Endpoint Security

Endpoint Security is a Virtual Machine Endpoint Security management product provided by JD Cloud for users. It adopts a lightweight security protection process to realize real-time monitoring of host risks, timely warning of security threats, and precise protection against malicious intrusion to effectively improve Endpoint Security defense capabilities and ensure the Virtual Machine service security.

Try Now Apply for Trial of Enterprise Version >

Benefits

Virtual Machines Risk Visualization
With automatic scanning and recognition of security risks in the business system, the potential security threats are timely found, and the multi-dimensional visual security analysis report is generated to comprehensively master the overall endpoint security conditions, timely optimize and reinforce the security risks and improve endpoint security and defense capability of the Virual Machines.
Accurate Real-time Defense
Based on the multi-engine detection technology, the detection and recognition of abnormal user behaviors can be realized, and real-time and accurate intrusion behaviors such as brute force cracking and abnormal login can be found. It can quickly respond to intercept malicious intrusions and attack behaviors and can report security incidents in time.
Centralized Security Management
JD Cloud users can implement the machine security test, defense configurations, security reinforcement, centralized display and alarm of security incidents through the JD Cloud Console. The Virtual Machines system has no operation interface.
Auto Operation and Maintenance
The Endpoint Security protection process is built in the Virtual Machines operating system. The Endpoint Security protection is automatically loaded when the Virtual Machine is started, to enable VM security risk warning and real-time interception of malicious attacks. The one-click loading saves user installation and deployment, with automatic unattended operation and lowered operation and maintenance cost.
Compliance Baseline (Enterprise Version)
Accord with the requirements for security expansion of grade protection 2.0 cloud computing, and meet the national policy requirements
Asset Fingerprint (Enterprise Version)
With the historic record of asset fingerprint provided by Endpoint Security, the intrusion check cost is reduced for the business party.
Risk Discovery (Enterprise Version)
Visually display VM risks, and fully learn such key information as machines, business and risks
Intrusion Threat (Enterprise Version)
Find hackers’ attacks immediately, and fully help the customer find any security risks existing in the system

Features

Detection of Weak Password

Quickly detect weak password accounts

The system has a built-in weak password dictionary. Detect the account password according to the dictionary rules, display the risks of weak password through the cloud platform and remind the user to make modification, to prevent the system account from being cracked.

Abnormal Login

Accurately identify abnormal login addresses

Automatically identifying abnormal login behavior and carrying out early alarm according to system design rule, and the users can set the common login area. When the login address is uncommon login address, the alarm record is generated and reported to the cloud platform to remind the user that there is a risk of remote login.

Brute Force Attack

Effective Block of Violent Cracking Behavior

It includes brute force attack of remote login, database’s anti-brute force attack, FTP’s anti-brute force attack. Obtain the IP that attempts to perform brute force attack through the methods of system log, analysis of network packet’s protocol and port and judge that whether it meets the protection rules, if so, interception shall be performed and shall be reported to the cloud platform

Detection of High-risk Vulnerability

Regularly detect system high-risk vulnerabilities and report vulnerability details, and provide vulnerability fixes and suggestions

Regularly detect system high-risk vulnerabilities and report Virtual Machines vulnerability details. The product provides Windows system vulnerability restoration feature. Linux provides vulnerability restoration suggestions and it needs to manually complete the vulnerability restoration.

Compliance Baseline (Enterprise Version)

Compliance baseline helps users to complete the basic security configuration detection for services operated by Virtual Machines and reduces the attack ranges. The best practices of Linux are provided.

The best practices of linux compliance baseline show the basic configuration which is mostly frequently used by public cloud tenants to users from aspects of file permission, service configuration, identity authentication, intrusion prevention and control as well as security audit, giving the visual understanding of operating system security configuration of Virtual Machines to tenants and preventing intrusion incidents due to configuration omissions.

Asset Fingerprint (Enterprise Version)

Provide information related to asset running process, port, account and software of Virtual Machines

With the asset fingerprint function, the following information on servers will be periodically collected and recorded: running process, port service, account information and software information. Meanwhile, historical change status can be recorded and search is supported, helping you fully understand the asset running status and facilitating invasion check.

System Back Door Detection (Enterprise Version)

Discover the program which hides the existence of malicious software by intercepting (linking together) and modifying the operating system API call providing system information

rootkit, a sort of malicious software hiding itself in the computer operating system, provides such security capabilities as kernel level rootkit detection, application level rootkit detection, etc. through the Endpoint Security back door detection function.

Suspicious Operation (Enterprise Version)

Audit the suspicious operations of the user command line, and at the same time support the function switch because of privacies

Through audit of the suspicious operations entered in the user command line, including: password file modification, malicious file downloading, agent software misuse, system log tampering, ssh key pair tampering, hacker tool running, bounce shell, information leakage, high risk command, program damaging security, plaintext password login, etc.