Edition Differences

Currently, CBH provides standard and professional editions. The standard edition provides the following asset specifications: 10, 20, 50, 100, 200, 500, 1,000, 2,000, 5,000, and 10,000. The professional edition provides the following asset specifications: 10, 20, 50, 100, 200, 500, 1,000, 2,000, 5,000, and 10,000.

For more details, see What Are Editions Available in CBH?

Differences on Specifications

CBH provides the following asset specifications: 10, 20, 50, 100, 200, 500, 1,000, 2,000, 5,000, and 10,0000. For details about specifications, see Table 1 Configuration of different specifications.

**Table 1** Configuration of different specifications
Asset Quantity	Max. Concurrent Connections	CPUs	Memory	System Disk	Data Disk
10	10	4 cores	8 GB	100 GB	200 GB
20	20	4 cores	8 GB	100 GB	200 GB
50	50	4 cores	8 GB	100 GB	500 GB
100	100	4 cores	8 GB	100 GB	1000 GB
200	200	4 cores	8 GB	100 GB	1000 GB
500	500	8 cores	16 GB	100 GB	2,000 GB
1,000	1,000	8 cores	16 GB	100 GB	2,000 GB
2,000	1,500	8 cores	16 GB	100 GB	2,000 GB
5,000	2,000	16 cores	32 GB	100 GB	3,000 GB
10,000	2,000	16 cores	32 GB	100 GB	4,000 GB

The number of concurrent connections in Table 1 includes only connections established by O&M clients that use character-based protocols (such as SSH or MySQL client). Connections established by O&M clients that use graphic-based protocols (such as H5 web and RDP client) is not included, which is only one third of this number.

Edition Difference

Both editions provide identity authentication, permission control, account management, and operation audit. Apart from those functions, the enhanced edition also provides automatic O&M and database O&M audit.

For details about functions supported by different editions, see Table 2 Functions of different editions.

**Table 2** Functions of different editions
Function	Description	Standard edition	Professional edition
Identity authentication	Two-factor authentication for user accounts CBH allows you to configure multi-factor authentication, such as mobile phone one-time passwords (OTPs), mobile phone SMS messages, USB keys, and dynamic OTP tokens to authenticate user identities.	Supported	Supported
Identity authentication	Remote authentication for user accounts CBH also allows you to authenticate user identities through AD, RADIUS, LDAP, Azure AD, and SAML remote authentication.	Supported	Supported
Permission control	System access permission CBH allows you to configure department- and role-based permission control so that you can allow a specific system user to access a specific module in a given CBH system.	Supported	Supported
	Resource access permission CBH allows you to configure resource access control policies based on users, user groups, managed accounts, and account groups to limit what resources can be assessed. You can also configure two-person authorization policies and command control policies to limit what operations are allowed on a certain resource.	Supported	Supported
	Two-person authorization CBH allows you to configure two- or multi-person authorization for core sensitive resources.	Supported	Supported
	Character command interception CBH allows you to configure command control policies to dynamically authorize key operations on character protocol resources.	Supported	Supported
	Database command interception CBH allows you to configure database control policies to precisely restrict and re-review sensitive and risky database operations. NOTE: This function applies to cloud databases as well as self-built databases.	Not supported	Supported
Account management	User lifecycle management CBH allows you to create a single user account, import user accounts in batches, manage user accounts in batches, and manage user groups.	Supported	Supported
	Resource account lifecycle management CBH allows you to add resources and their accounts one by one or in batches, and classify added accounts into different groups for management.	Supported	Supported
	Host resource management CBH allows you to manage Linux or Windows hosts with the SSH, RDP, VNC, Telnet, FTP, SFTP, DB2, MySQL, SQL Server, Oracle, SCP, or Rlogin protocol configured.	Supported	Supported
	Application resource management If you set Server type to Windows: By default, 14 types are supported, including MySQL Tool, Microsoft Edge, Mozilla Firefox (for Windows servers), Oracle Tool, Google Chrome, VNC Client, SQL Server Tool, SecBrowser, vSphere Client, Radmin, dbisql, Navicat for MySQL, Navicat for PostgreSQL and Other. If you set Server type to Linux: Supported types: DM Tool, KingbaseES Tool, Mozilla Firefox for Linux, and GBaseDataStudio for GBase8a.	Supported	Supported
	Database resource management CBH allows you to manage DB2, MySQL, SQL Server, and Oracle databases.	Not supported	Supported
	Automatic password change for managed accounts CBH allows you to configure password change policies to let the system periodically change passwords of managed accounts.	Supported	Supported
	Automatic synchronization of managed resource accounts CBH allows you to configure account synchronization policies to let the system detect zombie accounts or unmanaged accounts in a timely manner.	Not supported	Supported
Operation audit	System login and operation logging CBH allows you to export system logs, generate system reports, and configure alarm notifications.	Supported	Supported
	Resource O&M audit CBH allows you to audit the entire O&M process through multiple audit methods, such as monitoring on-going sessions, generating videos for history sessions, exporting text reports, and remote log backup.	Supported	Supported
	Database operation audit CBH allows you to audit the entire database O&M process based on operation commands.	Not supported	Supported
Efficient O&M	One-stop web browser O&M CBH allows you to remotely log in to resources without having to install a client with integrated functions, such as batch login, collaborative session, file transfer, and command group sending.	Supported	Supported
	Third-party client O&M CBH can interconnect with multiple O&M tools with just a few clicks, including SSH, FTP, and SFTP client.	Supported	Supported
	Database O&M CBH allows you to log in to the target databases using the single sign-on (SSO) tool with just a few clicks.	Not supported	Supported
	Automatic O&M CBH allows you to manage scripts online and let the system periodically execute preset O&M tasks.	Not supported	Supported
Ticket application	Access and command authorization ticket application CBH allows you to obtain the resource control permissions by manually or automatically triggering a system ticket and submitting the ticket to the system administrator for approval.	Supported	Supported
Ticket application	Database authorization ticket application CBH automatically generates an authorization ticket for each sensitive operation from a system user. The system user then needs to submit the ticket to the administrator for approval. The sensitive operation can be resumed only after the application is approved.	Not supported	Supported

Previous topic: Application Scenarios

Next topic: Basic Concepts

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot