beautypg.com

1 tacacs+ authentication manager overview, Tam features, Reliable identity authentication – H3C Technologies H3C Intelligent Management Center User Manual

Page 10: Simple user management

background image

1

1 TACACS+ Authentication Manager overview

TACACS+ Authentication Manager (TAM) is used to centrally manage network maintainers. TAM

operates based on the IMC platform to provide authentication, authorization, and auditing for network

maintainers. After TAM is deployed on the IMC server, the server can perform TACACS+ authentication.
TAM supports the following services:

Authentication—Authenticates network maintainers to ensure that only valid network maintainers
can log in to devices.

Authorization—Assigns different device management privileges to different network maintainers,
so they can perform only authorized operations on devices.

Audit—Audits network maintainers by monitoring and recording online behaviors.

Collaboration—Cooperates with the mainstream TACACS+ supporting devices, such as HP devices,
H3C devices, and Cisco devices.

TAM features

TAM includes identity authentication, simple management, and privilege control features for users with
high-performance deployment solutions.

Reliable identity authentication

Authentication by account name and password.

Multiple password transmission methods, such as PAP, CHAP, and ASCII, to meet different network
conditions.

LDAP authentication by LDAP servers such as Windows AD, OpenLDAP, and third-party mail
systems that support the LDAP protocol.

Simple user management

User type—Supports two user types, common device user and LDAP user. Different types of users

are suitable for different network conditions.

Batch operation—Supports abundant batch operations, such as batch open/cancel/modify
accounts.

Blacklist—Adds suspicious device users to the blacklist to prevent attacks.

User group—Assigns users of the same type to one group for unified management, reducing device
maintenance work for operators and facilitating operator privilege assignment.

Online user monitoring—Monitors information about online users, including the login device IP,
user IP, and online duration.

Logging—Records the authentication, authorization, and audit logs for device users, helping
operators to monitor user logins and audit device management behaviors.

See also other documents in the category H3C Technologies Safety: