A unified, efficient, and secure platform that provides cloud-based O&M, access control, and operation audit.

Promotion:15% discount for subscription on a yearly basis!

Efficient and Secure O&M

Bastionhost enables you to manage asset O&M permissions in a centralized manner, monitor all O&M operations, and reproduce O&M scenarios in real time to facilitate identity authentication, access control, and operation audit. You can use Bastionhost to troubleshoot issues, such as difficulties in the management of various assets, unclear responsibilities and authorities, and difficulties in the backtracking of O&M events.

Efficient O&M

Bastionhost provides a centralized portal to access server resources. Bastionhost provides single sign-on to allow O&M personnel to operate and maintain all server assets, facilitating centralized asset management.
Furthermore, Bastionhost supports password-free logon for asset O&M. It manages accounts and passwords in a centralized manner to simplify account management.

Security Control

Bastionhost supports fine-grained user permission assignment to allow different users to perform operations based on the permissions assigned to them. This helps implement security and access control based on the principle of least privilege. In addition, unauthorized and high-risk operations are blocked to protect asset security.

Ease of Use

Bastionhost can manage both cloud and on-premises assets. It can quickly synchronize ECS instances, RDS dedicated cluster hosts, and RAM users under an Alibaba Cloud account. It can also synchronize AD and LDAP users with one click.


Centralized Management

Manages different accounts in a centralized manner. You can access a huge number of server resources at the backend with single sign-on to Bastionhost. This improves your O&M efficiency and helps you avoid risks, such as difficulties in remembering different resource access accounts and passwords and leakage-prone password information that many people know.

Identity Authentication

Provides the two-factor authentication feature. This feature sends a one-time passcode or an SMS verification code during the user logon to verify the identity of the user. This prevents third parties from accessing assets with the accounts and passwords that they steal.

Permission Assignment

Assigns fine-grained permissions to user groups, such as the file upload, download, and creation permissions. This helps implement security and access control based on the principle of least privilege.

High-risk Command Blocking

Automatically blocks high-risk commands that are run to perform highly sensitive operations, such as deleting data (rm -rf /*) and formatting system disks. This helps prevent accidental operations that may cause serious consequences.

Audit and Backtracking

Provides visual audit records. Bastionhost records and broadcasts O&M sessions to reproduce the whole operation process. This helps efficiently collect evidence and track security events.

Without /With Bastionhost

• Messy O&M entrance
• Difficult management
• Hard to identify who shall be liable for any accident incurred

• Unified entrance
• Centralized management
• Convenient operation and maintenance audit

Product Launch - Alibaba Cloud Bastionhost for FinTech

View Now

Quick Start


Synchronize Assets

Synchronize assets such as ECS instances for O&M.
Learn More


Import Users

Import user accounts such as RAM users for O&M.
Learn More


Authorize Users

Create an authorization connection between users and assets and create O&M rules.
Learn More


Perform O&M on Assets

Use Bastionhost to perform O&M on assets.
Learn More


Audit Sessions

Audit O&M operations in real time.
Learn More



References: We recommend that you select the specifications based on a reasonable estimate of the maximum numbers of your assets and concurrent sessions. Bastionhost instances of different specifications have the same features.
Assets: the number of server assets that Bastionhost can manage.
Concurrent Sessions: the number of O&M sessions that O&M personnel can initiate in Bastionhost. O&M sessions refer to SSH- and RDP-based remote connections. Assume that there are 20 O&M personnel and each of them initiates five sessions on average. There are 100 concurrent sessions in total. This example is only for reference. Calculate the number of concurrent sessions based on actual conditions.
Example: An enterprise has 50 assets and 100 concurrent sessions. Another enterprise has 80 assets and 50 concurrent sessions. The minimum specifications for both of these enterprises are 100 assets and 100 concurrent sessions.

Assets Concurrent Sessions Public Bandwidth (Mbit/s) Price Per Month (USD) Billing Cycle
50 50 8 400 Supported cycles:
One month, three months, and six months
One year, two years, and three years
100 100 600
200 100 700
500 500 16 1,100
1,000 1,000 1,500
2,000 1,000 1,800
5,000 2,000 32 2,300

Upgraded Support For You

1 on 1 Presale Consultation, 24/7 Technical Support, Faster Response, and More Tickets.

1 on 1 Presale Consultation

Consulting by experienced cloud experts.Learn More

24/7 Technical Support

Extended service time from 10 hours 5 days a week to 24/7. Learn More

6 Free Tickets per Quarter

The number of free tickets doubled from 3 to 6 per quarter. Learn More

Faster Response

Shorten after-sale response time from 36 hours to 18 hours. Learn More

Start Your Efficient and Secure O&M Channel Now

Learn More