All Products
Search
Document Center

Bastionhost:Introduction to the Basic and Enterprise editions

Last Updated:Mar 13, 2024

The Basic and Enterprise editions of Bastionhost are system O&M and security audit platforms provided by Alibaba Cloud. The Basic and Enterprise editions allow you to centrally manage O&M permissions and operations, and play back recordings of O&M operations. This way, you can identify the users who perform specific O&M operations, manage permissions, and audit O&M operations. The Basic and Enterprise editions make asset management efficient, O&M responsibilities clear, and O&M events traceable, helping enterprises meet the requirements for classified protection.

Benefits

The Basic and Enterprise editions provide the following benefits:

  • Unified portal for O&M

    Bastionhost provides a unified portal for you to manage different accounts. You can use single sign-on (SSO) to access a large number of server resources in the backend. This improves O&M efficiency and prevents risks, for example, passwords are forgotten or leaked.

  • Two-factor authentication

    Bastionhost provides the two-factor authentication feature. You can use a verification code in a multi-factor authentication (MFA) device or a verification code sent in a text message for identity authentication. This prevents unauthorized access to assets by using leaked accounts and passwords.

  • Fine-grained permission assignment

    Bastionhost allows you to group users and assign permissions to the users at a fine granularity. You can control permissions such as file upload, download, and creation permissions. This helps implement flexible access control based on the principle of least privilege.

  • Automatic blocking of high-risk commands

    Bastionhost automatically blocks the running of high-risk commands, such as rm -rf /* (the command to delete data), and commands to format system disks. This helps prevent accidental deletion operations that may cause serious consequences.

  • Visualized audit for event tracing

    Bastionhost visualizes audit records. It records O&M sessions and allows you to play back the recordings. This way, you can collect evidence and trace security events in an efficient manner.