Networking de empresas

UC&C

Computación en nube y centros de datos

Gestión y herramientas

Wireless

Industrias

Redes ágiles

Computación en nube y centros de datos

UC&C

Red privada inalámbrica

Casos de estudio

Soporte de productos

Descargas de software

Servicios de partner de canales

Soluciones de servicio

Soporte técnico

Capacitación de Huawei

Certificación de Huawei

Partners para las capacitaciones

Academia de red

Acceder a la capacitación como visitante

Cómo ser un partner

Pedido

Marketing

Material de soporte

Soporte

Evaluación

Noticias

Eventos

Página Anterior!

Prompt

No ha iniciado sesión o no esta autorizado!

Página Anterior

Centro de políticas

El Centro de políticas de HUAWEI utiliza un motor de políticas para llevar a cabo políticas de acceso unificado relativas al acceso de Internet e Intranet a través de redes alámbricas o inalámbricas. El Centro de políticas autentica y autoriza a los usuarios por medio de la identidad de usuario, el tipo de dispositivo, el tipo de activo, la fecha y hora de acceso, la ubicación desde donde se realizó el acceso y el modo de acceso con el fin de satisfacer los requerimientos de autenticación jerárquica y el acceso en múltiples plataformas. El Centro de políticas ofrece la gestión de invitados de un ciclo de vida completo, que permite a los invitados acceder a las redes en cualquier momento y desde cualquier lugar, sin poner en riesgo la seguridad de la red. De este modo, el Centro de políticas permite mejorar la eficiencia de los invitados y reducir la carga de trabajo relacionada con IT y O&M. El Centro de políticas también aplica políticas de seguridad diversificadas para bloquear el acceso desde terminales inseguras y que no cumplan con los requerimientos. De este modo, se garantiza la seguridad de la información.

Policy Center

  • Policy Center

Unified Policy Engine and Context Awareness Based on 5W1H

Huawei Policy Center provides a unified policy engine, which applies an unified access policy for the entire enterprise where wired and wireless devices are deployed for users on the intranet and Internet. Authentication can be performed by user, device type, asset type, access time, access location, and access method, ensuring authorized access to the enterprise and appropriate user behaviors.



Customized Portal and Flexible Web Push

Huawei Policy Center provides a customizable portal that has WYSIWYG customization features, reducing secondary development costs and enhance the enterprise brand.


Policy Center has flexible web push features based on terminal IP range or position, which meet customized service push requirements.



Anywhere & Anytime Access and Imperceptible Authentication Technologies, Assisting BYOD

Intelligent terminal identification: Huawei Policy Center provides more than 200 types of equipment type templates. By identifying terminal types, Policy Center provides authentication methods and pushes web pages by terminal. It also limits network access policies using web authentication.


No sensing authentication: Policy Center provides imperceptible authentication experience after users log in to the portal based on MAC addresses, improving user experience and reducing difficulty in BYOD implementation.



Industry-Leading Terminal Security Policy, Health Check Hardening, and Data Leak Prevention

Huawei Policy Center provides abundant terminal security policies to block insecure terminals or the terminals that do not meet enterprise security policies and improve intranet security.


Policy Center offers employee behavior management, security hardening, asset management, patch management, and software distribution features, lowers IT O&M costs, and improves enterprise information security.


Policy Center applies comprehensive management and control over mobile storage media by user and computer, covering the enabling, disabling, encryption, and authorization, to prevent data leaks.


The physical server where Policy Center is installed must connect to terminals and other network devices that interwork with the Policy Center.


Policy Center can interwork with Huawei switches, routers, wireless devices, and firewalls on a portal authentication network or third-party switches on an 802.1x authentication network.


Function Specifications
Identity authentication System-based account authentication
Windows Active Directory (AD) authentication
Third-party LDAP authentication
Mobile certificate authentication
Anonymous authentication: allows terminal users in a network area to access the intranet without any passwords.
Policy Engine Provides 5W1H-based context awareness (identification of user identities, terminal types, access locations, access time, and access modes) access control and role- and context-based policy authorization.
Pushes services based on multiple factors, such as terminal IP addresses, APs, and SSIDs.
Supports portal customization.
Network access control Compliance check: Security assessments and system configurations prevent non-compliant terminals from accessing the protected resources.
Automatic isolation of non-compliant terminals and one-click repair for terminal faults
User-based access authorization: denies unauthorized access.
Guest access lifecycle management Supports self-service account application for visitors and employees.
Notifies visitors of account credentials through Web pop-ups, emails, and SMS.
Offers APIs for guest account creation, deletion, modification
Supports the customization of guest account registration and login pages
Terminal Identification Identifies PCs, Mobile phones, and IP phones.
Identifies the Windows, Linux, iOS, Android, and Mac OS operating systems and their versions.
Supports various information types and measures, such as DHCP, RADIUS, HTTP, MAC OUI, and SNMP scanning.
Security management Security hardening: Static configuration check (antivirus software, patches, suspicious registries, suspicious processes, and illegitimate software) and dynamic audit (port use, enabling least services, peripheral access, ARP detection, and traffic monitoring) to discover and eliminate security threats
Office behavior management: Covers web access, media download, and non-office software installation.
Information leak prevention: The TSM system manages peripherals and mobile storage devices, restricts illegitimate Internet access, and controls network applications.
Network protection: The TSM system isolates the traffic from legitimate and illegitimate terminals to prevent them from becoming attack sources.
Desktop management Patch management: The TSM system provides professional patch management for one-stop patch check and recovery. You can view information about patch deployment by device or patch. The TSM system can collaborate with the WSUS.
IP asset auto-discovery: The TSM system automatically discovers non-applicable devices, such as IP printers, IP phones, smart phones, cash registers, and bar code scanners.
Asset lifecycle management: The TSM system prevents the loss of software and hardware assets, and provides real-time visibility of corporate assets.
Software distribution: The TSM system uses the distributed storage and express forwarding technologies for delivering large files on the intranet. These technologies have low bandwidth requirements and are highly efficient.
Remote desktop assistance
Message announcement: The TSM system pushes bulletin messages to specific users or departments. You can set the validity period of bulletin messages.
Policy management Hierarchical and domain-based management: The TSM system ensures that administrators manage different services in different departments.
Policy template: You can configure policies and set parameters in one policy template. Different users or departments can reference the same policy template.
Location awareness: Appropriate security policies are applied to terminals at different locations.
You can define or obtain policies from the security center.
Maintainable report Predefined report templates
Predefined trend reports
You can define or obtain reports from the security center.
System management System status monitoring: When an anomaly occurs on the server, the TSM system generates alarms, including dialog box alarms and email alarms.
Online client fault diagnosis: The TSM system diagnoses and rectifies all faults on the managed clients.
Remote database backup
Networking mode Centralized networking: This mode applies to small networks.
Distributed networking: This mode applies to large networks or networks with many branches.
Hierarchical networking: This mode applies to large networks that require multiple TSM systems.

Policy Center is installed on an independent server or on the eSight server.



The following table lists the running environment when Policy Center is installed on an independent server.


Capacity Hardware Operating System Database
0–10,000 users CPU: 1 x 6-core processors, 2 GHz or above
Memory: 8 GB
Disk space: 300 GB
NOTE:
Use PC Servers. 		Windows Server 2008 R2 standard (64-bit) + Microsoft SQL Server 2008 R2 standard
10,000–100,000 users CPU: 1 x 6-core processors, 2 GHz or above
Memory: 8 GB
Disk space: 300 GB
NOTE:
Use PC Servers.
The number of servers can be calculated based on the rule that each server can manage 10,000 access users. 		Windows Server 2008 R2 standard (64-bit) + Microsoft SQL Server 2008 R2 standard

Item Quantity Remarks
Policy Center Access Control Features 1 Mandatory. Policy Center access control components
Policy Center Guest Management Features 1 Optional. Guest full lifecycle management
Policy Center Advanced Features (Terminal Security Management Features) 1 Optional. Terminal health check, user behavior management, asset management, patch management, and software distribution
Policy Center Mobile Storage Media Management Features 1 Optional. Mobile storage media authorization, enabling, disabling, and encryption
Policy Center Terminal Licenses for Features Above Ladder Optional. According to the above features, choose a license of terminal quantity (Licenses that support 250, 500, 1000, 2000, and 5000 terminals can be quoted.)