Core Platform Architecture

Based on the platform built by the adaptive security architecture, through continuous monitoring and analysis of workload information and behavior, security threats and intrusions can be quickly and accurately detected, and flexible and efficient problem-solving capabilities can be provided. The adaptive protection architecture can provide users with the next generation of security protection monitoring capabilities.
  • Agent – Workload Agent

    Agent needs only one command to complete the installation on the workload, and automatically adapts to various physical machines, virtual machines and clouds. It runs stably and consumes less. It can continuously collect workload process, port and account information, and monitor the process, network connection and other behaviors in real time. It can also communicate with the server-terminal, perform the tasks, and actively discover workload security problems.

  • Security

    As the information processing center of the core platform, Engine supports the horizontal expansion of distributed deployment. It can continuously analyze and detect the information and behavior received from each agent and save them. It can find vulnerabilities, weak passwords and other security risks from the information of each dimension and abnormal behaviors such as web shell writing behavior, abnormal login behavior, abnormal network connection behavior, and abnormal command invocation behavior, etc., achieving real-time warning of intrusion.

  • Control Center

    Interaction with users in the form of Web console can clearly show the results of security detection and analysis, and real-time warning of major threats to help users deal with problems better and faster, providing centralized management security tools, and facilitating users to configure and manage systems, security response and other related operations.

Agent Running Protection

  • Security

    Protecting Agent from tampering by shelling; Encrypting transmission and communicating with server to ensure data security.

  • Stability

    Through the operation practice of 50000 + servers, the stability is as high as 99.99%. In 2 minutes, the off-line automatic restart mechanism ensures that the system is always in the monitoring state.

  • Low consumption

    Under normal system load, CPU occupancy is less than 1%, memory occupancy is less than 40M, and consumption is very low. When the system load is too high, Agent will degrade actively, restrict the occupancy of system resources strictly, and ensure the normal operation of business system.