A unified, efficient, and secure platform that provides cloud-based O&M, access control, and operation audit.

Efficient and Secure O&M

Bastionhost enables you to manage asset O&M permissions in a centralized manner, monitor all O&M operations, and reproduce O&M scenarios in real time to facilitate identity authentication, access control, and operation audit. You can use Bastionhost to troubleshoot issues, such as difficulties in the management of various assets, unclear responsibilities and authorities, and difficulties in the backtracking of O&M events.

Efficient O&M

Bastionhost provides a centralized portal to access server resources. Bastionhost provides single sign-on to allow O&M personnel to manage and maintain all server assets, facilitating centralized asset management.
Furthermore, Bastionhost supports password-free logon for asset O&M. It manages accounts and passwords in a centralized manner to simplify account management.

Security Control

Bastionhost supports fine-grained user permission assignment to allow different users to perform operations based on the permissions assigned to them. This helps implement security and access control based on the principle of least privilege. In addition, unauthorized and high-risk operations are blocked to protect asset security.

Ease of Use

You can activate the service with a few clicks, dynamically upgrade service specifications, and manage assets in different environments such as data centers and heterogeneous clouds in a centralized manner. The service allows you to synchronize assets such as ECS instances and databases with a few clicks. It also supports different types of O&M users, including local users, RAM users, and AD-authenticated or LDAP-authenticated users.

Enterprise Dual-engine Edition: offers enterprise-level features and resource configurations.


Centralized Management

Manages different accounts in a centralized manner. You can access a huge number of server resources at the backend with single sign-on to Bastionhost. This improves your O&M efficiency and helps you avoid risks, such as difficulties in remembering different resource access accounts and passwords and leak-prone password information that many people know.

Identity Authentication

Provides the two-factor authentication feature. This feature sends a one-time passcode or an SMS verification code during the user logon to verify the identity of the user. This prevents third parties from accessing assets with the accounts and passwords that they steal.

Permission Assignment

Assigns fine-grained permissions to user groups, such as the file upload, download, and creation permissions. This helps implement security and access control based on the principle of least privilege.

High-risk Command Blocking

Automatically blocks high-risk commands that are run to perform highly sensitive operations, such as deleting data (rm -rf /*) and formatting system disks. This helps prevent accidental operations that may cause serious consequences.

Audit and Backtracking

Provides visual audit records. Bastionhost records and broadcasts O&M sessions to reproduce the whole operation process. This helps efficiently collect evidence and track security events.

Without/With Bastionhost

• Messy O&M entrance • Difficult management • Hard to identify who shall be liable for accidents that occur

• Unified entrance • Centralized management • Convenient O&M audit

Product Launch - Alibaba Cloud Bastionhost for FinTech

View Now

Quick Start


Synchronize Assets

Synchronize assets such as ECS instances for O&M.
Learn More


Import Users

Import user accounts such as RAM users for O&M.
Learn More


Authorize Users

Create an authorization connection between users and assets and create O&M rules.
Learn More


Perform O&M on Assets

Use Bastionhost to perform O&M on assets.
Learn More


Audit Sessions

Audit O&M operations in real time.
Learn More



References: We recommend that you select the specifications based on a reasonable estimate of the maximum numbers of your assets and concurrent sessions. Bastion hosts of different specifications have the same features.
Assets: the number of server assets that Bastionhost can manage.
Concurrent Sessions: the number of O&M sessions that O&M personnel can initiate in Bastionhost. O&M sessions refer to SSH- and RDP-based remote connections. Assume 20 O&M personnel. Each of them initiates five sessions on average. A total of 100 concurrent sessions are created. This example is only for reference. The actual number of concurrent sessions must be calculated based on specific conditions.
Example: An enterprise has 50 assets and 100 concurrent sessions. Another enterprise has 80 assets and 50 concurrent sessions. The minimum specifications for both of these enterprises are 100 assets and 100 concurrent sessions.

Edition Assets Concurrent Sessions Product Specifications Price Per Month (USD) :China (Hong Kong),Singapore,Australia (Sydney),Malaysia (Kuala Lumpur),Indonesia (Jakarta),Japan (Tokyo),Germany (Frankfurt),UK (London),US (Virginia),US (Silicon Valley),India (Mumbai) Price Per Month (USD) : Shanghai, Shenzhen,
Qingdao, Beijing, Hohhot, Chengdu
Price Per Month (USD) :UAE (Dubai) Billing Cycle
Basic Edition 50 50 Internet Bandwidth 8 Mbit/s + Storage 1T 400 USD 250 USD 750 USD Supported billing cycles:
One month, three months, and six months
One year, two years, and three years
100 100 600 USD 400 USD 1,000 USD
200 100 700 USD 550 USD 1,300 USD


500 Internet Bandwidth 16 Mbit/s + Storage 2T 1,100 USD 800 USD 2,000 USD
Enterprise Edition 50 50 Internet Bandwidth 8 Mbit/s + Storage 1T 700 USD 400 USD --
100 100 1,000 USD 700 USD --
200 100 1,300 USD 950 USD --


500 Internet Bandwidth 16 Mbit/s + Storage 2T 1,900 USD 1,400 USD --
1,000 1,000 3,900 USD 2,500 USD --
2,000 1,000 6,000 USD 4,000 USD --


2,000 Internet Bandwidth 32 Mbit/s + Storage 2T 8,800 USD 5,800 USD --

Upgraded Support For You

1 on 1 Presale Consultation, 24/7 Technical Support, Faster Response, and More Free Tickets.

1 on 1 Presale Consultation

Consulting by experienced cloud experts.Learn More

24/7 Technical Support

Extended service time from 10 hours 5 days a week to 24/7. Learn More

6 Free Tickets per Quarter

The number of free tickets doubled from 3 to 6 per quarter. Learn More

Faster Response

Shorten after-sale response time from 36 hours to 18 hours. Learn More

Start Your Efficient and Secure O&M Channel Now

Learn More

phone Contact Us