Security check items, Security level and security mode – H3C Technologies H3C Intelligent Management Center User Manual

13

3.

Select a security level and configure the security mode for each check item. The following security

modes are supported for PCs:

{

Kick out

{

Isolate

{

Inform

{

Monitor

4.

To isolate access users that fail the security check, configure an isolation mode and isolation rules.

5.

Configure a remediation server and a knowledge base for users to access for remediation when
users cannot access the network.

6.

Configure a security policy to associate the selected security level with check items, isolation mode,
and failure notifications.

7.

To configure security policies for different access scenarios, repeat step 2 through step 6.

8.

Configure access services and associate them with security policies.

9.

Audit security logs and reports to identify any new trend of security threats in the network.

10.

Adjust the security policies, security levels, and isolation rules based on audit result.

Security check items

The following security check items are available for a security policy that is to be assigned to a Windows,

Linux, or Mac OS PC:

•

URL access control

•

Anti-virus software control

•

Anti-spyware software control

•

Firewall software control

•

Anti-phishing software control

•

Hard disk encryption software control

•

PC software control

•

Patch software control

•

Windows patch control

•

Registry control

•

Share control

•

Asset registration status check

•

Windows system restore settings check

•

Traffic control

•

OS password control

Some of the check items also have sub items.

Security level and security mode

A security level for PCs contains check items and their respective security modes that define the actions

to take in response to any detected security violations.