Surfliter Operation and Maintenance Security Audit System

    Surfliter Operation and Maintenance Security Audit System is an operation and maintenance audit and internal control management system for cloud platforms developed by Surfilter. It is based on the original operation and maintenance audit system for cloud computing and Big Data. The product introduces bank-grade internal control management mechanisms, and utilizes operation and maintenance whole-process audit functions, to effectively solve core operation and maintenance problems such as in e-government networks, medical platforms, operator cloud transformation, enterprise private cloud/public cloud, etc.

    Core Technology

    Streamline the kernel and optimize the TCP/IP protocol stack technology

    Integrated virtualization

    Introducing bank-grade internal control mechanism

    N+1 factor authentication

    Big Data analysis technology

    Product Functions

    Centralized management

    Centralized control of accounts and servers, to avoid resource allocation disorder.

    Web access management

    Unified authentication, single sign-on, support for cloud platform, server, virtual machine login client.

    Rights management

    4A authority division, support dynamic authorization.

    Instruction review

    Operation and maintenance authorization interception, approval management.

    Operation audit

    Operation and maintenance operation screencap audit and real-time alarm, history playback.

    Product Advantages

    Seamless Cloud Platform Integration

    1. Supports VMware ESX, VMware Vcenter, Openstack, Xen Cloud and other cloud platforms.

    2. Fully supports virtual machine image and virtual machine instance security management, as well as supports cloud platform virtual machine lifecycle management.

    3. Supports reinforcing security using Hypervisor.

    Authority Granularity Subdivision

    1. Based on the characteristics of the cloud platform, the role rights are sub-divided into server administrators, project administrators, cloud administrators and users.

    2. Dynamic authorization mechanism, flexible role switching.

    3. For sensitive operation interception, when the cloud administrator checks the virtual machine instance, it needs to be reviewed and confirmed by a higher-level authority.

    4. System set authentication, single sign-on authorization, one-key operation and maintenance Linux server, Windows server, etc.

    Intelligent Big Data Analysis

    In-depth statistical analysis of the behavior of operation and maintenance personnel can be performed through Big Data analysis of the massive operation and maintenance log.

    Operation log full-text retrieval

    The system provides a variety of charts, such as lists, pie charts, bar charts, linear charts, etc. to dynamically show operation and maintenance trends for analysis and management.

    Comprehensive Operation and Maintenance Audit

    Audit protocols and tools supported by the system include:

    1. Terminal character command operation: Telnet, SSH

    2. Windows Graphics: RDP, VNC, X11 pcAnywhere, DameWare, etc.

    3. Unix/Linux Graphics: Xwindows

    4. AS400 host graphics: AS400

    5. File upload and download: FTP, SFTP

    6. Application terminal operation: HTTP, HTTPS

    7. Database management tools: PLSQL and other tools