TWM597904U - Servo host configuration setting management system - Google Patents

Servo host configuration setting management system Download PDF

Info

Publication number
TWM597904U
TWM597904U TW109204110U TW109204110U TWM597904U TW M597904 U TWM597904 U TW M597904U TW 109204110 U TW109204110 U TW 109204110U TW 109204110 U TW109204110 U TW 109204110U TW M597904 U TWM597904 U TW M597904U
Authority
TW
Taiwan
Prior art keywords
configuration
information
server host
setting
configuration setting
Prior art date
Application number
TW109204110U
Other languages
Chinese (zh)
Inventor
陳柏欽
Original Assignee
臺灣土地銀行股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 臺灣土地銀行股份有限公司 filed Critical 臺灣土地銀行股份有限公司
Priority to TW109204110U priority Critical patent/TWM597904U/en
Publication of TWM597904U publication Critical patent/TWM597904U/en

Links

Images

Landscapes

  • Stored Programmes (AREA)

Abstract

本新型關於一種伺服主機組態設定管理系統,由一個以上的被管理伺服主機連接一組態管理伺服主機,被管理伺服主機儲存一筆以上的組態設定資訊以及安裝一設定代理程式,被管理伺服主機的設定代理程式從組態管理伺服主機取得一筆以上的組態設定更新資訊,並且當被管理伺服主機判斷組態設定資訊與組態設定更新資訊不匹配,則根據組態設定更新資訊及時更新設定組態設定資訊;透過自動化的方式及時更新被管理伺服主機中的組態設定資訊,避免被管理伺服主機受到資訊的威脅,藉此達到提升資訊安全設定的管理性、防護性以及設定效率及正確性的目的。The present invention relates to a server host configuration setting management system. More than one managed server host is connected to a configuration management server host, the managed server host stores more than one configuration setting information and installs a configuration agent, and the managed server The configuration agent of the host obtains more than one configuration setting update information from the configuration management server host, and when the managed server host determines that the configuration setting information does not match the configuration setting update information, it will update in time according to the configuration setting update information Set the configuration setting information; update the configuration setting information in the managed server host in an automated manner to prevent the managed server host from being threatened by information, thereby improving the management, protection, and setting efficiency of information security settings. The purpose of correctness.

Description

伺服主機組態設定管理系統Server host configuration setting management system

本新型係關於一種管理系統,尤指一種伺服主機組態設定管理系統。This model relates to a management system, especially a server host configuration setting management system.

提供應用系統服務的伺服主機通常儲存部份組織端與使用者的敏感資訊,為避免因惡意存取造成服務中斷或敏感資訊外洩使組織端蒙受損失,管理維護人員除須於伺服主機安裝最新版本作業系統安全性更新及防毒軟體外,另應落實組織端針對伺服主機所定義之組態設定政策,以符現行對於資訊安全的控管與防護要求。The server host that provides application system services usually stores some sensitive information of the organization and users. To avoid service interruption due to malicious access or loss of sensitive information to the organization, management and maintenance personnel must install the latest information on the server host. In addition to the version operating system security update and anti-virus software, the configuration setting policy defined by the organization for the server host should be implemented to meet the current requirements for information security control and protection.

對於伺服主機的組態設定政策的項目包括使用者帳號之密碼原則、操作閒置之逾時鎖定、日誌檔案的容量上限,以及非必要系統服務的停用等。過往對於伺服主機的組態設定政策的維護、更新作業,通常由伺服主機的管理維護人員逐一處理。然而每位管理維護人員對於所處理的伺服主機之作業系統或應用軟體熟悉度不同,可能因對於組態設定政策之理解有誤或設定方式之疏忽而有設定錯誤的情形。此外,隨著組織端因應業務拓展逐年增加伺服主機數量,以及因應主流資安威脅及組織端的管理單位要求,需要對組態設定政策進行更新、增加新的項目內容,但是數量龐大的伺服主機所需要維護、更新或設定的作業時間以及人力令組織端難以負荷。因此,如何有效並及時地管理伺服主機的組態設定已成為組織端不得不面對的問題。The configuration setting policy items for the server host include the password policy of the user account, the timeout lock of the operation idle, the upper limit of the log file capacity, and the disabling of non-essential system services. In the past, the maintenance and update of the configuration policy of the server host were usually handled by the management and maintenance personnel of the server host one by one. However, each management and maintenance personnel has different familiarity with the operating system or application software of the server host they are dealing with, and there may be setting errors due to incorrect understanding of the configuration setting policy or negligence in the setting method. In addition, as the organization side increases the number of server hosts year by year in response to business expansion, and in response to mainstream information security threats and organizational side management unit requirements, configuration settings policies need to be updated and new items added. However, a large number of server hosts The work time and manpower required to maintain, update, or set make it difficult for the organization to load. Therefore, how to effectively and timely manage the configuration settings of the server host has become a problem that the organization has to face.

有鑑於上述問題,本新型的主要目的係提供一種伺服主機組態設定管理系統,以集中控管的方式,於組態管理伺服主機中存放由組織端定義之其它伺服主機應遵循的組態設定資訊(含各組態項目之設定實作細節),再由安裝於伺服主機中的設定代理程式連線至組態管理伺服主機定期自動更新,以提升伺服主機的組態設定執行效率、確認設定落實情形及避免人員因疏忽或誤解產生之錯誤外,亦可確保伺服主機完整生命週期均符合安全防護要求,藉此透過主從架構的更新方式達到提升資訊安全設定的管理性、防護性以及設定效率及正確性的目的。In view of the above problems, the main purpose of the present invention is to provide a server host configuration setting management system, which stores the configuration settings that other server hosts defined by the organization should follow in a centralized control manner in the configuration management server host. Information (including the configuration and implementation details of each configuration item), and then the configuration agent installed in the server host is connected to the configuration management server host for regular and automatic updates to improve the efficiency of the configuration settings of the server host and confirm the settings In addition to implementing the situation and avoiding personnel errors due to negligence or misunderstanding, it can also ensure that the entire life cycle of the server host meets the security protection requirements, thereby improving the management, protection and configuration of information security settings through the update of the master-slave architecture The purpose of efficiency and correctness.

為了達成上述目的所採取的主要技術手段,係令前述伺服主機組態設定管理系統,由一個以上的被管理伺服主機連接至一組態管理伺服主機,該組態管理伺服主機儲存一筆以上的組態設定更新資訊,該被管理伺服主機包括: 一儲存模組,儲存一筆以上的第一組態設定資訊; 一連接模組,連接該組態管理伺服主機,以交換資訊; 一處理模組,連接該儲存模組及該連接模組,該處理模組安裝並執行一設定代理程式; 其中,該處理模組的設定代理程式發送一更新請求資訊至該組態管理伺服主機,並由該連接模組取得該組態管理伺服主機回傳的組態設定更新資訊,該處理模組的設定代理程式將該筆第一組態設定資訊與該筆組態設定更新資訊比對是否匹配,若不匹配,該處理模組的設定代理程式根據該筆組態設定更新資訊更新設定該筆第一組態設定資訊,並取代儲存為對應的一筆第二組態設定資訊在該儲存模組中。 The main technical means adopted to achieve the above-mentioned purpose is to make the aforementioned server host configuration setting management system connect more than one managed server host to a configuration management server host, and the configuration management server host stores more than one group Status setting update information, the managed server host includes: A storage module to store more than one set of first configuration information; A connection module, connected to the configuration management server host to exchange information; A processing module, connecting the storage module and the connection module, and the processing module installs and executes a setting agent; Wherein, the configuration agent of the processing module sends an update request information to the configuration management server host, and the connection module obtains the configuration setting update information returned by the configuration management server host. The setting agent compares the first configuration setting information with the configuration setting update information. If it does not match, the setting agent of the processing module updates and sets the first configuration setting update information according to the configuration setting update information. A piece of configuration setting information is stored as a corresponding piece of second configuration setting information in the storage module instead.

根據上述系統可知,藉由在該組態管理伺服主機中集中管理提供給該被管理伺服主機進行組態設定的組態設定更新資訊,並且由該被管理伺服主機中的設定代理程式將從該組態管理伺服主機取得的組態設定更新資訊與該筆第一組態設定資訊比對是否匹配,以當不匹配時,則該被管理伺服主機的設定代理程式及時的根據該筆組態設定更新資訊更新設定該筆第一組態設定資訊,並且將被更新設定後的第一組態設定資訊取代儲存為對應的一筆第二組態設定資訊,藉此可有效降低需要逐台更新被管理伺服主機中的組態設定所花費的時間、人力之外;並且透過集中管理用以更新設定的組態設定更新資訊;亦可避免在同一伺服主機中發生更新設定的組態設定產生設定衝突;再者,透過由被管理伺服主機從組態管理伺服主機取得用以更新設定的組態設定更新資訊,還可避免受到不同資訊人員的作業方式不同,而產生更新設定不一致、錯誤或有疏漏未更新設定的問題,以提升伺服主機的組態設定執行效率、確認設定落實情形及避免人員因疏忽或誤解產生之錯誤外,亦可確保伺服主機完整生命週期均符合安全防護要求,藉此透過主從架構的更新方式達到提升資訊安全設定的管理性、防護性以及設定效率及正確性的目的。According to the above system, by centrally managing the configuration setting update information provided to the managed server host for configuration settings in the configuration management server host, and the configuration agent in the managed server host will start from the The configuration setting update information obtained by the configuration management server host matches the first configuration setting information. When there is no match, the setting agent of the managed server host will set the configuration according to the configuration in time Update information Update the first configuration setting information, and replace the updated first configuration setting information with the corresponding second configuration setting information, which can effectively reduce the need to update the management one by one. In addition to the time and manpower spent on the configuration settings in the server host; and through centralized management to update the configuration settings update information; it can also avoid the configuration settings that update the settings in the same server host and cause configuration conflicts; Furthermore, by obtaining the configuration setting update information used to update the settings from the configuration management server host by the managed server host, it can also avoid the different operation methods of different information personnel, resulting in inconsistent update settings, errors or omissions. The problem of updating the settings is to improve the efficiency of the configuration settings of the server, confirm the implementation of the settings, and avoid personnel errors due to negligence or misunderstanding. It can also ensure that the complete life cycle of the server meets the security protection requirements. From the framework of the update method to achieve the purpose of improving the management and protection of information security settings, as well as the efficiency and accuracy of settings.

關於本新型伺服主機組態設定管理系統的第一較佳實施例,請參考圖1、2所示,本新型的伺服主機組態設定管理系統係由一個以上的被管理伺服主機10連接一組態管理伺服主機20。被管理伺服主機10儲存一筆以上的第一組態設定資訊以及安裝一設定代理程式,組態管理伺服主機20儲存一筆以上的組態設定更新資訊。被管理伺服主機10從該組態管理伺服主機20取得組態設定更新資訊,並更新設定對應的第一組態設定資訊,其中具體內容將於後續段落進行說明。Regarding the first preferred embodiment of the new type of server host configuration management system, please refer to Figures 1 and 2. The new type of server host configuration management system is connected to one group by more than one managed server host 10 State management server host 20. The managed server host 10 stores more than one set of first configuration setting information and installs a setting agent, and the configuration management server host 20 stores more than one set of configuration update information. The managed server host 10 obtains configuration setting update information from the configuration management server host 20, and updates the first configuration setting information corresponding to the setting. The specific content will be described in subsequent paragraphs.

在本實施例中,該被管理伺服主機10係可為一伺服器裝置。該組態管理伺服主機20係可為一伺服器裝置。In this embodiment, the managed server host 10 can be a server device. The configuration management server host 20 can be a server device.

在本實施例中,該筆組態設定更新資訊包括一弱點檢測報告資訊、一系統優化建議書資訊、一資訊安全通報資訊、一組織自行定義之應控管項目資訊、一政府組態基準(Government Configuration Baseline,GCB)所提列之組態基準項目資訊,以及行政院國家資通安全會報技術服務中心所提供之一資通安全技術報告資訊等。設定項目之實際設定標的則可為一本機安全性原則(Local Security Policy)項目、一系統登錄檔(Registry)項目、一系統設定檔(Configuration File)、一目錄或檔案之存取權限設定以及一日誌或交易紀錄檔之容量或保存期間設定等,前述僅是舉例並非加以限制,具體可依需求或相關政府、組織機關所要求或共享的資訊進行調整、增加。In this embodiment, the configuration setting update information includes a vulnerability detection report information, a system optimization proposal information, an information security notification information, an organization's self-defined control item information, and a government configuration benchmark ( Government Configuration Baseline (GCB) listed configuration benchmark project information, as well as the information provided by the National Information Communication Security Report Technical Service Center of the Executive Yuan. The actual setting target of the setting item can be a local security policy item, a system registry item, a system configuration file (Configuration File), a directory or file access permission setting, and The capacity or storage period setting of a log or transaction record file, etc. The foregoing is only an example and is not a limitation. It can be adjusted or added according to needs or information requested or shared by relevant governments and organizations.

請參考圖1、2所示,被管理伺服主機10包括一連接模組11、一處理模組12及一儲存模組13,處理模組12分別與連接模組11及儲存模組13連接。在本實施例中,連接模組11具有一有線網路協定,以經由有線網路協定與組態管理伺服主機20連接,並且交換資訊。其中連接模組11具體可為一網路卡。處理模組12係用於執行設定代理程式,並且處理連接模組11所接收到的資訊。在本實施例中,處理模組12係可為一CPU。儲存模組13係用於儲存第一組態設定資訊,設定代理程式的相關資料或資訊,以及其它相關資料或資訊等。在本實施例中,儲存模組13係可為一記憶體例如但不限於一非揮發性記憶體(Dynamic Random Access Memory, DRAM)、一硬碟(High Disk Drive, HDD)、一快閃記憶體(Flash memory),或一固態硬碟(Solid-State Drive, Solid-State Disk, SSD)等。Please refer to FIGS. 1 and 2, the managed server host 10 includes a connection module 11, a processing module 12, and a storage module 13, and the processing module 12 is connected to the connection module 11 and the storage module 13 respectively. In this embodiment, the connection module 11 has a wired network protocol to connect to the configuration management server host 20 via the wired network protocol and exchange information. The connection module 11 may specifically be a network card. The processing module 12 is used to execute the setting agent program and process the information received by the connection module 11. In this embodiment, the processing module 12 may be a CPU. The storage module 13 is used for storing the first configuration setting information, setting the related data or information of the agent, and other related data or information. In this embodiment, the storage module 13 may be a memory such as but not limited to a non-volatile memory (Dynamic Random Access Memory, DRAM), a hard disk (High Disk Drive, HDD), and a flash memory. Flash memory, or a solid-state drive (Solid-State Drive, Solid-State Disk, SSD), etc.

關於被管理伺服主機10與組態管理伺服主機20的具體運作關係,係由處理模組12所執行的設定代理程式根據第一組態設定資訊,透過該連接模組11發送一更新請求資訊至組態管理伺服主機20,組態管理伺服主機20根據接收到的更新請求資訊回傳對應的組態設定更新資訊至連接模組11,藉此令被管理伺服主機10透過更新請求資訊從組態管理伺服主機20交換取得對應的組態設定更新資訊。在本實施例中,處理模組12執行的設定代理程式係於一固定時間定期根據第一組態設定資訊,透過連接模組11發送更新請求資訊至組態管理伺服主機20。Regarding the specific operational relationship between the managed server host 10 and the configuration management server host 20, the setting agent executed by the processing module 12 sends an update request information to the connection module 11 according to the first configuration setting information. The configuration management server host 20. The configuration management server host 20 returns the corresponding configuration setting update information to the connection module 11 according to the received update request information, thereby enabling the managed server host 10 to receive the update request information from the configuration The management server host 20 exchanges and obtains corresponding configuration setting update information. In this embodiment, the configuration agent program executed by the processing module 12 periodically sends update request information to the configuration management server host 20 through the connection module 11 according to the first configuration configuration information at a fixed time.

進一步的,處理模組12執行的設定代理程式將連接模組11接收到的組態設定更新資訊與第一組態設定資訊比對是否匹配,若比對的結果為匹配,則不需更新設定對應的第一組態設定資訊;若比對的結果為不匹配,則處理模組12執行的設定代理程式根據組態設定更新資訊更新設定對應的第一組態設定資訊,並且處理模組12執行的設定代理程式將更新設定後的第一組態設定資訊取代儲存為對應的一筆第二組態設定資訊在儲存模組13中,藉此完成對被管理伺服主機10的安全防護更新設定,以提升資訊安全的管理性、防護性以及設定效率及正確性。Further, the setting agent executed by the processing module 12 compares the configuration setting update information received by the connection module 11 with the first configuration setting information. If the result of the comparison is a match, there is no need to update the setting The corresponding first configuration setting information; if the result of the comparison is a mismatch, the setting agent executed by the processing module 12 updates the corresponding first configuration setting information according to the configuration setting update information, and the processing module 12 The running configuration agent replaces and saves the updated first configuration configuration information as a corresponding piece of second configuration configuration information in the storage module 13, thereby completing the security protection update settings for the managed server host 10. To improve the management, protection, efficiency and accuracy of information security.

在本實施例中,處理模組12執行的設定代理程式係可根據組態設定更新資訊中所包含的弱點檢測報告資訊、系統優化建議書資訊、資訊安全通報資訊、控管項目資訊、組態基準項目資訊、資通安全技術報告資訊等更新設定對應的第一組態設定資訊。其中,所更新的內容包括但不限於本機安全性原則項目、系統登錄檔項目、系統設定檔、目錄或檔案之存取權限設定以及日誌或交易紀錄檔之容量或保存期間設定。In this embodiment, the setting agent program executed by the processing module 12 can update the vulnerability detection report information, system optimization proposal information, information security notification information, control project information, and configuration information contained in the configuration settings. The first configuration setting information corresponding to the updated settings such as baseline project information and information security technical report information. The updated content includes, but is not limited to, local security policy items, system log file items, system configuration files, directory or file access authority settings, and log or transaction log file capacity or storage period settings.

在本實施例中,當處理模組12執行的設定代理程式根據組態設定更新資訊更新設定對應的第一組態設定資訊之前,處理模組12執行的設定代理程式將對應的第一組態設定資訊儲存為對應的一筆歷史組態設定資訊在儲存模組13中,藉此當更新設定組態設定後發生問題時,可透過對應的歷史組態設定資訊將對應的第二組態設定資訊還原設定為更新設定前的第一組態設定資訊,藉此還可提升對組態設定的管理性、安全性、組態設定的版本的追溯性以及更新設定的異動風險。In this embodiment, before the configuration agent executed by the processing module 12 updates the corresponding first configuration configuration information according to the configuration setting update information, the configuration agent executed by the processing module 12 will correspond to the first configuration The setting information is stored as a corresponding piece of historical configuration setting information in the storage module 13, so that when a problem occurs after updating the setting configuration settings, the corresponding second configuration setting information can be replaced by the corresponding historical configuration setting information Restoring the settings to the first configuration setting information before updating the settings can also improve the management and security of the configuration settings, the traceability of the version of the configuration settings, and the risk of changes to the update settings.

關於本新型的第二較佳實施例,請參考圖2、3所示,第二較佳實施例與前述實施例的技術大致相同,惟第二較佳實施例進一步由組態管理伺服主機20連接一個以上的管理者電子裝置30,由組織端中對應的管理者透過管理者電子裝置30創建對應的一筆以上的組態設定更新資訊,並且經由網路傳送到組態管理伺服主機20儲存,以供對應的被管理伺服主機10下載取得,並進行更新設定,藉此提升管理性及擴充性。在本實施例中,管理者電子裝置30係可為一桌上型電腦、一筆記型電腦或一平板電腦等。Regarding the second preferred embodiment of the present invention, please refer to Figs. 2 and 3. The second preferred embodiment has roughly the same technology as the previous embodiments, but the second preferred embodiment is further configured by the configuration management server host 20 Connect to more than one administrator electronic device 30, and the corresponding administrator in the organization side creates corresponding configuration setting update information through the administrator electronic device 30, and transmits it to the configuration management server 20 for storage via the network. For the corresponding managed server host 10 to download and obtain, and update the settings, thereby improving the manageability and scalability. In this embodiment, the administrator electronic device 30 can be a desktop computer, a notebook computer, or a tablet computer.

此外,在本實施例中,若被管理伺服主機10的處理模組12執行的設定代理程式於根據組態設定更新資訊更新設定第一組態設定資訊失敗時,則停止更新設定,並且回傳一更新失敗資訊至該組態管理伺服主機20,以供管理者透過管理者電子裝置30取得更新失敗資訊並進行相關更新失敗分析。其中,被管理伺服主機10的處理模組12更新設定對應的第一組態設定資訊失敗的次數達到一門檻值時,則停止該筆第一組態設定資訊的更新設定,並回傳更新失敗資訊至該組態管理伺服主機20,其中門檻值所設定的次數係可為但不限於2次。In addition, in this embodiment, if the setting agent executed by the processing module 12 of the managed server host 10 fails to update the first configuration setting information according to the configuration setting update information, it stops updating the setting and sends back An update failure information is sent to the configuration management server host 20 for the administrator to obtain the update failure information through the manager electronic device 30 and perform related update failure analysis. Wherein, when the number of failures to update the first configuration setting information corresponding to the processing module 12 of the managed server host 10 reaches a threshold, the update setting of the first configuration setting information is stopped, and the update failure is returned. Information is sent to the configuration management server host 20, where the number of times set by the threshold value can be but not limited to 2 times.

根據上述內容可知,藉由該組態管理伺服主機20集中管理提供給該被管理伺服主機10進行組態設定的組態設定更新資訊,並且由該被管理伺服主機10執行的設定代理程式將從該組態管理伺服主機20取得的組態設定更新資訊與該筆第一組態設定資訊比對是否匹配,當比對的結果為不匹配時,則該被管理伺服主機10的設定代理程式及時根據該筆組態設定更新資訊更新設定該筆第一組態設定資訊,並且將被更新設定後的第一組態設定資訊取代儲存為對應的第二組態設定資訊,以提升伺服主機的組態設定執行效率、確認設定落實情形及避免人員因疏忽或誤解產生之錯誤外,亦可確保伺服主機完整生命週期均符合安全防護要求,藉此由主從架構的更新方式達到提升資訊安全設定的管理性、防護性以及設定效率及正確性的目的。According to the above content, the configuration management server host 20 centrally manages the configuration setting update information provided to the managed server host 10 for configuration setting, and the setting agent executed by the managed server host 10 will Whether the configuration setting update information obtained by the configuration management server host 20 matches the first configuration setting information, when the result of the comparison is not a match, the setting agent of the managed server host 10 is timely Update and set the first configuration setting information according to the configuration setting update information, and replace the updated first configuration setting information with the corresponding second configuration setting information, so as to improve the server configuration In addition to the execution efficiency of state setting, confirming the setting implementation situation and avoiding personnel errors due to negligence or misunderstanding, it can also ensure that the complete life cycle of the server host meets the security protection requirements, and the update method of the master-slave structure achieves the improvement of information security settings. The purpose of management, protection, and efficiency and accuracy.

10:被管理伺服主機 11:連接模組 12:處理模組 13:儲存模組 20:組態管理伺服主機 30:管理者電子裝置 10: Managed server host 11: Connection module 12: Processing module 13: Storage module 20: Configuration management server host 30: Manager electronic device

圖1 係本新型第一較佳實施例的第一系統架構示意圖。 圖2 係本新型第一較佳實施例的第二系統架構示意圖。 圖3 係本新型第二較佳實施例的第一系統架構示意圖。 FIG. 1 is a schematic diagram of the first system architecture of the first preferred embodiment of the present invention. Figure 2 is a schematic diagram of the second system architecture of the first preferred embodiment of the present invention. FIG. 3 is a schematic diagram of the first system architecture of the second preferred embodiment of the present invention.

10:被管理伺服主機 10: Managed server host

11:連接模組 11: Connection module

12:處理模組 12: Processing module

13:儲存模組 13: Storage module

20:組態管理伺服主機 20: Configuration management server host

Claims (10)

一種伺服主機組態設定管理系統,由一個以上的被管理伺服主機連接至一組態管理伺服主機,該組態管理伺服主機儲存一筆以上的組態設定更新資訊,該被管理伺服主機包括: 一儲存模組,儲存一筆以上的第一組態設定資訊; 一連接模組,連接該組態管理伺服主機,以交換資訊; 一處理模組,連接該儲存模組及該連接模組,該處理模組安裝並執行一設定代理程式; 其中,該處理模組的設定代理程式發送一更新請求資訊至該組態管理伺服主機,並由該連接模組取得該組態管理伺服主機回傳的組態設定更新資訊,該處理模組的設定代理程式將該筆第一組態設定資訊與該筆組態設定更新資訊比對是否匹配,若不匹配,該處理模組的設定代理程式根據該筆組態設定更新資訊更新設定該筆第一組態設定資訊,並取代儲存為對應的一筆第二組態設定資訊在該儲存模組中。 A server host configuration setting management system. More than one managed server host is connected to a configuration management server host. The configuration management server host stores more than one configuration setting update information. The managed server host includes: A storage module to store more than one set of first configuration information; A connection module, connected to the configuration management server host to exchange information; A processing module, connecting the storage module and the connection module, and the processing module installs and executes a setting agent; Wherein, the configuration agent of the processing module sends an update request information to the configuration management server host, and the connection module obtains the configuration setting update information returned by the configuration management server host. The setting agent compares the first configuration setting information with the configuration setting update information. If it does not match, the setting agent of the processing module updates and sets the first configuration setting information according to the configuration setting update information. A piece of configuration setting information is stored as a corresponding piece of second configuration setting information in the storage module instead. 如請求項1所述之伺服主機組態設定管理系統,其中,該處理模組的設定代理程式係於一固定時間根據該筆第一組態設定資訊,透過該連接模組發送該更新請求資訊至該組態管理伺服主機。The server host configuration setting management system according to claim 1, wherein the setting agent of the processing module sends the update request information through the connection module at a fixed time according to the first configuration setting information To the configuration management server host. 如請求項1所述之伺服主機組態設定管理系統,其中,該筆組態設定更新資訊包括一弱點檢測報告資訊、一系統優化建議書資訊、一資訊安全通報資訊、一應控管項目資訊、一組態基準項目資訊、一資通安全技術報告資訊。The server host configuration setting management system described in claim 1, wherein the configuration setting update information includes a vulnerability detection report information, a system optimization proposal information, an information security notification information, and a control item information , One configuration benchmark project information, one information communication security technical report information. 如請求項3所述之伺服主機組態設定管理系統,其中,該處理模組的設定代理程式根據該筆組態設定更新資訊中所包含的弱點檢測報告資訊、系統優化建議書資訊、資訊安全通報資訊、應控管項目資訊、組態基準項目資訊、資通安全技術報告資訊更新設定對應的第一組態設定資訊。The server host configuration configuration management system described in claim 3, wherein the configuration agent of the processing module updates the vulnerability detection report information, system optimization proposal information, and information security contained in the configuration configuration update information Notification information, control project information, configuration benchmark project information, and information security technical report information update settings corresponding to the first configuration setting information. 如請求項1所述之伺服主機組態設定管理系統,其中,當該處理模組的設定代理程式根據該筆組態設定更新資訊更新設定對應的第一組態設定資訊之前,該處理模組的設定代理程式將對應的第一組態設定資訊儲存為對應的一筆歷史組態設定資訊並儲存在該儲存模組。The server host configuration setting management system described in claim 1, wherein, when the configuration agent of the processing module updates the corresponding first configuration setting information according to the configuration setting update information, the processing module The setting agent program saves the corresponding first configuration setting information as a corresponding piece of historical configuration setting information and stores it in the storage module. 如請求項5所述之伺服主機組態設定管理系統,其中,該處理模組的設定代理程式根據該筆組態設定更新資訊更新設定該筆第一組態設定資訊,並取代儲存為對應的一筆第二組態設定資訊在該儲存模組之後,該處理模組的設定代理程式進一步係可根據該筆歷史組態設定資訊,將該筆第二組態設定資訊還原設定為更新設定前對應的第一組態設定資訊。The server host configuration setting management system described in claim 5, wherein the setting agent of the processing module updates and sets the first configuration setting information according to the configuration setting update information, and replaces the storage with the corresponding A piece of second configuration setting information is after the storage module, and the configuration agent of the processing module can further restore and set the piece of second configuration setting information to the corresponding one before updating the setting based on the historical configuration setting information The first configuration setting information. 如請求項1所述之伺服主機組態設定管理系統,其中,該處理模組執行的設定代理程式於根據該筆組態設定更新資訊更新設定該筆第一組態設定資訊失敗時,則經由該連接模組回傳一更新失敗資訊至該組態管理伺服主機。For the server host configuration management system described in claim 1, wherein the configuration agent executed by the processing module fails to update and set the first configuration configuration information according to the configuration configuration update information, and then through The connection module returns an update failure information to the configuration management server host. 如請求項7所述之伺服主機組態設定管理系統,其中,當該處理模組更新設定該筆第一組態設定資訊失敗的次數超過一門檻值時,則停止該筆第一組態設定資訊的更新設定。For example, the server host configuration setting management system according to claim 7, wherein, when the number of times that the processing module fails to update and set the first configuration setting information exceeds a threshold, the first configuration setting is stopped Information update settings. 如請求項1所述之伺服主機組態設定管理系統,其中,該被管理伺服主機係可為一伺服器裝置。The server host configuration setting management system according to claim 1, wherein the managed server host can be a server device. 如請求項1所述之伺服主機組態設定管理系統,其中,該組態管理伺服主機係可為一伺服器裝置。The server host configuration setting management system according to claim 1, wherein the configuration management server host may be a server device.
TW109204110U 2020-04-09 2020-04-09 Servo host configuration setting management system TWM597904U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW109204110U TWM597904U (en) 2020-04-09 2020-04-09 Servo host configuration setting management system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW109204110U TWM597904U (en) 2020-04-09 2020-04-09 Servo host configuration setting management system

Publications (1)

Publication Number Publication Date
TWM597904U true TWM597904U (en) 2020-07-01

Family

ID=72602631

Family Applications (1)

Application Number Title Priority Date Filing Date
TW109204110U TWM597904U (en) 2020-04-09 2020-04-09 Servo host configuration setting management system

Country Status (1)

Country Link
TW (1) TWM597904U (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI753829B (en) * 2021-05-19 2022-01-21 彰化商業銀行股份有限公司 Company computer management control immediately system and method thereof

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI753829B (en) * 2021-05-19 2022-01-21 彰化商業銀行股份有限公司 Company computer management control immediately system and method thereof

Similar Documents

Publication Publication Date Title
US8578374B2 (en) System and method for managing virtual machines
US20170068963A1 (en) System and a method for lean methodology implementation in information technology
US10769022B2 (en) Database backup from standby DB
TWI709865B (en) Operation and maintenance data reading device and reading method thereof
KR102526368B1 (en) Server management system supporting multi-vendor
US11144645B2 (en) Blockchain technique for immutable source control
US11281550B2 (en) Disaster recovery specific configurations, management, and application
CN117389684A (en) SaaS multi-tenant data isolation method and system
US11768727B2 (en) Reducing over-reporting of serviceable events
TWM597904U (en) Servo host configuration setting management system
Velayutham Overcoming technical challenges and implementing best practices in large-scale data center storage migration: Minimizing downtime, ensuring data integrity, and optimizing resource allocation
US20230359741A1 (en) Trusted boot method and apparatus, electronic device, and readable storage medium
US10977137B2 (en) Intelligent log gap detection to ensure necessary backup promotion
US9459796B2 (en) Ordering logical units in a subgroup of a consistency group
US20240289235A1 (en) Agent lifecycle management for backup and restore applications
US20240289229A1 (en) Launching copies of installation software that rolls back agent updates when cluster updates fail
US12124838B2 (en) Automatically updating agents from backup and restore applications
US20240289230A1 (en) Generating installation software that rolls back agent updates when cluster updates fail
US20240289228A1 (en) Restoring configuration files to rollback agent updates when cluster updates fail
US20240291670A1 (en) Selecting, authenticating, and installing individual components of agent software stacks
US20240289109A1 (en) Updating application hosts in a cluster
US11467756B1 (en) System and method for service device initiated backup generation
US20240289108A1 (en) Automatically updating agents from backup and restore applications
US20230306129A1 (en) Sensitive data discovery for databases
US20230021672A1 (en) Database rapid restore after media failure