No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

eSight V300R009C00 Operation Guide 09

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Operation Procedure

Operation Procedure

The terminal resource management function of eSight can detect unauthorized access terminals timely and effectively, improving network security.

Procedure

Table 12-10 Terminal resource management operations

Step

Operation

Description

1

Set protocol parameters on the device: SNMP

SNMP parameters: They are used to add devices to eSight.

For details about how to configure the SNMP protocol on the device, see Configuring the SNMP Protocol on Devices.

2

Add devices to eSight.

Select a proper device addition mode based on the site requirements.

For details about how to add devices to eSight, see Adding Devices to eSight.

3

Create whitelists.

After users add authorized terminals or terminals in a specified range to whitelists, eSight checks access terminals based on the whitelists. If the IP address or MAC address of a terminal is not in a whitelist, eSight considers the terminal as an unauthorized terminal and records it in the unauthorized access log.

NOTE:

If no whitelist is created, eSight considers all access terminals valid by default.

4

Create access binding rules.

After access binding rules are created, eSight checks access terminals based on the rules. If a terminal violates an access binding rule, eSight considers the terminal as an unauthorized terminal and records it in the unauthorized access log.

NOTE:

Terminals violating any access binding rule are considered unauthorized.

5

Set remote notification rules.

After remote notification rules are set, eSight sends basic information about detected unauthorized terminals to specified users through emails. After receiving the emails, the users can process these unauthorized terminals in a timely manner.

NOTE:

Before setting remote notification rules, ensure that the email server has been configured. For details, see Setting Remote Alarm or Event Notification.

6

Discover access terminals.

Before users check information about terminal access to the current network, eSight needs to discover access terminals.

7

Check terminal access information.

Users need to check terminal access information to improve terminal resource usage security.

Creating Whitelists

Two methods are available for creating whitelists: batch import and manual creation.

  • Generally, the batch import mode is recommended in new site deployment because this mode can quickly create a large number of whitelists.
  • The manual creation mode can be used to create one or more whitelists in the later maintenance phase.
  1. Choose Resource > Network > Equipment > Terminal Resources from the main menu.

  2. Choose Security Management > Whitelist from the navigation tree on the left and select a creation mode as required.

    Creation Mode

    Operation Entry

    Batch import

    On the IP Address Whitelist or MAC Address Whitelist tab page, click Import. In the dialog box that is displayed, download the template, enter the IP addresses or MAC addresses in the template, and import the template again to create whitelists.

    Manual creation

    On the IP Address Whitelist or MAC Address Whitelist tab page, click Create and set the IP address or MAC address.

Creating Access Binding Rules

Two methods are available for creating access binding rules: batch import and manual creation.

  • Generally, the batch import mode is recommended in new site deployment because this mode can quickly create a large number of access binding rules.
  • The manual creation mode can be used to create one or more access binding rules in the later maintenance phase.
  1. Choose Resource > Network > Equipment > Terminal Resources from the main menu.

  2. Choose Security Management > Access Binding Rule from the navigation tree on the left.
  3. Select a creation mode as required.

    Creation Mode

    Operation Entry

    Batch import

    Click Import. In the dialog box that is displayed, download the template, enter access binding rule information, and import the template.

    NOTE:

    The template contains three sheets, so you can import three types of access binding rules simultaneously.

    Manual creation

    Click Create, select Rule Type, and set related parameters.

    There are three types of binding rules: binding between port number and IP address, binding between port number and MAC address, and binding between IP address and MAC address. One port number can be bound to multiple IP addresses or MAC addresses, but one IP address can be bound to only one MAC address.

Setting Remote Notification Rules

  1. Choose Resource > Network > Equipment > Terminal Resources from the main menu.

  2. Choose Security Management > Remote Notification from the navigation tree on the left and set related parameters.

Discovering Access Terminals

  1. Choose Resource > Network > Equipment > Terminal Resources from the main menu.

  2. Choose Resource Management > Discovery Rule from the navigation tree on the left and set discovery parameters.

    If terminal names need to be parsed, perform DNS-related configurations.

    • If the DNS server IP address has been configured for the NIC of the eSight server, ensure that reverse domain name resolution has been configured on the DNS server.
    • If the WINS server IP address has been configured for the NIC of the eSight server, ensure that the same configuration has been performed for the NICs of terminals.
    NOTE:

    To ensure integrity and accuracy of detected terminal information, it is recommended that the selected terminals include access devices and gateways for network segments of the access devices.

  3. To check terminal access information immediately, Choose Resource Management > Terminal Access Record from the navigation tree on the left and click Immediately Discovery.

Checking Terminal Access Information

  1. Choose Resource > Network > Equipment > Terminal Resources from the main menu.

  2. Perform related operations based on the site requirements.

    Related Operation

    Operation Entry

    Access records of all terminals

    Choose Resource Management > Terminal Access Record from the navigation tree on the left.

    Unauthorized terminal logs

    Choose Security Management > Unauthorized Access from the navigation tree on the left.

    Suspicious terminal logs

    Choose Resource Management > Suspicious Terminal Log from the navigation tree on the left.

Download
Updated: 2019-05-17

Document ID: EDOC1100011877

Views: 283002

Downloads: 536

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next