Isolation mode, Security check item – H3C Technologies H3C Intelligent Management Center User Manual

Page 137

Advertising
background image

121

Isolation mode

EAD provides the following isolation modes, as shown in

Table 22

.

Table 22 Isolation modes

Isolation mode

Method

Deploy ACLs to the
access device

Non-HP ProCurve devices—EAD deploys the ACL number or name to the access
device. The ACLs must already exist on the access device. For more information

about configuring ACLs, see the configuration guide for the access device.

HP ProCurve devices—This mode cannot be used for isolating smart devices.

Deploy ACLs to the
iNode client

This mode cannot be used for isolating smart devices.

Deploy VLANs to the
access device

EAD deploys the VLAN ID to the access device. The VLANs must already exist on the
access device.
For more information about configuring VLANs, see the configuration guide for the
access device.

Security check item

EAD provides only the MDM collaboration policy as the security check item for smart devices. The check
options in the policy vary by vendor, as shown in

Table 23

.

Table 23 MDM vendors and security check options

MDM

Vendor

Security check options

MobileIron

Require endpoint registered—The smart device must have been registered with the MobileIron
server.

Require endpoint compliant—The smart device must comply with the rules configured on the

MobileIron server.

Enable GPS service—The GPS service must be enabled on the smart device.

Enable auto lock—Auto lock must be enabled on the smart device.

Disable Bluetooth—Bluetooth must be disabled on the smart device.

Require camera disabled—Cameras must be disabled on the smart device.

Prohibit jailbreaking or rooting—The smart device must not be jailbroken or rooted.

Require password locking enabled—Password locking must be enabled on the smart device.

Require storage encryption enabled—Storage encryption must be enabled on the smart

device.

Citrix

Require endpoint registered—The smart device must have been registered with the Citrix
server.

Require endpoint compliant—The smart device must comply with the rules configured on the

Citrix server.

Prohibit jailbreaking or rooting—The smart device must not be jailbroken or rooted.

Require storage encryption enabled—Storage encryption must be enabled on the smart

device.

Advertising
Popular Brands
Popular manuals