A brief introduction to the centralized control platform software of Kirin open-source Fortress machine

large enterprises are often divided into group centers, provincial centers and municipal companies and other multi-level departments, many large enterprises have installed Fortress machine, Bastion machine often to the provincial center , for the management of the unit, and many provincial companies often also because the business needs to purchase a lot of Fortress machine, this way caused the following problems:

1. OPS personnel have to record multiple bastion machine IP, multi-bastion machine user name and password, especially when several Fort Base between the password policy is not unified, it is very easy to cause password confusion problem ;

2. lack of centralized and unified management system, each bastion machine is difficult to achieve security policy, account policy, backup strategy, such as uniform, easy to cause management confusion ;

3. Auditors have to log on to all bastion machines separately, time-consuming, laborious and error -prone ;

4. Lack of a unified analytical capacity, the analysis of the Fortress machine independent operation, it is difficult to concentrate on the analysis of the operation of the entire enterprise status and situation;

In short, this decentralized deployment model, resulting in enterprise operation and maintenance management difficult, easy to chaos, high cost issues.

Centralized control platform can be implemented in an interface to manage more than one bastion machine, the bastion machine into a centralized management platform, the administrator can directly in the centralized control platform on the Fort machine assets, permissions to set up, and can be in the centralized control platform to output a variety of reports, There is no need to operate on each bastion machine, greatly reducing the operation process.

at the same time , for operation and maintenance personnel, do not need to record multiple Fortress machine IP and account, only need to log on to the centralized control platform, you can see all the equipment you can log in, but also reduce the operation of operations personnel.

Centralized control platform is generally deployed in the group center, using HA architecture to solve single point of failure, centralized control platform is mainly used for Headquarters management personnel for report output and analysis . at the same time, there are some operations and maintenance personnel at Headquarters need to operate across multiple provinces, but also through a centralized control platform.

Centralized control platform generally two units, using HA architecture, two centralized control platform using the VRRP protocol together with a hot backup IP, when the primary server problems, the slave server will automatically switch the hot backup IP to the machine, A service takeover to ensure that no single point of failure occurs.

The centralized control platform topology is as follows:

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/7F/31/wKiom1cWBrWCkZyiAAILQ6TpZfk967.jpg "title=" Picture 1.jpg "alt=" Wkiom1cwbrwckzyiaailq6tpzfk967.jpg "/>

Centralized control platform after the launch can be achieved:

1. Fortress machine Administrator, can be on the centralized control platform for all the bastion machine policy settings, so that all the Fort machine password, account, backup and other policies consistent;

2. The administrator of the Fortress machine can add and remove account permissions for any bastion machine on the centralized control platform, and do not need to remember the IP and username password of the fortress machine in the city.

3. The auditor of the Fortress machine can perform audit and report printing on the centralized control platform for all bastion machines, without having to log on to the branch fortress machine or remember the branch fortress machine IP account number;

4. Operation and maintenance personnel, only need to connect login centralized control platform, do not need to remember the IP, user name and password of any bastion machine can be operational operations .

To sum up, the centralized control platform after the launch, the administrator, auditor, OPS personnel only need to record the management platform of an IP, user name and password, at the same time, in doing the operation also only need to login control platform, greatly simplifying the management process and cost.

A brief introduction to the centralized control platform software of Kirin open-source Fortress machine