This module provides the foundational management capabilities for SCP, covering policies, users, platform security, system configurations, certificates, and licensing.
Users
SCP employs Role-Based Access Control (RBAC) for user authentication and authorization. Permissions are assigned to roles, which are then granted to users, simplifying permission management and ensuring secure, granular access to platform resources.
Policies
The policy management module allows administrators to define VM lifecycle, scheduling, and auto-scaling policies. For instance, scheduling policies can automatically select optimal hosts for VMs based on resource availability, enhancing resource utilization and operational efficiency.
Certificates
SCP supports SSL certificate management to secure client-platform communications. By importing trusted certificates, administrators can prevent browser security warnings and establish encrypted SSL tunnels, ensuring secure data transmission.
Platform Security
SCP incorporates multiple security features to protect the platform and user data.
• Login Protection: Configurable login policies include password complexity, session timeout limits, and two-factor authentication (2FA) using SMS or OTP, strengthening account security against unauthorized access.
•
• Authentication: Integration with LDAP servers allows for centralized user authentication, while support for RADIUS-based OTP servers adds an extra layer of security during login.
• SSO: Single Sign-On (SSO) integration with customer CAS systems reduces authentication overhead, allowing users to access multiple systems with a single login and streamlining the user experience.
• Key Pairs: SCP offers key-based authentication for VM logins, replacing traditional passwords with more secure SSH key pairs. This method mitigates risks associated with brute-force attacks and enhances remote access security.
SM Encryption Mode
To meet regulatory and business needs, SCP supports SM series encryption algorithms (SM3, SM4) for data integrity verification and encryption, ensuring sensitive data is protected using national cryptographic standards.
System
System configuration and maintenance features provide foundational platform management capabilities.
• Services: Administrators can activate or stop various platform services, including external APIs, billing centers, application centers, and advanced services like aSecurity and KMS encryption, tailoring the platform to specific operational needs.
• Date and Time: SCP allows for custom time settings and synchronization with NTP servers, ensuring accurate timekeeping across the platform for logging, billing, and operational consistency.
• Platform: Network configurations such as platform IP, DNS, and routing can be adjusted to adapt to different deployment scenarios and network architectures.
• Data Center: Configuration for managed cloud service access includes setting local data center URLs and tenant login portals, facilitating integration with broader cloud service frameworks.
• SMS and Email: SMS servers can be configured for 2FA, while email settings enable alert notifications, keeping administrators informed of system status and critical events.
Components
SCP offers control over the visibility of components like VDC, aSEC, and aOPS within the user interface, allowing customized platform views based on user roles or requirements.
{{ $t('index.defaultHeader.chromeBrowserTip') }}