Inspur SSR OS security enhancement system is kernel-layer aiming to reinforce operating system security. Different from the traditional firewall and IDS / IPS, SSR works close to user data on operating system layer. This design avoids both external and internal hacker attacks. It also remedies the "short board" of traditional products in terms of the security of mainframe and enhances operating system security up to level-3 national protection.
The product realizes mandatory access control to file, registry, process, service, network and other objects on kernel layer of operating systems. Different access policies are configured to protect system and application resources. Even the system administrator has no right to destroy the protected resource.
Conducting integrity test on files and services, and setting periodic testing items, giving alarms when tampered files or services are found, and spotting changed files.
Protection mode is able to prevent malicious formatting executed by viruses and intruders. Risks of accidental formatting by administrators can also be reduced.
System resource monitoring and alarm
Monitoring on CPU, RAM, disk and network resources, and issuing alarms they exceed the threshold of usage, in order tofind problems such as insufficient or abuse of resources in advance.
Dual-factor authentication and combined password authentication
Dual-factor (USB KEY plus password) authentication is provided to SSR security administrators, audit officials, and also system users. For remote login and virtual system servers that cannot identify USB KEY, SSR alternatively configures login authentication of two-password combination. The system can be logged in only when the two persons each holding one of the two passwords are simultaneously on site, ensuring the credibility of a natural person.
With the technology of kernel sealing and integrity protection, SSR prevent files from being tampered maliciously and prevent process from being maliciously injected.
SSRs in multiple platforms can be managed and maintained in one SSR console. Besides, SSR opens interfaces to third-party management platforms in need of integration, fusion of management between different products.
Flexible policy templates
In accordance with security policy SSR provides proven hierarchical templates to realize comprehensive protection of the system.The operation is also convenient and much easierto be more user-friendly.
This mode is used when users worry that their management policy may affect the system. At this point, SSR will only record but not block the violation, allowing administrators to adjust the policy without causing service interruptions.
Immunizing the system from Trojan virus and hacker attacks
SSR use the technology of ROST to conduct multi-aspect protection on files, registries, processes, networks, services, accounts etc. so that a three-dimensional protection system is built. It checks the whole process from file creation, execution to resource access. With the help of SSR, the system is immunized from known or unknown viruses, backdoors, malicious codes and any other hacker attacks. System and applications can operate in a safer and more stableenvironment.
SSR applies mandatory access control and whitelisting mechanism, so it only allows credible accounts and processes to access protected resources. Important binary files in the operating system will be fully protected. The malicious code cannot destroy system files or implant Trojans even it obtains the permission to systems, which can reduce the risks occurring in the vacuum period from "zero-day vulnerabilities" to patches made by users. Moreover, users can delay the patch deployment and defer the patch making to the regular repair period.
Withthe mechanism of decentralized management, SSR avoids the risk of OS administrator owning the dominant right. Their original privileges are assigned to system operators, security administrators and audit administrators, who perform their own function, yet constrain each other. The division of responsibility not only ensures the system security, but also keeps in line with relevant national information security standards.
Promotingthe level of system security, enhancing compliance experience of users
SSR realizes security tags and mandatory access control on kernel layer of the operating system. At the same time, the mandatory control is integrated with discretionary access control of users' systems, imposing stronger constraints and tighter control to protect the system and important applications. Besides, it closely followsthe standard of information security, including separation of three powers, integrity verification, dual-factor authentication and remaining information protection.All these measures help users build and manage the system in a safer and more reliable way.
Unified management mechanism to achieve simplicity
After completing the dual-factor authentication, administrators can access protected servers at any placeto develop and maintain security policies, so that centralized management can be realized to reduce the workload of daily maintenance.