YUNXIAZI
— Cloud Bastion Host

No client installation required; Fine-grained access control; Whole process operation audit; Automatic operation and maintenance.

yunxiazi-product
Product overview
YUNXIAZI is the first Cloud Bastion Host product launched by Shenzhen Yunanbao Technology Co., Ltd in China. By establishing one-to-one correspondence between the master account of YUNXIAZI and the slave account of IT resources, YUNXIAZI realizes the refined management of user, IT resources account and access process. Help customers to establish a security management system of pre planning, in-process control and traceability after the event, to reduce the risk of data leakage and IT malfunction caused by internal human factors.
Core functions
Identity Authentication
Two-factor Authentication: SMS verification code, Mobile dynamic token;
External Authentication source: Support AD, LDAP, Radius.
Account Management
Account escrow: Including the account and password of serve, database and network equipment etc.
Automatic password rotation
Account and password verification, Account synchronization
Access Control
Access control policy
Command control policy
Operational audit
Monitor and audit: Support real-timemonitoring, whole process video and character audit
Instruction search and location: Support full-text instruction search and location
Support OCR tools: Making the graphic audit convert into character audit.
Rich operation and maintenance reports
Automatic operation and maintenance
Custom script and task arrangement
Regularly, batch and automatically execute the preset scripts or operation and maintenance tasks
Workflow system
User defined approval process; Support multi-level approval
Automatic authorization after approval
Product characteristics
HTML5 one-stop operation and maintenance
Support operation and maintenance with no plug-in by any mainstream browser of any terminal, so that users can operate and maintain at anytime and anywhere.
Precise command interception
The system have preseted standard Linux character command library, and can customize the command control policy to realize the accurate interception of instructions and scripts, to prevent misoperation and malicious operation.
Application publishing extension
Provide unified access entrance to different application resources (such as database, web application, client program etc.) and audit all the operations of them.
Asynchronous dynamic authorization
Using the authorization mechanism of banks for reference to recheck sensitive operations.