1 uam overview, Uam in the ead solution, Uam functional structure – H3C Technologies H3C Intelligent Management Center User Manual
Page 19
1
1 UAM overview
UAM in the EAD solution
UAM is a part of the EAD solution. It is a multi-service, secure access management solution that integrates
authentication, monitoring, auditing, and service management.
In the EAD solution, IMC cooperates with various access devices (such as switches, routers, VPN
gateways, and firewalls) to meet the requirements of identity authentication, user privilege control,
access admission, and desktop management in different network scenarios.
The EAD solution has the following features:
•
Reliable user identity authentication
•
Simple and practical user management
•
BYOD/endpoint identification
•
Strict user privilege control
•
All-around endpoint security protection
•
Powerful desktop management function
•
High-performance, expansible deployment solutions
The EAD solution uses a client/server model: UAM and EAD Security Policy as the servers and the iNode
client software as the client.
•
The UAM component provides reliable user identity authentication, simple and practical user
management, and strict user privilege control for the EAD solution.
•
The EAD Security Policy component provides strict endpoint security defense and powerful desktop
management for the EAD solution.
•
The iNode client cooperates with the UAM and EAD Security Policy to implement these endpoint
control functions.
UAM functional structure
As shown in
, UAM functions are based on the access user and service structure.
•
An access user is the information an endpoint user employs to access the network, including access
account and password.
•
A service is a set of access control policies.
To access the network, an endpoint user creates an access user and applies for at least one service in
UAM. When accessing the network, the user is restricted by the policies defined in each service that the
user employs.