The present situation of IT operation and maintenance management

There are a large number of expensive Unix hosts to support 80% of the key core business of informatization. There are security loopholes and hidden dangers in the account management of these hosts, such as dead accounts and * * * accounts.

The neural nodes of information service are mostly supported by expensive switches and routers. The management of these key nerves is very dependent on people to maintain.

The operation of the equipment cannot be effectively recorded, leaving an audit certificate, and the account completely controlled by people invisibly increases the security risks.

The authentication intensity of servers and network devices is not high, and usually only static passwords are authenticated, and static passwords are often weak passwords, which leads to the risk of unauthorized access to core servers.

The complexity of information application determines the cross management of multiple roles (system/database/security/audit administrator/service provider, etc.). ). The authorization of partners can not be effectively supervised, and evidence can not be provided quickly, comprehensively and effectively after the failure, which brings bottlenecks to business growth.

Operation and maintenance personnel use the omnipotent Telnet/SSH remote management tool, which provides opportunities for internal illegal employees, dissatisfied employees and resigned employees to destroy. Because there is no reliable tracing and positioning mechanism, it causes losses and cannot be held accountable.

"A good horse will lose its front hoof." Users with legal rights cannot be identified because of negligence and mistakes in operation.