Configuring real-time monitoring, Enabling real-time monitoring – H3C Technologies H3C Intelligent Management Center User Manual
Page 120
104
{
Kick out—The user is informed of security problems after going online. The authentication fails
and the user is logged off. Security check results are recorded in security logs.
6.
Click OK.
Performing security check by using security policies
Configuring real-time monitoring
With the real-time monitoring function, the iNode client interacts with the EAD server to perform a
periodic security check for online users. To ensure network security, the iNode client immediately
processes any violation or abnormality detected on the user endpoint.
The following check items support real-time monitoring. Operators must select the check items in the
security policy in order to have them monitored in real time. The check items include:
•
Anti-virus software
•
Anti-spyware software
•
Firewall software
•
Anti-phishing software
•
Hard disk encryption software
•
PC software control groups
•
Registries
•
Share directories
The following check items do not support real-time monitoring:
•
Windows patches
•
Asset registration status
•
Windows system restore
•
Traffic monitoring
•
Operating system password
With the exception of Windows patches, these items are checked at a system-defined interval that cannot
be modified. To ensure the efficiency of EAD security checking, operators can define the interval at which
Windows patches are checked in the service parameter configuration.
Enabling real-time monitoring
1.
Click the User tab.
2.
From the navigation tree, select User Security Policy > Security Policy.
The security policy list displays all security policies.
3.
Click the Modify icon
for the security policy to enable real-time monitoring.
The Modify Security Policy page appears.
4.
Configure the following parameters in the Basic Information area:
{
Monitor in Real Time—Select this option to enable real-time monitoring of user endpoints in the
security policy.
{
Process After—Specify the amount of time, in minutes, that the iNode client waits before it
isolates or kicks out an access user for whom a violation is detected in real-time monitoring. The