beautypg.com

Modifying the real-time monitoring parameters, Assigning security policies, Configuring the default security – H3C Technologies H3C Intelligent Management Center User Manual

Page 121: Policy for roaming users

background image

105

iNode client prompts the user to make the necessary remediation and initiate a new security

check to avoid being isolated or kicked out. This option is available only when the Monitor in
Real Time option is selected.

5.

Click OK.

Modifying the real-time monitoring parameters

Operators can modify the Real-time Monitor Interval parameter in the service parameter configuration

to ensure both the efficiency of real-time monitoring and the performance of the user endpoint and EAD

server.
EAD can forcibly check items that do not support real-time monitoring for users who stay online for a long

time. To do this, modify the Reauthentication Interval parameter in the service parameter configuration.
To modify the real-time monitoring parameters:

1.

Click the User tab.

2.

From the navigation tree, select User Security Policy > Service Parameters > System Settings.
The System Parameters Config page appears.

3.

Modify the following real-time monitoring parameters:

{

Real-Time Monitor Interval—Enter the interval, in seconds, at which real-time security checks
are performed. The default setting is 60 seconds.

{

Reauthentication Interval—Enter the interval, in hours, at which an online user is forced to be
reauthenticated. The default setting is 24 hours.

4.

Click OK.

Configuring the default security policy for roaming users

For roaming users, the EAD server on the visited network, not the local EAD server, checks for security

items.
You can configure only one security policy as the default security policy for roaming users. The default

security policy shows the [Default policy for roaming users] tag in the Policy Name field on the Security
Policy List.
To set the default security policy for roaming users:

1.

Click the User tab.

2.

From the navigation tree, select User Security Policy > Security Policy.
The security policy list displays all security policies.

3.

Click the Modify icon

for the security policy you want to set as the default policy for roaming

users.
The Modify Security Policy page appears.

4.

In the Basic Information area, select Set as Default Policy for Roaming Users.

5.

Click OK.

Assigning security policies

When an endpoint user accesses the network, UAM determines the access scenario of the user and

sends the matching security policy to the iNode client on the user's endpoint. If the user matches no other

See also other documents in the category H3C Technologies Safety: