Ead security policy, Tacacs+ authentication management – H3C Technologies H3C Intelligent Management Center User Manual

41

IMC Platform to provide authentication, authorization, and accounting
for network device maintainers. TAM can be deployed separately from
the IMC Platform and other components to save system capacity and
improve performance.

TAM supports the following features:

•

Multiple device categorizing methods—Devices can be categorized
based on management domain or device type.

•

Flexible user-defined authorization policies—Multiple rules can be
defined for a single authorization policy. Each rule can assign device
users different shell profiles and command sets based on authorization
scenarios such as device area, device type, and authorized time range.

•

User group management—Operators can manage users in groups to
improve management efficiency.

•

LDAP user authentication—TAM can work with an LDAP server for user
authentication, or synchronize user information from the LDAP server for
authentication.

•

Integrated device user operation monitoring: TAM monitors device users'
authentication, authorization, and command execution operations,
facilitating tracking and auditing of device users by operators.

EAD Security Policy

EAD enforces enterprise security policies on terminals to enhance
terminal defense capabilities, control network access and ensure network
security. As the core of EAD solution, the EAD component includes the
EAD service module and the Desktop Asset Manager (DAM) service
module.