Abstract: Inspur SSC follows the principle of 4A, namely unified login, authentication, authorization and audit, which is mainly used to regulate the behavior of the data center staff who share the same account, and to improve the weak authentication system. We aim to prevent flaws in the system, inappropriate authorization management (such as unauthorized access), and other illegal operation and audit.
As the data center growing in size and the staff composition becoming complex, the data center is exposed to increasing risks during operation and management, including unauthorized access, misoperation, malicious damage, abuse of authority, etc. These problems not only affect normal operation of the data center, but also have negative impact on the reputation of the government and enterprises. Realizing these problems, it has been our major concern to regulate the operation process, improve the management quality, guide the behavior of operation staff, and prevent hacker invading and damages.
With larger data center, diversifying servers and network equipment, and increasing staff, management of the system becomes more complex. During daily maintenance, there are sometimes several members of staff who manage the same account in the system because they do not have a clear division of responsibility. Heavy workloads inevitably results in misoperations, which are very likely to cause network outage when the misoperations involves sensitive instructions or core data. The data center encounters many difficulties and bottlenecks in auditing, and once security incidents take place, it is always not possible to identify relevant members of staff.
Inspur SSC Operation Security Audit Solution
Inspur SSC operation security audit system, based on the principle of 4A, adopts the technology of order recognition, supports multiple communication protocols, and completely manages in a Web-based way. The system completes operation audit generally and manage audit query in detail. When Inspur SSC deals with the connection between management terminals, severs and database terminals, users’ communication data is encrypted so as to ensure data security and reliable access path.
So we use centralized management regarding user accounts, severs, databases, and the network equipment accounts. The infrastructure enables us to for manage and authorize users in a more convenient way, and also set securer passwords. In addition, we are able to audit users’ behavior through binding the accounts with users.
Inspur operation security audit system provides users with unified authentication interfaces, which support multiple models, including static password authentication, dynamic password authentication, Windows NT domain, Radius authentication and POP3 authentication.
Inspur provides a safe and reliable authorization mechanism to control the access of users, equipment, accounts, and other resources, in order to protect the system to the maximum extent. Inspur operation security audit system enable users to audit their character terminals and graphics terminals at present and afterwards.
Inspur operation security audit system has the function of single sign-on, users will be given pre-set account and password, with which they can log in the system in B/S way. They are also able to access the system later without entering account names and the passwords again.
Target Users and Benefits
Inspur SSC operation security audit system is widely used by telecom operators, and in fields such as finance, taxation, public security, electric power, as well as large or medium-size enterprises, and IT companies. Users have different server mainframes and network equipment to provide basic network services and operate key businesses or important information systems.
With centralized management, Inspur operation security audit system is able to manage data and information in a standardized way. The secure access ensures security of equipment resources in users’ database. There are two audit models, supporting concurrent audit and post audit respectively. Concurrent audit refers to real-time monitoring on users’ operation, and once there is high-risk operation, the administrator can block the access of the users. Post audit provides complete solution to operation audit.