks.cn/company/newsroom?ts=markdown) ## 热门链接 * [博客](https://www.paloaltonetworks.com/blog/?lang=zh-hans) * [社区](https://www.paloaltonetworks.com/communities) * [内容库](https://www.paloaltonetworks.cn/resources?ts=markdown) * [网络百科](https://www.paloaltonetworks.com/cyberpedia) * [事件中心](https://events.paloaltonetworks.com/) * [管理电子邮件首选项](https://start.paloaltonetworks.com/preference-center) * [产品清单](https://www.paloaltonetworks.cn/products/products-a-z?ts=markdown) * [产品认证](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance) * [报告漏洞](https://www.paloaltonetworks.com/security-disclosure) * [网站地图](https://www.paloaltonetworks.cn/sitemap?ts=markdown) * [技术文档](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [请勿出售或分享我的个人信息](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [隐私](https://www.paloaltonetworks.com/legal-notices/privacy) * [信任中心](https://www.paloaltonetworks.com/legal-notices/trust-center) * [使用条款](https://www.paloaltonetworks.com/legal-notices/terms-of-use) * [文档](https://www.paloaltonetworks.com/legal) 版权所有 © 2025 Palo Alto Networks。保留所有权利 * [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * CN Select your language