New feature Cloud Bastion Host (CBH) 

Flexible Engine
Release Notes

November, 2023 

What’s new?

We are pleased to announce the arrival of Cloud Bastion Host (CBH) to Flexible Engine, a comprehensive security management and control solution. CBH empowers centralized management of cloud computing resources, overseeing servers, permissions, auditing operational and maintenance (O&M) actions, while facilitating identity authentication.

Cloud Bastion Host (CBH)  

Key features 

Cloud Bastion Host incorporates a range of functional modules. These modules encompass departments, users, resources, policies, operations, and audits ensuring a comprehensive approach. The service also integrates single sign-on (SSO), unified asset management, multi-terminal access protocols, file transfer and session collaboration functionalities. Additionally, it features a unified O&M login portal, protocol-based forward proxy, and advanced remote access isolation technologies.

What it does

  1. Credential Authentication
    • Credential Authentication: CBH employs advanced multi-factor and remote authentication technologies to bolster O&M security.
    • Multi-factor Authentication: CBH verifies users through diverse methods like mobile one-time passwords (OTPs), SMS messages, USB keys, and OTP tokens, reducing O&M risks associated with leaked credentials.
    • Remote Authentication: CBH seamlessly integrates with third-party authentication services, such as Active Directory (AD), Remote Authentication Dial-In User Service (RADIUS), Lightweight Directory Access Protocol (LDAP), and Azure AD remote authentication. This integration prevents credential leakage, ensuring a secure O&M environment. CBH facilitates user synchronization from the AD domain server without altering the original user directory structure.
  2. Account Management: within CBH, organizations gain the ability to centrally oversee system user accounts and managed resource accounts. This facilitates the creation of a visible, controllable, and manageable O&M system, ensuring comprehensive coverage throughout the entire account lifecycle.
  3. Permissions Management: CBH offers robust support for fine-grained permission management, granting organizations complete control over user access to the CBH system and the specific managed resources accessible to individual system users. This capability enables them to effectively safeguard both CBH and its associated resources.

For more information on CBH please visit the HelpCenter page.