Binding – H3C Technologies H3C Intelligent Management Center User Manual
Page 21
3
•
Control user uplink and downlink bandwidth and priorities—Access devices can limit the uplink
and downlink speeds and priorities of access users according to rate and priority limit policies
assigned by the UAM. This function reduces network congestion by stopping users from occupying
excessive network resources.
•
Specify user access rights to resources—Access devices can dynamically grant users access to
specific network resources, according to the user ACLs and user VLANs assigned by the UAM. This
function prevents illegal access to important network resources.
•
Require the usage of an iNode client—Some UAM functions require the cooperation of an iNode
client. UAM lets you specify that users must use an iNode client to ensure these functions.
•
Prohibit users from using an IE proxy or proxy server software—If you enable this function in UAM,
users who use an IE proxy or run proxy server software cannot pass authentication, and online users
who configure an IE proxy or run a proxy server are logged off. This function requires the
cooperation of the iNode client.
•
Prohibit online users from changing IP addresses—If you enable this function in UAM, online users
who change the IP address of the authentication network adapter are logged off. This function runs
with the iNode client.
•
Prohibit users from changing MAC addresses—If you enable this function in UAM, users who
change the MAC address of the authentication network adapter cannot pass authentication. This
function runs with the iNode client.
•
Prohibit users from using multiple network adapters—If you enable this function in UAM, users
who have multiple network adapters (including virtual network adapters) activated in their PCs
cannot pass authentication. If it detects that an online user has multiple active network adapters,
UAM logs off the user. This function runs with the iNode client.
•
Prohibit users from using the iNode DC in Windows, Linux, or Mac OS—If you enable this function
in UAM, users who use an iNode DC in the corresponding operating system cannot pass
authentication.
•
Access MAC address control—If you enable this function in UAM, users who use MAC addresses
that are not allowed to access the network cannot pass authentication.
•
Hard disk serial number control—If you enable this function in UAM, users can access the network
only when at least one hard disk serial number of their terminals are allowed to access the network.
•
SSID access control—If you enable this function in UAM, a wireless user must use a permitted SSID
to access the network.
•
Restrict external network access—If you enable this function in UAM, UAM uses client ACLs to
restrict the network access rights of users who uses an unauthenticated network adapter. This
function runs with the iNode client.
•
Restrict the user IP getting method—In UAM, you can specify the user IP getting method as DHCP,
static configuration, or either DHCP or static. If a user obtains the IP address in a way different from
that you specified, the user cannot pass authentication.
Binding
The following types of bindings can be used with one another unless otherwise specified.
•
Access user and access device binding—Users can access the network only from the access device
with a specific IP address. The IP address is specified in UAM.
•
Access user and access port binding—Users can access the network only from a specific port on an
access device. The port is specified in UAM.