IAM(Identity and Access Management)
Product Overview Deployment mode Advantages Customer Benefits Classic case
Product Overview

Iam (identity and access management) is used to define and manage digital identities, securely control authentication and authorize them to use specific resources, ensure that digital identities are well maintained, adjusted, controlled and monitored throughout the "access life cycle", and provide customers with the ability to modify user identity roles, track role activities Tools and techniques for creating user activity reports and implementing management policies. We provide an Iam all-in-one machine with 4A as the core benchmark to create an enterprise ecological platform of "enterprise unified portal", "application single sign on", "centralized account control", "authentication access authorization management" and "unified audit traceability and threat analysis" for users.

Deployment mode

Support modular deployment

The core component supports cluster expansion

Do not change user network architecture

No user secondary development is required
There is no need to install the client engine




Advantages
1. Application safety management and control system (iam-casb)

Iam-casb consists of one basic module and two extension modules:


Single sign on management module (iam-sso) 
Iam-sso does not need the secondary development of the user business system to realize the single sign on of the HTTP / HTTPS business system account. Each business system can uniformly set up multi factor strong identity authentication on the Iam platform, including radius, ad, LDAP, OTP, digital certificate, SMS, wechat, fingerprint, etc. 
Application account management module (iam-acm)
The iam-acm module provides the establishment of a centralized account management system and the implementation of the effective life cycle management strategy of user accounts. The addition, deletion and modification of business system accounts caused by personnel changes can be managed only through Iam. On the basis of centralized account management, a centralized account authorization system is established to support the periodic automatic modification of business accounts and eradicate the problem of weak passwords. 
Application security reinforcement module (iam-wvp)

Iam-wvp establishes a white list model for all business file paths and business parameters through high-fine-grained feature library defense and the exclusively developed "white list" dynamic modeling technology, eliminating the tedious work of strengthening parameters in the source code.


2. Operation and maintenance safety management system (iam-sms)

Provide support for various operation and maintenance protocols and tools, expand a variety of multi factor identity authentication methods, unify and reasonably divide permissions, centralized access control, support single sign on, account and password filling, seamless application publishing, support mobile operation and maintenance and distributed clusters, and quickly meet compliance requirements.


3. Security policy control system (iam-scm)

Iam-scm uses TCP quintuple control to prevent business personnel from bypassing the Iam platform to directly access the business system. It can support two modes: Series deployment and bypass deployment. Bypass deployment can also achieve 100% blocking effect, and can effectively control the connection initiated by the intranet host to the extranet service port.


4. Audit traceability and threat analysis

The Iam platform can conduct comprehensive audit records on the access of enterprise business personnel to OA, ERP, CRM, his / boss and other systems, standardize the recording of business form information, access URL information, etc., and generate e-mail and SMS reminders for the logs that trigger security policies; Uniformly display and analyze all delivery information at the operation and maintenance level and business level of the enterprise, and can trace the whole business delivery process of Iam users. Help enterprises protect confidential information, continuously improve information system management system, and meet compliance and best practice requirements.

Customer Benefits

The operation contents of business personnel are completely recorded by palladi Iam platform, which not only meets the audit requirements of regulatory authorities, but also provides technical support for accidents caused by misoperation and illegal operation. Reasonably allocate the specific conditions of users' use of resources in the business system, realize the legal access of different users to different entity resources, and eliminate illegal access and unauthorized access. The permissions of each business personnel are effectively controlled, and the policy is fine-grained to the accessible devices and available system accounts and application accounts.


Providing effective audit reports and original and accurate operation log records for the regulatory department will help to improve the organization's it internal control and external audit system, so that the organization can successfully pass the IT audit. Establish a unified application security delivery platform for customers, provide a unified operation entrance for the core business system, and realize single sign on. All business and operation and maintenance personnel first log in to the Iam platform to conduct business operations on the system to realize unified identity management.

Classic case
  • Shanghai Yunda Freight Co., Ltd
  • Shanghai paipai loan financial information service
  • Shanghai Honglu Data Technology Co., Ltd
  • Shanghai Oriental Fortune futures
  • Shangmeng Business Service Co., Ltd
  • PLA 302 Hospital
  • Everbright Futures
  • State Grid Corporation of China
  • Noah Wealth Management
  • Citic Trust
Copyright © 2019 All Rights Reserved Designed
Hangzhou pldsec Network Technology Co