Software
Quidview
56
CAMS
57
Centralized network monitoring
Quidview intuitive topology discovery allows the user to monitor the whole network on real time running status. Adjusting well to different network environments, Quidview gives a network optimum effi ciency.
Fault management
Fault management monitors alarm and running information of the entire network in real time along with query & statistic functionality.
Performance monitoring
Featured performance management tools with easy-to-learn graphical interface, Quidview enables a user to acquire current performance data by task assignment. Performance parameters exceeding preset threshold value generates an alarm. Historical performance data based on statistics of different link and resource gives recommendation for network optimization and expansion reference.
Multi-vendor device management
SNMP-enabled elements in the network are all manageable through the unifi ed management solution provided by Quidview in multi-vendor networking environments.
Device manager
Quidview’s Device Manager module provides management for H3C series network devices. Panel management, configuration functionality, query and monitoring of various services provide the user with an easy and convenient way to monitor device runtime state and locate device failure.
Cluster management
Cluster management function of Device Manager is for application environment of L2 switches, which manages the network through a device with a designated public network IP address.
Quidview Network Management System
Quidview network management software is a suite of scalable tools for simplifying the network management and
maintenance. Located on network management layer, Quidview implements comprehensive IP-based network management
applications, providing total and unifi ed network management solutions.
With modular design such as Network Management Framework (NMF), Device Manager (DM), Network Confi guration Center
(NCC) and Branch Intelligent Management System (BIMS), Quidview has the powerful ability to construct effective network
management solutions for all network environments at all levels according to user’s demands.
Quidview
Topology Map Fault Management Performance ManagementSoftwar
e / Quidview
Softwar
e / CAMS
Comprehensive access control
CAMS provides multiple access method like PPPoE, 802.1x, Portal and supports multiple services like VoD, etc. Through the dynamic load of service module, CAMS can meets the needs of all kinds of authentication, authorization development.
Service management
Not only supporting traditional account and card users management, CAMS can also support black list, user attributes binding, LAN access services. In addition, CAMS correlates network traffi c with user information to provide a more detailed and more acceptable billing policy.
Ease of use
CAMS provides web-based management interface and powerful self-help function for user. In this way, only a browser, without other software, needs to be installed by the client for data setting and information query. The self-service helps terminal users to query their CDR and balance, and change the password after logon into the specifi ed Web page.
Perfect customized user management
In different user networks environments, CAMS provides customized user management function by adding relevant extra information when opening an account. This information will ease management according to user preferences in different businesses or industries.
Flexible and open accounting policy
Adopting more fl exible charging models, CAMS can satisfy the charging demands of various users. The open charging models enables users to customize the charge rate and modes fl exibly according to their own requirements.
Portal + LDAP
Without installing authentication client software, the Portal Web
Comprehensive Access Management Server
CAMS (Comprehensive Access Management Server) can be used for networking with H3C series networking devices to
provide a total network solution. As the core part for user management in a network, CAMS, collaborating with network
equipment, completes functions such as authentication, authorization and accounting of terminal users to make the network
manageable and highly secure.
CAMS adopts the software/hardware platform of Window and Linux to provide users with a solution of low price, high
reliability and excellent performance. With the distributed modular architecture and TCP/IP based communication mechanism,
CAMS meets the demands of networks for different capacities of management, authorization, authentication and accounting
of users.
CAMS
Modular Architecture
User Management
XLog NTAS
XLog Network Traffi c Analysis System
Based on the statistics and analysis of network traffi c information, H3C XLog Network Traffi c Analysis System (NTAS)
solution discovers network bottlenecks in time, defends against network virus attacks by collecting and analyzing network
traffi c and resource usage, as well as providing the corresponding bandwidth traffi c data targeted at different services
and applications.
Abundant application recognition
Based on Layer 3 protocol number and port number, NTAS can recognize hundreds of known applications (such as Notes, FTP, HTTP) and offer a self-defi nition function to easily identify any new application in the network.
Customer-oriented expert level analysis report form
NTAS offers the industry’s most popular statistics display format conveniently helping users get to know network usage. Users can browse the network report after installing the NTAS system and confi guring the NetStream-enabled network devices.
• Application Statistics Report: provides the infl ow and outfl ow applications and trend chart within a specifi c time period. • Source Statistics Report: shows the traffi c information of source
IP nodes. The pie chart shows the nodes that produce the most traffi c.
• Session Statistics Report: shows the session node traffi c distribution chart and the session node traffi c TOP list.
Quasi Real-time traffi c monitoring
Analyzing the traffi c in time, NTAS generates analysis reports shortly after the network traffi c log is received, making it convenient for users to locate the network abnormality.
Lower network monitoring cost
H3C S95/75 Switches and AR Routers are able to realize the network traffi c analysis by adding boards or software without changing the network topology structure. This is a cost-effective solution featuring high performance and fl exible deployment. It is strongly recommended to confi gure XLog NTAS together with S75 VSNP (Versatile Network Processing) module and S95 NAM (Network Analysis Module) module.
As for some network devices failing to support the NetStream technology, NTAS provides a DIG log collector. DIG log collector can collect the network traffi c information from the mirroring port, generate DIG log for traffi c analysis as long as the network device supports the function of port mirroring.
Application Statistics Report
Source Statistics Report
Session Statistics Report
Softwar
e / XLog NT
Softwar
e / Solution 1-2
Solution 1
Quidview Solution
Solution 2
CAMS Solution
•
Topology Discovery.•
Baseline operation of network equipment configuration files and software image, supporting the confi guration fi les and software image modifi cation alarm.•
Warning / Alarm rank redefi nition. User can defi ne the alarm rank according to practical needs.•
Recovery suggestion for every alarm to help administrator troubleshoot.•
User-defi ned performance threshold with display of comparison diagram between threshold and the real traffi c value.•
Server & PC management such as providing the CPU and memory utilization; TCP, UDP port utilization as well as display hard disk utilization hardware confi guration information.Batch software upgrades as well as single device fast and easy upgrade.
•
Device alarm statistic information. ••
CAMS can be applied as the authentication / authorization / accounting server in campus networks and networks covering the commercial / residential buildings, as well as the user authentication and access control management system in enterprise networks. It also provides the user log function to record the on-line activities of users for monitoring.Softwar
e / Solution 3
Solution 3
XLog NTAS Solution
Network Optimization
NTAS solution helps network administrators to know in a timely fashion, the network load and network application resources usage, detect the inappropriate network structure or network performance bottle-neck early, make decisions on the network optimization as well as provide high-quality network services and avoid the network bandwidth bottle-neck.
Network Planning Reference
A variety of trend reports formed by NetStream log and long term network bandwidth monitored by NTAS help network administrators to trace and forecast the growth of network link traffic and effectively plan the network upgrade (e.g. add routing services, ports or use the interface with higher bandwidth).
Besides monitoring the Internet egress traffic, NTAS monitors different application traffic in LAN to help network administrators understand the bandwidth occupation by a variety of applications. NTAS can also monitor whether the application is running normally.
Network Traffic Abnormality Monitoring
The network administrator needs to seek the real solution for troubleshooting when the network performance jumps or falls abruptly. Traffic and application trend analysis within a certain time period provided by the NTAS help to find whether network traffic jumps or falls, analyze which user produces the most traffic and the applications used that bring about network performance problems. According to the final analysis result, network administrators can quickly solve the network abnormality and ensure the normal running of networks.
Softwar
e / Solution 4
Solution 4
BIMS Branch Intelligent Management Solution
Branch Intelligent Management System (BIMS) solution is introduced to perform centralized monitoring and management on the devices that are dynamically addressed with DHCP or located across the NAT boundary. Addressing the distinct need of managing numerous widely distributed network edge devices, BIMS considerably improves the management efficiency and reduce operating costs for organizations.
Ease the remote management for network devices across the NAT boundaries
The proactive devices and intelligent BIMS servers in BIMS let the connection be originated by device and make it easy for devices to penetrate the NAT easily even in case of multiple levels of NAT.
Simplify the management of devices that are addressed dynamically
BIMS identifies the device by the unique device ID instead of device IP address. Therefore, no mater the devices have either public or private network IP addresses, even the IP address is frequently changing, the BIMS server can identify them all accurately.
Upgrade device configurations in batches
The BIMS automates batch update or upgrade on configuration files and operating system software image for network devices; this is especially convenient when numerous similarly configured devices need update their configuration. BIMS automates the may time-consuming steps required to upgrade while reduce the error-prone complexities of the upgrade process.
Holistically monitor the edge device
•
Monitor the running status of the device•
Monitor and audit the configuration change of the device•
Monitor the process of device upgradeFast Locate faults and recover services
•
Back up the configuration files of the device, and provide comparison function of the configuration files•
Record the upgrade history of the devices•
Record the detailed record of interaction between the devices and BIMS serverFlexible security mechanism
Users can select the data encryption mechanism according to their network security requirement, pre-shared key or industrial-standard SSL mode provided by BIMS guarantee the secure communication.
Softwar
e / Solution 5
Solution 5
IPSec VPN Service Management Solution
The Quidview IPSec VPN service solution is composed of multiple independent service modules like VSM (VPN Service Monitor), VDM (VPN Service Deployment Manager) that are seamlessly integrated with the NMF (Network Management Framework). These modules provide users with a configuration wizard to deploy their VPNs and automatic error tolerance to ease error-prone tasks, etc.
Intuitively showing the VPN channels, VPN topology allows users to directly manage the VPN devices on the topology. At the same time IPSec VPN channel traffic and VPN network performance can be monitored in real time.
•
IPSec VPN service configuration wizard to guide users to configure IPSec VPN devices and construct VPN networks•
Many frequently-used default configurations & predefined configuration parameters enables users quickly configure IPSec VPN services•
Configurations based on the network domains can be automatically assigned to all the devices in the domain•
Clear function clears unnecessary redundant configurations on devices in the event of reconfiguration or configuration delivery failure•
Auto discovery constructs an intuitive and easy-to-use VPN topology•
Monitor IPSec & IKE tunnels / negotiation process / key indexes such as CPU load of IPSec VPN devices•
Multiple display modes to clearly present VPN performance data vividly•
Distinctive At-a-Glance and TopN functions•
Report export and History data analysis functions•
Threshold values can be set for user-concerned about performance parameters and an alarm will be sent once performance values exceed thresholds•
Real time receiving of alarms from IPSec VPN devices and locate key alarm data by powerful filtering function•
Audible & visual alarms, E-mails or short messages to the administratorSolution 6
Endpoint Admission Defense Solution
Softwar
e / Solution 6
Endpoint Admission Defense (EAD) solution integrates the network access control and the endpoint security products to enforce the security policies on user endpoints that get access to the network. Through the collaboration of security client, security policy server and cooperative network device along with antivirus software products and software patch management products, end users’ network activity is strictly controlled with enhanced and active defense capabilities. With guaranteed user endpoint self defense capability, user endpoints can be accessed securely with activity being controlled to improve network security.
Comprehensive security evaluation
Through endpoint security evaluation, only the compliant endpoints complying with corporate security policy are allowed to access network resources. EAD also checks the running of application programs installed at endpoint, shared folder or file, as well as providing enforced patch update and virus definition upgrade management.
Real time non-compliant user quarantine
Non-compliant user endpoint have restricted access privileges only to those network resources like antivirus server, patch server for system repair. If the virus infection occurs during online process, EAD solution can quarantine the infected users in real time.
Identity based network service
After passing a security check, EAD delivers the preconfigured access control policy to endpoint security client, based on the user identity, such as ACL access policy, QoS policy, Proxy prohibition, dual NICs checking can all be jointly managed.
Expandable and open security solution
EAD solution is easily implemented by simple upgrade for device, antivirus software or software patch management products. The interaction with EAD components is implemented on open and standard protocols. Currently EAD solution supports Norton from Symantec, VirusScan from McAfee, and PC-cillin from Trend Micro. The software patch management product like Windows Server Update Services (WSUS) from Microsoft is also supported.