4 configuring imc for use, Securing imc and access to managed resources, 4 configuring imc – H3C Technologies H3C Intelligent Management Center User Manual
Page 136: For use
122
4 Configuring IMC for use
Effective implementation and maintenance of IMC depends on pre-discovery planning and
configuration. This chapter describes the functional areas of IMC that are most effectively used when
configured and implemented prior to populating IMC with users, devices, and resources. In addition, the
chapter includes basic IMC system-wide configuration and maintenance functions.
Securing IMC and access to managed resources
IMC offers you powerful control over network resources including network devices, network users, and
services. Securing IMC is at the top of the list of priorities for configuring IMC for use. This section
describes the security options available in IMC that secure its use, the access and control over resources
it offers you, and the data IMC uses to manage resources. Operator groups: Operator groups enable
you to assign or remove IMC management privileges by group. You can also create custom groups to
further extend administrative control over access to IMC and the network resources managed by it. For
configuring operator groups, see "
Operator roles: You have the ability to assign various levels of rights to individual operator accounts with
the ability to restrict access by views and groups. For configuring operator accounts, see "
Login control templates: You can permit or deny operator access to IMC by IP address. For configuring
login control templates, see "
Securing IMC through operator login control templates
Integration with authentication services: IMC supports secure access to IMC through integration with
RADIUS and LDAP for operator authentication to IMC. For more information, see "
through authentication services
Password strategy: IMC enables you to define system-wide password requirements for all operators that
have access to IMC. For configuring password strategies, see "
Establishing IMC password strategies
Online operators: You can view current IMC access and activity through the Online Operators feature.
Through this feature, you can log operators off as well as block access to IMC in real time. For more
information about this feature, see "
Managing online IMC operator access
SNMP configuration: For secure communications between IMC and managed devices, IMC supports
SNMPv1, v2c and various forms of v3. In addition, IMC also supports global SNMP community string
management for all managed devices once devices are configured to be managed by IMC. For
configuring SNMP through templates, see "
Telnet and SSH device access: IMC also supports remote device access through Telnet and SSH with the
ability to use templates to configure Telnet and SSH settings. For configuring Telnet and SSH templates,
see "
."
Resource management: managing network
resources with global settings
IMC incorporates many services and features that enable you to easily and effectively manage global
network resources.