1.0 Intelligent Campus Network Solution
2.0 IDC Data Center Network Solution
3.0 Enterprise Cloud Solutions
4.0 Overall Information Security Solution
- 4.1 Exit Security Application Solutions
- 4.2 Branch and Mobile Internet Application Solutions
- 4.3 Data Center Security Solutions
- 4.4 Level Protection Comprehensive Solution
- 4.5 Disaster Recovery and Backup Integrated Solution
- 4.0 Overall Information Security Solution
- 4.6 CDP Local Disaster Recovery Solution
- 4.7 Dual-System Disaster Recovery Shared Storage Hot Standby Solution
- 4.8 Mirrored Hot Standby Solution for Dual-machine Disaster Recovery
- 4.9 Desktop Access Scheme
- 4.10 Anti-disclosure security management system for electronic documents
- 4.11 Email Security Overall Solution
5.0 Smart Wireless Total Solution
- 5.1 Cloud wireless solution
- 5.2 Application authentication access solution
- 5.0 Smart Wireless Total Solution
- 5.3 Smart Business Circle Solution
- 5.4 Wireless bridging solution
- 5.5 Elevator Wireless Coverage Solution
- 5.6 Hotel wireless coverage solution
- 5.7 Smart Campus Wireless Solution
- 5.8 Hospital Wireless Solution
- 5.9 Wireless retail solutions for malls
6.0 HD Video Conference Solution
7.0 IDC Computer Room Construction Solution
8.0 Intelligent Weak Current Solution
9.0 Intelligent Building Solution
10.0 Intelligent Management Center Overall Solution
IP 产品与相关技术的研发、生产和销售，具备完善的产品技术、客户服务、渠道、认证培训体系，为您提供客户化、特性丰富、性价比高的网络产品与解决方案。 H3C focuses on the R & D, production and sales of IP products and related technologies. It has perfect product technology, customer service, channels, and certification training systems to provide you with customized, feature-rich, and cost-effective network products and solutions. H3C 提供包括网络管理、用户管理、业务管理等全面的管理解决方案： H3C 智能管理中心（ H3C Intelligent Management Center ，以下简称 H3C iMC ）。 As an industry-leading provider of network equipment and solutions, H3C provides comprehensive management solutions including network management, user management, and business management: H3C Intelligent Management Center ( hereinafter referred to as H3C iMC ).
H3C IToIP 解决方案的统一管理中心，基于 SOA 架构，采用灵活的组件化结构，与 H3C 的数据通信设备产品一起为用户提供全网解决方案，帮助客户真正实现网络的按需构建。 H3C iMC is a unified management center for H3C IToIP solutions. Based on the SOA architecture, it adopts a flexible component structure. Together with H3C data communication equipment products, H3C iMC provides users with a full-network solution to help customers truly build networks on demand.
IToIP 解决方案中的位置 Figure 1 H3C iMC position in IToIP solution
IToIP 解决方案核心管理系统，为用户提供了灵活的组件化结构，包括智能管理平台、 ACL 管理、 QoS 管理、 NTA 网络流量分析、 MPLS VPN 管理、用户接入管理、 EAD 解决方案、无线管理等业务组件，用户可以根据自己的管理需要和网络情况灵活选择需要的组件，真正实现“按需建构”。 As the core management system of IToIP solution, H3C iMC provides users with a flexible component structure, including intelligent management platform, ACL management, QoS management, NTA network traffic analysis, MPLS VPN management, user access management, EAD solution, wireless Management and other business components, users can flexibly select the required components according to their own management needs and network conditions, and truly achieve "on-demand construction."
The architecture of the H3C Intelligent Management Center solution is shown below:
Figure 2 H3C iMC solution architecture
H3C iMC 管理系统由智能管理平台以及各个业务组件组成，管理平台提供网络管理的一些基础功能，比如故障管理、性能管理、资源和拓扑管理、用户管理等，而业务组件提供了相应的业务管理功能；各个业务组件相对独立，并可以无缝的集成在管理平台中，使得整个系统具有很强的可扩展性。 As can be seen from the above figure, the H3C iMC management system is composed of an intelligent management platform and various business components. The management platform provides some basic functions of network management, such as fault management, performance management, resource and topology management, and user management. The service components provide Corresponding business management functions; each business component is relatively independent and can be seamlessly integrated in the management platform, making the entire system highly scalable.
B/S 架构，可以与 H3C iMC 其他业务组件有效集成，形成多种解决方案。 The H3C iMC intelligent management platform realizes the integrated management of network resources, users, and services, and provides basic network resource management, topology management, fault management, performance management, user management, and system security management. Based on the B / S architecture, it can communicate with other H3C iMC Effective integration of business components to form multiple solutions.
H3C 全线数据通信产品的管理，也可通过标准 MIB 实现对 Cisco 、 3com 、北电等各主流厂商的数据通信设备管理。 The H3C iMC intelligent management platform can not only realize the management of the entire line of H3C data communication products, but also the data communication equipment management of mainstream manufacturers such as Cisco , 3com , Nortel, etc. through standard MIB .
iMC resource management and topology management together provide users with network resource management. Through resource management, you can:
ARP 方式、 IPSec VPN 、网段方式等五种自动发现方式自学习网络资源及网络拓扑，自动识别包括：路由器、交换机、安全网关、存储设备、监控设备、无线设备、语音设备、打印机、 UPS 、服务器、 PC 在内的多种类型网络设备； Self-learning of network resources and network topology can be performed through five automatic discovery methods such as simple seed setting, routing method, ARP method, IPSec VPN , and network segment method. Automatic identification includes routers, switches, security gateways, storage devices, and monitoring devices. , Wireless devices, voice devices, printers, UPS , servers, PCs and other types of network equipment;
Figure 3 Multiple automatic discovery methods
Figure 4 Automatic recognition of multiple device types
Manual network management
Telnet 、 SNMP 参数，以及批量校验 Telnet 参数等辅助功能； You can manually add and delete network devices, you can import and export network devices in batches, configure Telnet and SNMP parameters in batches, and verify auxiliary functions in batches such as Telnet parameters.
Network view management
IP 视图、设备视图、自定义视图、下级网络管理视图等多种管理视图，用户可以从不同角度实现整个网络的管理； Support multiple management views such as IP view, device view, custom view, lower-level network management view, and users can implement the management of the entire network from different perspectives;
Management of network equipment
/ 去管理、接口的管理 / 去管理、设备的详细信息显示和接口详细信息显示、设备和接口实时告警状态、设备和接口的实时性能状态、实时检测存在故障的设备等，用户可以方便的实现所有设备的管理； From any kind of network view entrance, you can realize the management of network devices, including: support for device management / de-management, interface management / de-management, detailed device information display and interface detailed information display, device and interface real-time Alarm status, real-time performance status of equipment and interfaces, real-time detection of faulty equipment, etc., users can easily manage all equipment;
Integrated management of equipment and business management systems
H3C 、 CISCO 、 3COM 等主要厂家设备的管理，支持手工添加设备厂商、设备系列及设备型号；支持设备面板管理的动态注册机制，实现与各厂家设备管理系统的有效集成；支持拓扑定位、 ACL 、 VLAN 、 QoS 等业务管理系统的集成，实现设备资源的统一管理； Supports the management of H3C , CISCO , 3COM and other major manufacturers' equipment, supports manual addition of equipment manufacturers, equipment series and equipment models; supports the dynamic registration mechanism of equipment panel management to achieve effective integration with equipment management systems of various manufacturers; supports topology positioning, Integration of ACL , VLAN , QoS and other business management systems to achieve unified management of equipment resources;
Device group rights management
Support device grouping function. By grouping and managing device resources, the system administrator can easily assign management rights of other administrators to facilitate separation of duties.
iMC topology management provides users with intuitive management of the entire network and network equipment resources from the solution of network topology. Topology management includes:
Automatic topology discovery
H3CiMC can automatically discover the network topology and support a unified topology view of the entire network. The view navigation tree provides fast navigation between views. SNMP 设备发现出来，只要设备可以 ping 通即可。 Through automatic discovery, you can discover all devices and network structures in the network (see Resource Management for details), and you can discover non- SNMP devices as long as the devices can ping through. IP 可达）。 In this way, all network devices can be included in its management scope (as long as the device IP is reachable). It also supports automatic topology diagram rendering and custom topology. The automatic topology can automatically display the logical connection relationships in the network, and at the same time can be saved as a custom topology map and can be modified according to specific conditions to facilitate the network administrator's monitoring of the entire network device.
60 ～ 7200 秒），同时也支持对多个设备的刷新周期进行批量配置的功能。 Supports periodic polling and status refresh of the entire network of devices and connections, real-time understanding of the operation of the entire network, and the refresh cycle is customizable (refresh cycle: 60 to 7200 seconds), and also supports batch refresh cycles of multiple devices Configured features.
Figure 5 iMC topology diagram
Support custom topology
Most traditional network management software supports the function of automatically discovering the network topology. However, the network topology after automatic discovery is often a simple discharge of many device icons. It cannot highlight key devices and network levels, making network managers feel they cannot start.
H3C iMC 的拓扑功能支持灵活的自定义功能，管理人员可以根据网络的实际组网情况和设备重要性的不同灵活定制网络拓扑，可对拓扑图进行增、删、改等编辑操作，使网络拓扑能够清晰地呈现整个企业的网络结构以及 IT 资源分布。 In view of this situation, the topology function of H3C iMC supports flexible customization functions. Administrators can flexibly customize the network topology according to the actual networking situation of the network and the importance of the equipment. The topology map can be added, deleted, and modified. Operation, so that the network topology can clearly present the network structure and IT resource distribution of the entire enterprise .
H3C iMC supports flexible customization of the topology map, making the network topology more focused and layered. The administrator can define multiple topologies according to different devices and management angles, and can choose different background maps for different topologies. The administrator can display appropriate icons based on the importance of network devices and different link rates. For example, for campus networks, users can customize campus distribution maps, network distribution maps in office buildings, network distribution maps in dormitory buildings, and so on.
Figure 6 Device details
Automatic identification of various network devices and host types
H3C 、华为、 Cisco 、 3com 等厂商的设备、 Windows 、 Solaris 的 PC 和工作站、其他 SNMP 设备和 ping 设备，并且以树形方式组织，以不同的图标显示区分。 H3C iMC can automatically identify H3C , Huawei, Cisco , 3com and other manufacturers' devices, Windows , Solaris PCs and workstations, other SNMP devices and ping devices, and is organized in a tree structure with different icon display and distinction. UPS 、服务器、 PC 等等。 In the topology diagram, the types of devices can be further distinguished, such as routers, switches, security gateways, storage devices, monitoring devices, wireless devices, voice devices, printers, UPS , servers, PCs, and so on.
Figure 7 iMC manageable device types
Intuitive display of information such as device status, connection status, and alarm status on the topology map
IT 资源的状态，包括运行是否正常、网络带宽、接口连通、配置变化都能一目了然。 H3C iMC 's topology functions are closely integrated with fault management and performance management, so that the topology map can clearly see the status of enterprise IT resources, including whether it is operating normally, network bandwidth, interface connectivity, and configuration changes at a glance. Multiple colors distinguish different levels of faults, and reflect the device status according to the color of the node icons.
Figure 8 Status display
Topology can provide convenient access to device management
The H3C iMC topology can provide a convenient entrance to device management. Administrators can start various functions of device management by right-clicking on the device icon in the topology map, and realize the configuration of various functions such as panel management of the device.
Figure 9 Convenient entry for device management
/ 事件管理，是 H3C iMC 的核心模块，是 iMC 智能管理平台及其他业务组件统一的告警中心。 Fault management, that is, alarm / event management, is the core module of H3C iMC , and is the unified alarm center of iMC intelligent management platform and other business components. H3C iMC 强大的故障管理能力： The following figure introduces the powerful fault management capabilities of H3C iMC , guided by the fault management process :
Alarm discovery and reporting
设备告警、本级网管站及下级网管站告警、网络性能监视告警、网络配置监视告警、网络流量异常监视告警、终端安全异常告警等；同时通过支持对设备定时轮询，实现通断告警、 响应时间告警等， 以告警事件的方式上报给 H3C iMC 告警中心； The iMC alarm center can receive alarm events from various alarm sources, including device alarms, alarms at the network management station at the same level and lower network management stations, network performance monitoring alarms, network configuration monitoring alarms, network traffic abnormality monitoring alarms, and terminal security abnormality alarms. At the same time, by supporting regular polling of the device, the on-off alarm and response time alarm are reported to the H3C iMC alarm center in the form of alarm events ;
l linkdown 等重要告警事件，路由信息事件（ OSPF ， BGP ）变化，热备份路由（ HSRP ）状态变化等告警事件，支持对 H3C 、 CISCO 、华为、 3COM 等多厂商设备告警的识别和解析； Device alarms include power supply voltage, device temperature, fan and other alarm events, device cold start, hot start, interface linkdown and other important alarm events, routing information events ( OSPF , BGP ) changes, hot backup routing ( HSRP ) status changes, and other alarm events. Supports identification and analysis of H3C , CISCO , Huawei, 3COM and other multi-vendor equipment alarms;
l iMC 系统集群服务器的异常告警，包括 CPU 利用率、内存使用率、 iMC 服务程序运行状态等以及下级 iMC 系统上报的告警事件； Network management station alarms include abnormal alarms of the cluster server of the iMC system at the current level , including CPU utilization, memory usage, iMC service program running status, and alarm events reported by the lower-level iMC system;
l CPU 利用率，内存使用率，以及 RMON 告警的故障管理。 Network performance monitoring includes CPU utilization, memory usage, and fault management of RMON alarms.
l iMC 智能配置中心组件（ iMC iCC ）实现配置文件定期检查，实现配置变更告警事件。 Network configuration monitoring alarms include alarm events such as device software version and configuration information changes. Periodic inspection of configuration files is implemented through the iMC Intelligent Configuration Center component ( iMC iCC ) to implement configuration change alarm events.
l iMC 网络流量分析组件（ iMC NTA ）实现网络中异常流量告警，包括对设备及接口异常流量、主机 IP 地址异常流量和应用异常流量的告警，支持二级阈值告警定义； Network traffic abnormality monitoring alarm The iMC network traffic analysis component ( iMC NTA ) realizes abnormal traffic alarms on the network, including alarms on abnormal traffic on devices and interfaces, abnormal traffic on host IP addresses, and application abnormal traffic, and supports the definition of secondary threshold alarms;
l iMC 端点准入防御组件（ iMC EAD ）实现对终端用户安全异常的告警，包括 ARP 攻击告警、终端异常流量告警及其他终端不安全告警； Terminal security anomaly alarms Through the iMC Endpoint Admission Defense Component ( iMC EAD ), end-user security anomalies are alarmed, including ARP attack alarms, terminal abnormal traffic alarms, and other terminal insecurity alarms.
l iMC 的资源管理模块对设备接口信息定时进行轮循，并及时上报通断告警、 响应时间告警等告警事件 。 The iMC periodic polling alarm refers to periodically polling device interface information through the resource management module of the iMC , and timely reporting alarm events such as on-off alarm and response time alarm .
Alarm deep correlation analysis and statistics
The iMC alarm center receives and analyzes the reported alarm events according to the alarm event definition in the alarm script;
H3C iMC 根据标准 mib 中的 trap 信息预定义了大量告警脚本用于接收解析告警，同时支持 Openview NNM 告警定义格式的脚本定义，厂家私有告警可以集成到 iMC 告警定义脚本中， H3CiMC 同时提供自定义告警方式，用户可以在 H3CiMC 界面上对不识别告警进行定义，后面再收到该告警事件会按用户定义的格式进行解析。 Note: H3C iMC pre- defines a large number of alarm scripts based on trap information in the standard mib for receiving parsing alarms. It also supports script definitions in the Openview NNM alarm definition format. Manufacturer-specific alarms can be integrated into iMC alarm definition scripts. H3CiMC also provides Define an alarm method. You can define an unrecognized alarm on the H3CiMC interface. Later, when you receive this alarm event, it will be parsed in a user-defined format.
H3C iMC performs in-depth correlation analysis on the received alarm events. By default, the system supports repetitive event threshold alarms, flash event threshold alarms, unknown event threshold alarms, unmanaged device alarm threshold alarms, and can automatically acknowledge related alarms when the fault recovers. ; At the same time, users can determine the alarm rules for events according to their needs to meet the needs of network management.
l Repeated event threshold alarm: Shields the same event received repeatedly and generates a new alarm to notify the user when the threshold condition is reached.
l Flash event threshold alarm: Analyze the received flash event and generate a new alarm to notify the user when the threshold condition is reached.
l Unknown event threshold alarm: Blocks the unknown event received, and can generate a new alarm to notify the user when the threshold condition is reached.
l Unmanaged device alarm threshold alarm: Shields received unmanaged device events and generates a new alarm to notify the user when a threshold condition is reached.
l Custom event filtering rules: User-defined event filtering rules. Users can specify what time range and what kind of alarms to filter.
iMC 告警中心会根据定义的规则关联分析后生成不同级别的告警（告警共分成紧急、重要、次要、警告、事件 5 个级别；在浏览数据窗口，分别以红色、橙色、黄色、蓝色、灰色五种颜色进行显示），将管理员从繁多的告警事件中解脱出来，避免产生 告警风暴，让管理员能专心关注告警的根源 。 The iMC system predefines the default rules that support the upgrade of alarm events to alarm generation after various types of in-depth analysis. At the same time, administrators can customize the rules for upgrading from alarm events to alarms, which can be changed from events, event keywords, event sources, and time. The scope is defined in four aspects. Once the defined event is upgraded to an alarm rule, the iMC alarm center will generate different levels of alarms after the correlation analysis according to the defined rules (alarms are divided into five levels: emergency, important, minor, warning, and event. ; In the browse data window, it is displayed in five colors: red, orange, yellow, blue, and gray) to relieve the administrator from a large number of alarm events, to avoid alarm storms, and allow the administrator to focus on the alarm Root cause .
H3C iMC provides multiple ways to notify administrators of alarms, including:
l Email 邮件的方式，将告警及时通知管理员，实现远程网络的监控和管理； Real-time remote alarm: via SMS or Email , the administrator will be notified of the alarm in time to realize remote network monitoring and management;
l Classification, sound and light alarm board, real-time alarm according to fault category and level, so that the administrator not only knows in time the alarm generated through the alarm board, but also understands the type and level of the generated alarm:
l Real-time alarm browsing and acknowledgment, through the alarm home page, the current unresolved alarms are refreshed in real time and provide the entry for troubleshooting confirmation:
l ] Provide system snapshots to report the status of the network, subordinate networks and equipment in real time ]
l Report network and device status through topology
H3C iMC provides “repair suggestions” for various fault alarms. Administrators can refer to the repair suggestions to handle faults. 解决后，通过对告警的确认完成故障的恢复确认。 After the fault is resolved, the fault is confirmed through the acknowledgement of the alarm.
H3C iMC provides an alarm knowledge base. The alarm knowledge is a summary of the user's experience in the maintenance process. Enter these experiences into the system and use it as a reference when the same fault occurs next time. The user selects an alarm record, and the system inquires the maintenance experience of the alarm record from the alarm knowledge base according to the alarm record selected by the user, for the user to refer to the alarm processing. Users write their daily processing experience and business information into the database in a timely manner, and update the alarm knowledge base is very useful for future troubleshooting and troubleshooting.
The H3C iMC network management system provides rich performance management functions and displays it to users in an intuitive way. For example, line chart, square chart, and pie chart can be provided and corresponding reports can be generated. : Through the configuration of the performance task, various current performance data of the network can be obtained automatically, and the performance threshold can be set. When the performance exceeds the threshold, the network notifies the alarm center by means of an alarm :
l At a Glance 、 TopN 功能，用户能够对 CPU 利用率、流量等关键指标一目了然； Supports At a Glance and TopN functions, users can see key indicators such as CPU utilization and traffic at a glance;
l Provide default collection templates for various common performance indicators;
l , 当链路或端口的流量超过阈值，系统将会发送性能告警，使网络管理人员可以能够及时了解网络中的隐患，及时消除隐患。 Support real-time performance monitoring and support the setting of secondary threshold alarms . When the link or port traffic exceeds the threshold, the system will send performance alarms so that network managers can understand the hidden dangers in the network in time and eliminate the hidden dangers in time. Provide means for fault location at the same time;
l Provide analysis based on historical data to provide users with network expansion and early detection of hidden dangers;
l Html 、 Txt 、 Excel 、 Pdf 格式文件： Supports pie charts, line charts, curve charts and other graphical methods to intuitively reflect the changing trend of performance indicators; provides flexible combined condition statistics and query; performance reports support export of Html , Txt , Excel , Pdf format files:
When the network is large, the network administrator's configuration work will be very heavy. Without a good configuration system, the administrator can only manually perform configuration delivery and configuration backup. This brings certain difficulties for the administrator to manage and maintain the network, especially when the network is down, a large number of device configurations need to be restored, resulting in a large increase in maintenance costs.
H3C iMC provides configuration library management functions to help administrators form a baseline library of device configuration files and perform centralized management.
l The device configuration library includes configuration files and configuration fragments. The configuration content can have parameters, and different values can be set according to the differences of the devices during deployment.
l iCC 提供一些常用的基本的配置片断，包括删除 SNMP 团体字、添加只读 SNMP 团体字、删除 NTP Server 、增加 NTP Server 、取消本地用户服务级别、取消本地用户服务、删除本地用户密码、删除本地用户、添加本地用户、取消 DLDP 、修改 DLDP 、使能 DLDP 、取消 dot1x 端口控制、取消 dot1x 等三十多种配置模板，可以对其进行复制、导出及部署： The system provides common configuration fragments by default: iCC provides some commonly used basic configuration fragments, including deleting SNMP community words, adding read-only SNMP community words, deleting NTP servers , adding NTP servers , canceling local user service levels, and canceling local user services. , Delete local user password, delete local user, add local user, cancel DLDP , modify DLDP , enable DLDP , cancel dot1x port control, cancel dot1x and other more than 30 configuration templates, which can be copied, exported and deployed:
l / 片断导入到配置库中进行管理，也可以从指定设备上读取当前配置并导入到配置库中进行管理。 The administrator can import the specified configuration file / fragment into the configuration library for management, or read the current configuration from the specified device and import it into the configuration library for management.
l / 片断。 In addition to the function of importing configuration files from the device and importing configuration files from the file, the administrator can view, add, copy, modify, delete, export, and deploy any configuration file / segment in the specified configuration library .
When the network deployment is complete, the administrator can save the configuration information of the device through the configuration database management and baseline it. In this way, when the device configuration changes or needs to update the configuration, the administrator can refer to the baselined configuration file to modify it.
The device software version is the same as the device configuration file, and its management convenience directly affects the workload of network maintenance. iCC 提供了设备软件库管理功能，解决对设备软件版本统一管理，并进行基线化。 Also iCC provides device software database management function to solve the unified management of the device software version, and baselining.
l Unified management of equipment software. The equipment software library supports software for various services on the equipment, thereby achieving unified management of equipment software.
l The administrator can perform operations such as viewing, importing from a file, importing from a device, modifying, deleting, exporting, and deploying the device software library to effectively manage the device software.
l Device software files and configuration files are managed through a unified configuration wizard, enabling centralized deployment of software files and configuration files
l Through centralized management of deployment tasks, you can complete tasks such as task viewing, modification, copying, deleting, starting, suspending, and resuming. Tasks include periodic tasks, one-time tasks, and immediate tasks.
l Administrators can browse device configuration and software information.
l The administrator can view the current software version of the device and the latest available software in the software library, and update the device's software to facilitate the device software upgrade
l The administrator can view the latest backup configuration time of the device, manually back up the configuration file of the device, and conveniently back up the specified device manually.
l The administrator can check whether the device performs automatic backup, add automatic backup devices, set the automatic backup device and period, conveniently add the specified device to the automatic backup, set the device list for automatic backup and the automatic backup period
l Administrators can view the device's latest startup configuration file and running configuration file to determine if the device configuration has changed
l The administrator can use the device backup configuration history list to view, baseline, modify, compare, delete, and restore device configuration files. The configuration file includes three versions: baseline, normal, and draft.
l The administrator can compare the contents of any two configuration files and easily view the contents of the differences.
l The administrator can create a recovery task to restore a certain historical configuration of the device or a previous update software version of a certain update history of the device.
System security management functions mainly include: operation log management, operator management, grouping and authority management, operator login management, etc.
Figure 10 Schematic diagram of system security management
The main functions included are:
Operator login management
IP 地址范围，避免恶意尝试另人密码进行登录的行为存在，通过密码控制策略，约束操作员密码组成要求，包括密码长度、密码复杂性要求、密码有效期等，以约束操作员定期修改密码，并对密码复杂性按要求设置。 The administrator restricts the operator's login authentication by formulating a login security policy to achieve the operator's login security. The access control template restricts the IP address range of the terminal machine that the operator can log in to avoid malicious attempts to log in by another password. Existing, through the password control policy, the operator's password composition requirements are restricted, including password length, password complexity requirements, password validity period, etc., to constrain the operator to periodically modify passwords and set password complexity as required.
Operator password management
iMC 系统的安全性。 The administrator sets a password control policy for the operator. The operator can only periodically change the password according to the specified policy to ensure the security of accessing the iMC system.
Group and hierarchical rights management
The administrator can specify the device group and user group that can be managed for the operator through the settings of device grouping and user grouping, and specify its management rights and roles, including administrators, maintainers, and viewers. Multi-level authority control with sub-resources (devices and users). At the same time, by setting lower-level network management permissions, you can ensure the security of access to lower-level network management systems by restricting operators and passwords logging in to lower-level network management systems.
Operation log management
IP 地址以及登录期间进行的任何可能修改系统数据的操作，都会记录详细的日志。 All operations of the operator, including login, logout time, login IP address, and any operation that may modify system data during login, a detailed log is recorded. Provide rich query conditions, the administrator can audit the historical operation records of any operator, and define the scope of responsibility for network operation errors.
Operator online monitoring and management
IP 地址、登录时间等，同时，系统管理员可以将在线操作员强制注销、禁用 / 取消禁用当前 IP 地址等控制操作。 The system administrator can monitor the operator information of the current online login in real time through the "Online Operator", including the login host IP address, login time, etc. At the same time, the system administrator can force the online operator to log out, disable / cancel the current IP address and other control operations.