beautypg.com

Special cases, Abnormal traffic, Security level list contents – H3C Technologies H3C Intelligent Management Center User Manual

Page 54: Security level details

background image

38

2.

Specify an anti-virus software policy.

Special cases

Abnormal traffic

For the action specified for abnormal traffic in the security level to take effect, you must enable the traffic

monitoring function in the security policy and specify the items to be checked in the traffic monitoring

policy.
For example, to enable the iNode client to perform the specified action on an access user whose IP traffic
running on the authenticated NIC exceeds the minor threshold or severe threshold:

1.

Enable the traffic monitoring function in the security policy.

2.

Set the IP traffic thresholds.

WSUS/SMS Server Collaboration Failure and Auto-Installation Failure

For the action specified in the security level for WSUS/SMS Server Collaboration Failure and

Auto-Installation Failure to take effect, enable the Check Through Microsoft Server feature in the security

policy.

Security level list contents

The security level list has the following parameters:

Security Level Name—Name of the security level. Click the name to view detailed information.

Description—Description of the security level.

Service Group—Service group to which the security level belongs.

Modify—Click the Modify icon

to modify the security level settings.

Delete—Click the Delete icon

to delete the security level.

Security level details

The security policy details page has the following areas:

Basic Information—Basic information about the security level, including the security level name and
the Action After parameter.

PC—Security modes that define the actions to take in response to detected security violations for
PCs.

Smart Device—Security modes that define the actions to take in response to detected security
violations for smart devices.

UAM identifies the security modes for PCs from the security modes for smart devices in the same security

level according to the security policies used by the endpoints.
EAD supports the following security modes in descending order of severity:

Kick Out—The EAD server works with the UAM server to log off non-compliant users and generates
security logs for violations.

Isolate—The EAD server isolates non-compliant users in a restricted area, informs the users of the
security vulnerability and remediation methods, and generates security logs for violations.

See also other documents in the category H3C Technologies Safety: