Operation and maintenance security center (fortress machine)
Play video
A unified, efficient and secure O&M channel on the cloud is used to centrally manage asset permissions, monitor operation behavior throughout the process, restore O&M scenarios in real time, and ensure that cloud O&M identities can be identified, permissions can be controlled, risks can be blocked, operations can be audited, and help ensure compliance.
[Cloud native O&M] free experienceCloud native operation and maintenance experience under SAAS architecture, lightweight deployment and opening, convenient operation and maintenance of multi VPC scenarios, and automatic synchronization of cloud ECS
[Enterprise Dual Engine Version] 7-day free trialProvide enterprise level operation and maintenance security control capability, comprehensive asset operation and maintenance scenarios, fine-grained operation and maintenance security control capability, and enterprise level multi scenario compatible access
RDS, self built database operation and maintenance control
Use profession for safety, use safety for products, and use products for services
More comprehensive operation and maintenance capability
Unified operation and maintenance of multi cloud and offline server mixed scenarios Windows/Linux/database one-stop management and control
Global deployment
Support global regional deployment, operation and maintenance Full support for operation and maintenance of English version and international mobile phone number
More secure and reliable
Cloud architecture and dual engine deployment are more secure Asset security risk monitoring, which can be perceived by association
More convenient and easy to use
One click product activation and one click asset/user synchronization Upgrade as you drive, 7 * 24 expert service
Product Functions
Professional operation and maintenance security monitoring capabilityEstablish a unified security operation and maintenance channel, and solve the problems of "numerous assets difficult to manage", "unclear operation and maintenance responsibilities and permissions", and "difficult to trace operation and maintenance events" through fine-grained control of operation and maintenance permissions, real-time blocking of risk commands, password insensitive hosting, and operation behavior recording and broadcasting audit.
Unified operation and maintenance controlProvide a unified access to asset operation and maintenance, realize the control and audit of all operation and maintenance behaviors, and achieve one-stop security control over the operation and maintenance behaviors of LINUX/WINDOWS and database assets in the cross account, heterogeneous cloud, and offline IDC hybrid scenarios.
Identity double factor authenticationIn terms of the prevention of counterfeit user login, it has a dual factor authentication function, which can be used to conduct identity authentication again through dynamic password or SMS authentication, so as to prevent illegal users from stealing account passwords and carrying out counterfeit login and illegal access to assets.
Privilege fine-grained partitionIn terms of permission specification, users can be grouped and decentralized in a fine-grained way, such as limiting file upload, download, creation, etc., to achieve the most flexible configuration control on the basis of minimizing permissions.
Automatic blocking of high-risk behaviorsIn terms of malicious access behavior, sensitive high-risk commands, such as deleting data (rm rf/*), formatting and other highly sensitive operations, can be automatically blocked in real time to prevent major accidental deletion events.
Server password rotationIn terms of account and password security, the LINUX server password settings can be automatically changed on a regular basis to prevent password disclosure and other risks from increasing security protection.
Traceability audit visualizationIn terms of audit traceability, visual audit records are used to truly restore the whole behavior scene through visual recording and broadcasting, so as to conduct efficient forensic tracking of security events.
Version scenario recommendation
Small cloud user scenarios
Medium and large mixed user scenarios
Developer/lightweight application scenarios
SAAS lightweight version provides deeper cloud native integration capability, lighter deployment mode and easier cloud native experience
Product advantages
Lightweight deployment
One click opening, multi VPC on cloud, multi regional intranet connection
Deep integration of cloud assets
Automatic synchronization of cloud assets and automatic identification of system accounts
Privileged account management
Divide account permission categories to achieve one click authorization by category
Light specification cost
Smaller resource specification constraints, which can support 5-20 asset scenarios
Enterprise Dual Engine Application Scenario
Enterprise dual engine version, suitable for diversified demand scenarios of enterprises, provides richer functional experience, more stable dual engine architecture, and more smooth operation and maintenance experience
Architecture advantages
Dual engine support
Higher service stability guarantee, dual engine architecture, dual active operation, SLA up to 99.95%.
Enterprise level configuration
Provide more sufficient bandwidth and storage space, improve the performance experience for enterprise capacity asset operation and maintenance, and prevent the performance bottleneck caused by excessive business volume
Functional advantages
Database operation and maintenance control
In addition to linux/windows asset operation and maintenance control, unified database operation and maintenance control can be carried out at the same time
Unified operation and maintenance of mixed scenarios
Unified O&M management and control of complex and diverse offline IDC, heterogeneous cloud, cross account and other asset hybrid scenarios
Web page operation and maintenance
Provide a more convenient operation and maintenance mode, which can be operated and maintained directly by using web terminal without the client
Server password rotation
Provide server automatic password changing capability to strengthen server password security protection
Application scenarios
Financial industry
Internet industry
Financial industry
Due to important business and sensitive data, the financial industry needs to strengthen security monitoring on the behavior of direct operation and maintenance server assets to prevent data leakage caused by unauthorized access during operation and maintenance, as well as business system paralysis caused by high-risk command operations.
Able to solve
Ultra vires protection
Privilege fine-grained division effectively prevents sensitive data leakage events caused by ultra vires
High risk blocking
High risk commands are blocked in real time to ensure business system security during operation and maintenance
Efficient event restore
Visual recording and broadcasting can fully audit the operation behavior, which is conducive to efficient traceability of security incidents
With the rapid development of the Internet, huge server resources, diversified employees and accounts will lead to chaotic access, difficult account management, and complex permissions.
Able to solve
Unified operation and maintenance entrance
Unified closure of multi account operation and maintenance, one-stop access to huge back-end server resources
Credential privacy hosting
Unified trusteeship of credentials and password free login to avoid risks such as easily forgotten passwords of multi resource accounts and easy disclosure of password information when multiple people know
Fine grained permission division
Fine grained permission management capability, realizing the most flexible permission control on the basis of minimizing permissions, and realizing the standardized management of complex permissions
