December 1, 2019, for many companies the security operation and maintenance team is an important time node, the national safety standard - "Information security technology to protect the basic level of network security requirements" Version 2.0 (referred to as insurance, etc. 2.0) will be formally implemented. The new 2.0 standard and other more industry-specific insurance, covering the content is more detailed and rich. Paul and other implementation landing around 2.0, all walks of life can be the scene of building security system to enterprise IT standardization.
In the game industry, such as compliance with security requirements is a mandatory requirement of business operations. Before and other insurance 2.0 release, the game industry to ensure equal 1.0 as a benchmark and standardize IT systems operation and maintenance of security systems. In the multi-level security and other compliance requirements of 2.0, the host asset management is a very important job. With Jumpserver fortress machine, globalization IP game in hand tour operators build operation and maintenance safety audit system in line with new regulations such as insurance .
Challenge: IT assets are widely distributed and constantly changing
As a leading global IP game operators, travel hand in IP-core, through independent research and proxy issue, continue to provide quality IP game players around the world, and around IP and CP start a positive investment layout, build the game around IP ecosystem. It is understood that, in the hands of domestic travel market, the development of mobile games based on the IP generated by the game ranked first issue cumulative gain meter, according to press release IP development count the total number of games ranked first, also ranked first in the IP resource reserves .
Globalization considerations and other aspects of service delivery, swim in hand on the construction of the first use of IT architecture cloudy . At present, mobile games have been used for more than a public cloud, including Ali cloud, cloud Tencent, Jinshan Yun, Huawei cloud, UCLOUD and so on. On different public cloud, the mobile games all have a lot of assets on the cloud virtual machines, storage, databases, and so on. These distributed, large-scale cloud assets need to be unified security management and auditing.
On the other hand, the number of these assets will be accompanied on the cloud gaming service operators to expand or reduce . When a popular game on the line, the number of cloud assets rapid rise, but at a relatively low season game in hand travel will recover resources according to market conditions, make full use of elastic stretch of the advantages of public cloud services.
From the actual business needs, hopes to swim in hand bastion machine unified nanotube massive and ever-changing cloud assets, build in line with 4A (authentication Authentication, authorization Authorization, Accounting and auditing accounts Auditing) specification of security audit system operation and maintenance, from the asset management level to meet compliance standards such as insurance 2.0.
Implementation: three core capabilities escort, to comply with new regulations such as insurance
After product selection and the actual test, the final choice in hand travel security audit system operation and maintenance organization based Jumpserver fortress built for large-scale cloud asset management. In hand tour that, as a fortress rather innovative machine, Jumpserver fortress native support for cloudy environment is their major concern. Compared with the traditional bastion machine, Jumpserver uses a distributed architecture designed to better support enterprise asset management and audit requirements for cloudy environment . At the same time, due to the volume of assets Jumpserver concurrent and no limit, at the time of the expansion without worrying about license restrictions.
And other security standards for the specific requirements of the host security in mobile games based Jumpserver fortress machine implements authentication, access control, security audit three core capabilities:
-
Authentication : logon user identity and authentication, identity unique. Each user through its own independent fortress machine account login correctly identify the user's identity, the identity of the account and avoid mix is not clear and other security risks. Meanwhile, Jumpserver fortress machine also provides multi-factor authentication (MFA) function, dynamic verification code through mobile applications for secondary authentication, easy operation.
-
Access control : Jumpserver fortress machine provides a comprehensive rights management system for businesses to clarify the many relationships before people and assets, assets and rights, and human rights, and allow businesses the flexibility to create and assign this set authorization system. In this framework, the hand travel and build personnel, assets, rights Trinity access control system, good to meet the security requirements and other relevant specifications. Administrators can block certain high-risk operations in a timely manner to avoid dangerous situations, effectively enhance system security.
-
Security Audit : Jumpserver fortress machine provides auditing capabilities for Windows, Linux systems can record and leave marks for each user of each operation, all operations will be video by fortress machine. Administrators can operate afterwards all connections audit, effective way to eliminate the unclear responsibility for security and other issues.
Earnings: Cloudy assets nanotube unified, cloud storage and flexible expansion
For travel in hand, the aid Jumpserver fortress machine leading architecture and scalability, security, operation and maintenance team successfully overcome the large-scale, distributed assets nanotubes problem, erected operation and maintenance safety audit system for cloudy environment .
In cloudy environment, the cloud assets automatic access to information is a very big challenge . Jumpserver fort software subscription service contained further X-Pack package provides a "cloudy assets nanotubes" function With this function, the hand travel to achieve a rapid nanotubes to public cloud resources, one-button synchronization, periodically synchronize the public cloud assets to Jumpserver fortress machine without manual entry and operation, significantly increasing management experience.
For the use of enterprise architecture cloudy, continue to stimulate the ability of enterprises to use cloud-native services is an important goal . For example, the operation of video storage bastion machine, if the connection is a cloud on the assets, but the way the traditional bastion of the recording machine back to the local data center, undoubtedly will waste a lot of network bandwidth. Jumpserver fortress machine allows users to record information stored directly on top of AWS S3, Ali cloud OSS, ElasticSearch and other cloud storage services, save a lot of bandwidth.
Scalability, Fort Jumpserver different subassemblies may be implemented independently deployed machine, and scale . Peak pressure in the face of business, users can expand their own sub-assemblies, rapid response access pressure. When the pressure peak spending, reduce the number of deployed sub-assemblies, in the case does not affect the user experience, and easy to elastically stretchable systems.
Construction and operation of enterprise security system is a long-term task. After the meet and other insurance new regulatory requirements, the hand travel plans to the fortress machine integrated into the content operation and maintenance release system, with Jumpserver fortress machine a standardized API interface, to break the game open service, publish, operation and maintenance, security and other different sectors and to achieve linkage with the cloud fortress machine tube platform, while continuing to enhance the security of the system, constantly optimize the operational efficiency of IT systems.
