HOME >> Products

System Environment Deployment SED

Product Introduction

[System Architecture Deployment Description]

● The server back-end supports cluster deployment, and applications and databases can be deployed separately;

● The terminal computer installs the client program and starts up automatically. No user operation is required.

● The hardware gateway can be used to integrate the internal application system of the enterprise to ensure the security of data in the application system.

█ Detailed function

[Environmental configuration]

● Hardware configuration (custom machine)

CPU 2*Intel Xeon quad-core E5-2407, clocked at 2.2GHz hard disk 2*1T SATA2 7200Rmp
RAM 4*4G DDR3 ECC memory (8GB or more recommended) Network card Onboard or stand-alone dual Gigabit Ethernet card

● Hardware configuration (purchased by users)

CPU Intel C202 Chipset Supports an Intel® Xeon® E3-1200 v2 Core i3-3200 Series Multicore Processor hard disk 1U(1T), 2U(32T), 3U(64T), 4U(96T)
RAM 4 memory slots dual channel support up to 32GB RAID Supports SATA/SAS RAID0, 1, 5, 0+1, 50, 6
power supply 1U (standard output power 400W server power supply), 2U (standard output power 600W server power supply), 3U (standard output power 600W (optional 550W (1+1) redundant server power supply), 4U (standard Output power 800W (2+1)

● Comprehensive Management Unit Operating System

System Support Language Chinese English
Foreign operating system Windows Server 2003 SP2 64-bit, Windows Server 2008 SP2 64-bit, Windows Server 2012 64-bit Debian Linux, Red Hat Linux, Ubuntu Linux, Centos Linux
Domestic operating system Successful bidder Kirin et al

● Terminal execution unit operating system

System Support Language Simplified Chinese, English
Foreign operating system Windows XP SP3 32/64 bit, Windows Vista 32/64 bit, Windows 7 32/64 bit, Windows 8.1 32/64 bit, Windows 10 32/64 bit, etc.

● Database

The main database MySQL, etc. Database language support Chinese etc.

● Antivirus software

Including but not limited to 360 antivirus, 360 security guards, Rising antivirus, Kingsoft Internet Security, trend antivirus, Symantec SEP, Kaspersky and others.

Operation and maintenance deployment

● Deployment requirements

Administrator rights installation.

You need to have read and write permissions for the client installation directory %\Program Files\Agile DGS\%.

Windows Vista, Windows 7 need to open UAC user security permissions.

Domain push installation needs to be delivered through computer group policy.

● WEB access management

The management platform supports B/S mode access, supports IE8, IE9 and IE10, Firefox, Chrome and other browsers.

● HA high reliability and load balancing

The system has built-in clustering capabilities that can be scaled horizontally.

● Distributed deployment

Each module of the system deployment (database, application access module, etc.) supports distributed deployment.

● Database backup

Complete the system database backup, support manual backup and automatic backup, automatic backup can set the backup cycle (hour, day, month, year) and backup path.

● Terminal Management

Maintain and manage terminal clients, support remote installation, remote upgrade, policy management, and terminal statistics.

【Role Assignments】

● Separation of powers

System administrator: is mainly responsible for organizational management, process management, system maintenance, and system roles.

Security administrator: It is responsible for the security policy template, key management, user groups, and user policies.

Log administrator: It is mainly responsible for system log management and auditing.

● Hierarchical management

Supports the role-based hierarchical management, sets the level of management visibility, and implements the level-by-level constraint and controllability of management permissions.

● Role Rights Management

The system defaults to the role and permission meta-view, and allows users to customize the new permission group.

【User Management】

● Local users

Create system users based on the organizational structure, and associate security policies with departments or users. Support the addition, deletion, modification, activation, locking, offline user authentication, and password reset of user accounts.

● AD domain users

Synchronize Microsoft's AD domain OU organization structure and user information, complete the user organization structure creation.

● Authentication

Used to set the client login mode, support automatic login mode and manual login mode;

Online login: remember the password, automatic login, to avoid the user's next login repeatedly enter the account number and password;

Offline Login: The system records the identity of the user who successfully logged in the last time. It authenticates when offline, and offline authentication is controlled by the offline time.

[System Settings]

● Path address setting

System upgrade package storage path, upload file storage path, temporary file storage path, outgoing file storage path, search engine address, and so on.

● Data dictionary settings

Range of values ​​of system-related fields, such as: secret level, post grade, etc.

● Administrator settings

Admin is a super administrator. You can reset the password. You cannot delete the account. Administrators of other settings can delete it.

█ Advantages

1, safe and reliable

The DGS encryption algorithm uses the symmetric algorithm of the national standard algorithm SM4, and the algorithm has higher strength.

The DGS system has the ability to prevent unauthorized, intentional or accidental access to systems and data; it has the ability to maintain its level of performance at specified times and conditions. The system has a fault-tolerant mechanism to ensure that the encryption system operates correctly under different conditions of use.

The system has its own security protection mechanism. The server supports the server clustering mechanism and can achieve load balancing of system management resources. The client effectively prevents the end user from destroying and preventing leakage.

2, easy to maintain

The system provides feasible configuration and maintenance means, enabling users to configure and maintain cryptographic software systems based on changes in the actual situation. DGS adopts a unified management platform, which integrates all system management functions of document security, document outsourcing, document management, document backup, and print management on the DGS basic platform. System administrators can manage the organization and users on the unified management platform. The system management work such as role management, rights management, user encryption policy definition, user outbound policy definition, etc. avoids administrators from maintaining multiple sets of system repetitive workloads and improves the efficiency of information security management.

3, strong system scalability

The enhancements and additions of the system's functions will not cause changes in the overall structure of the system. The modules for document security, document management, Print Security, and file backup will be changed through authorization, and will be managed on the platform. Clients do not need to reinstall second time.

4, strong application integration

DGS system and OA, PDM integration of many cases, are very familiar with OA, ERP and PDM and other system architecture, after the integration of file upload and decryption and download encryption effect, so as to save future system maintenance costs.

5, security visualization

DGS can perform statistical analysis on the security status of enterprise data, and provide data statistics and column charts to visually demonstrate data security. The system displays the user terminal online rate and terminal version on the basic management platform. The document security module interface will display the top ten encryption policy usages, outbound policy usage, user outbound delivery, outbound delivery, and daily outbound statistics to help administrators keep abreast of the latest company data security dynamics.

6. System separation of powers

The system supports the separation of the three powers of the administrator. The system has three roles: system administrator, security officer, and auditor. Different roles have different system privileges. Each administrator cannot abuse the privileges of system management authority, which is conducive to independent responsibility. The system adopts a role-based access control policy and restricts its access to management resources based on the role of managers in the system. The hierarchical role of the user makes a comparison between the level of the user in the real world and the level of the system resources, which facilitates the security of the system management.

7, server cluster

The system supports a server clustering mechanism to achieve load balancing of system management resources. The system can distribute the management request to any server in the cluster according to the set load policy, so that the entire server group can coordinate the processing of the request. This can solve the system management performance problems caused by high concurrency.

Expected value

1. Provide enterprises with comprehensive and complete data security solutions to effectively prevent the leakage of core business secret data;

2. Through the combination of technical means and management system, strengthen internal employee safety awareness and protect corporate information assets;

3, has a high-strength encryption algorithm, a new technical framework, easy-to-use interface style, improve system management efficiency, reduce maintenance workload, improve user experience.


Copyright(C)2018, Zero Information Technology (Shanghai) Co., Ltd. All Rights Reserved. Supported by Toocle Copyright Notice 备案字号:沪ICP备18008633号