| With the impact of cloud computing,big data,social networking,mobile and other hot spots,the global server market is showing a trend of sustained growth.As the number of servers increases,data tampering,data leakage etc,the damage is getting worse and worse,more and more attention has been paid to data security.With the development of IT Technology,from Entity Machine to Virtual Machine,from Operating System to Application Program,there are operational safety problems.Traditional security measures such as firewalls,intrusion detection,it can no longer meet the security needs of operation and maintenance.Need to find a better way,to meet the daily operation requirements of enterprises,It was at this time that the concept of the Access Gateway was put forward.Research on Access Gateway on since its birth,it has been widely concerned by major enterprises.Britain,the United States and other countries,best Practice Guidelines for Information Technology and Industrial Service Management have been developed,support with ITIL and corresponding operation and maintenance management software,good results have been achieved abroad.In China,Access Gateway research formed a complete solution,the company has LvMeng,Qizhi,Yundun,etc.It has achieved good results,but it is still difficult to meet the needs of enterprises.Except Yundun,others require complex configuration,import User Server Information and Account Password.It's not easy to integrate with the enterprise's own workflow.This dissertation first clarifies that the core function of the fortress is operation,maintenance and auditing.Summarizing the role of operationing maintenance and auditing functions,it is explained that access control and behavior audit of character protocol,graphics protocol and file transfer protocol are carried out in the form of protocol whole-process monitoring,Combine account,certification,authorization and audit to improve the level of operation and maintenance security.According to the new needs of users,this dissertation is based on the Access Gateway,the work of integrating ITSM with ITSM is realized,The smooth transition from ITSM to Access Gateway is realized,realizing the combination with CMDB.Using Kubernetes framework to manage virtualization at each node,structured deployment using FiConn,using Bloom Filter to Partition Operational and Maintenance Rights.The deployment mode suitable for this system has been sorted out.Process management divides problems into business processes and IAM.Things flow can be divided into event management,problem management,change management,release management and knowledge management.IAM is unified Identity Authentication Using Dynamic Tokens,binding Personnel Information to System Account,account application,resignation application,emergency handling and related asset management.In the process of hierarchical deployment,Functions are subdivided into data center,management platform and node computer,their respective functions are described in detail.Detailed description of its shared database,From the role,operation and maintenance,audit playback,load balancing to divide and design. |
PDF Full Text Request