Core Platform Architecture
Agent – Workload Agent
Agent needs only one command to complete the installation on the workload, and automatically adapts to various physical machines, virtual machines and clouds. It runs stably and consumes less. It can continuously collect workload process, port and account information, and monitor the process, network connection and other behaviors in real time. It can also communicate with the server-terminal, perform the tasks, and actively discover workload security problems.
Security
As the information processing center of the core platform, Engine supports the horizontal expansion of distributed deployment. It can continuously analyze and detect the information and behavior received from each agent and save them. It can find vulnerabilities, weak passwords and other security risks from the information of each dimension and abnormal behaviors such as web shell writing behavior, abnormal login behavior, abnormal network connection behavior, and abnormal command invocation behavior, etc., achieving real-time warning of intrusion.
Control Center
Interaction with users in the form of Web console can clearly show the results of security detection and analysis, and real-time warning of major threats to help users deal with problems better and faster, providing centralized management security tools, and facilitating users to configure and manage systems, security response and other related operations.
Agent Running Protection
Security
Protecting Agent from tampering by shelling; Encrypting transmission and communicating with server to ensure data security.
Stability
Through the operation practice of 50000 + servers, the stability is as high as 99.99%. In 2 minutes, the off-line automatic restart mechanism ensures that the system is always in the monitoring state.
Low consumption
Under normal system load, CPU occupancy is less than 1%, memory occupancy is less than 40M, and consumption is very low. When the system load is too high, Agent will degrade actively, restrict the occupancy of system resources strictly, and ensure the normal operation of business system.