beautypg.com

11 ead audit, Security logs, Security log list contents – H3C Technologies H3C Intelligent Management Center User Manual

Page 246

background image

230

11 EAD audit

EAD audit includes the following functions:

Viewing access user security logs—Record access information of access users and detailed
information of security events. Operators can query security logs to identify security risks in the

network, and take actions to enhance network security.

Client driver audit—Allows operators to query driver errors to identify and repair faulty endpoints.

Viewing security status of online and roaming users—Use the online and roaming user lists. The
Online User List also displays client ACLs, device ACLs, traffic status, and online asset information.

Online user security check—Perform a security check for online user endpoints at any time. Security
check items include system information, screen saver protection and password setting, drive list
information, shared directory information, installed software, installed patches, enabled services,

and running processes. Performing a security check for an online user does not affect the security

status of the user.

Many EAD functions require cooperation of the iNode client. When the iNode client encounters driver
errors, the security functions cannot work. The iNode client can send these errors to the EAD server.

Security logs

EAD records security logs for the following security events:

Assigning ACLs to users

Security check

Security recheck

Real-time monitoring

By default, EAD records security logs only for access users who fail security check. For EAD to record

security logs for access users who pass security check, enable the Generate logs after the security check

is passed feature. For more information, see "

13 Configuring service parameters

."

Security log list contents

Account Name—Name of the account. Click the name to view detailed information about the user
account.

Service Name—Service assigned to the access user. Click the name to view contents of the service
configuration.

Login Date/Time—Date and time when the access user logged in.

User MAC Address—MAC address that the access user used for security check.

User IP Address—IP address that the access user used for security check.

Details—Click the Details icon

to view detailed information about the security log.

See also other documents in the category H3C Technologies Safety: