Basic information area, Traffic monitoring area, Check anti-virus software area – H3C Technologies H3C Intelligent Management Center User Manual
Page 55
39
•
Inform—The EAD server informs non-compliant users of the security vulnerability and remediation
methods on user endpoints, and generates security logs for violations.
•
Monitor—The EAD server monitors non-compliant users and generates security logs for violations.
The following information describes security level parameters for PCs. For more information about
configuring the security level for smart devices, see "
5 Configuring the security check for smart devices
Basic Information area
•
Security Level Name—Name of the security level.
•
Action After—Amount of time, in minutes, that the access user with a security check failure can
access the network before being isolated or kicked out. During that time, the user can make the
necessary remediation and initiate a new security check to prevent being isolated or kicked out.
This parameter is available only when the Isolate or Kick Out action is configured for a check item,
excluding the traffic monitoring check and the operating system password check.
•
Description—Description of the security level.
•
Service Group—Service group to which the security level belongs.
Traffic Monitoring area
•
IP Traffic Minor Threshold Exceeded—Action to take when the total IP traffic of all NICs on the user
endpoint is above or equal to the IP Traffic Minor Threshold, and below the IP Traffic Severe
Threshold configured in the traffic control policy.
•
IP Traffic Severe Threshold Exceeded—Action to take when the total IP traffic of all NICs on the user
endpoint is above or equal to the IP Traffic Severe Threshold configured in the traffic control policy.
•
Broadcast Packets Minor Threshold Exceeded—Action to take when the total number of broadcast
packets sent by all NICs on the user endpoint is above or equal to the Broadcast Packets Minor
Threshold, and below the Broadcast Packets Severe Threshold configured in the traffic control
policy.
•
Broadcast Packets Severe Threshold Exceeded—Action to take when the total number of broadcast
packets sent by all NICs on the user endpoint is above or equal to the Broadcast Packets Severe
Threshold configured in the traffic control policy.
•
Packets Minor Threshold Exceeded—Action to take when the total number of packets passing the
authenticated NIC of the user endpoint is above or equal to the Packets Minor Threshold, and
below the Packets Severe Threshold configured in the traffic control policy.
•
Packets Severe Threshold Exceeded—Action to take when the total number of packets passing the
authenticated NIC of the user endpoint is above or equal to the Packets Severe Threshold
configured in the traffic control policy. The authenticated NIC is used by an access user to pass
identity authentication and to access the network.
•
TCP/UDP Connections Minor Threshold Exceeded—Action to take when the total number of
TCP/UDP connections of all NICs on the user endpoint is above or equal to the TCP/UDP
Connections Minor Threshold, and below the TCP/UDP Connections Severe Threshold configured
in the traffic control policy.
•
TCP/UDP Connections Severe Threshold Exceeded—Action to take when the total number of
TCP/UDP connections of all NICs on the user endpoint is above or equal to the TCP/UDP
Connections Severe Threshold configured in the traffic control policy.
Check Anti-Virus Software area
•
Anti-Virus Software Not Installed—Action to take on an access user whose endpoint does not have
anti-virus software installed.