tencent cloud

Bastion Host

Product Introduction
Overview
Strengths
Scenarios
Differences between SaaS BH Standard Edition and Pro Edition
Purchase Guide
Billing Overview
Purchase Method
Upgrade Subscription Plan
Upgrade Bandwidth
Upgrade Extension Pack
Renewal
Payment Overdue
Refund
Getting Started
First Login of Admin
Admin Manual
First Login of Ops Engineer
Ops Engineer Manual
Operation Guide
Admin Guide
Operations Guide
Practical Tutorial
Blocking High-risk Commands
File Transfer Control
Tracing Security Incidents
Cross-VPC Asset Management
Access Bastion Host O&M Page Via Intranet Domain
Troubleshooting
Windows Resource Login Connection Timeout
Windows Resource Login Prompting Wait Active
Linux Resource Login via Mac Prompting No Matching Host Key Type Found
Windows Resource is Inaccessible for Mac Users
iTerm Client Displaying Unrecognizable Characters to Mac Users During Ops
Unable to Invoke Local XShell or SecureCRT
Ops Members Cannot Receive SMS Verification Code
Ops Members Cannot Load the Account When Logging in to Resources
Linux Resource Login Prompting Host Unreachable
Linux Resource Login Failure Prompting Password Error
FAQs
Usage
Consultation
BH Policy
Privacy Policy
Data Processing And Security Agreement
DocumentationBastion HostProduct IntroductionOverview

Overview

PDF
Focus Mode
Font Size
Last updated: 2023-12-27 17:08:33

Overview

Bastion Host (BH) is a centralized Ops management system integrating account, authorization, and authentication management and comprehensive audit. It provides IT asset access proxy and smart operation audit services and establishes a comprehensive security management system covering pre-event prevention, mid-event monitoring, and post-event audit. In addition, it can promptly trigger alarms for abnormal behaviors to prevent internal data leakage and help enterprises pass the CCP evaluation.
BH features:
A centralized management platform for you to reduce your system maintenance workload.
Comprehensive user and resource management for you to reduce your maintenance costs.
Strict resource access policies and strong authentication means to fully secure your system resources.
Detailed records of user access to and operations on resources for user behavior audit.

Features

BH audits a variety of mainstream Ops protocols and keeps detailed records of server and OS Ops to ensure that your security issues can be effectively traced.

Authentication management

BH provides differentiated authentication methods according to different needs. It supports the basic static password method and can integrate existing authentication methods (such as LDAP). It also supports two-factor authentication for higher security and unified authentication management.

Authorization management

BH centrally manages and controls user permissions to access assets. It controls not only asset access permissions but also operation commands, clipboards, and file transfers at a fine granularity. Its authorization is based on the principle of least privilege, which grants users the minimum level of permissions to access an asset and complete a task.

Asset access

BH supports the account and password for managed IT assets to allow for SSO login by Ops engineers to the target assets for Ops operations. Therefore, Ops engineers only need to remember their BH account and password but not all the asset accounts and passwords.

Operation audit

BH records and analyzes all user operation logs. It monitors user behaviors while performing data mining through centralized audit data for easier post-event traceability and identification of liability.
Next Topic: Strengths

Help and Support

Was this page helpful?

Help us improve! Rate your documentation experience in 5 mins.

Feedback