In order to effectively manage users ' access to the Internet, network administrators should establish user access management system as soon as possible to improve the efficiency of intranet Internet access. A complete user access management system should have the following functions.
1. Internet Rights Management function
You can set permissions for each user and each computer to access the Internet: organize users or computers into user groups, in a time unit that can be configured for a period of time, in groups as an administrative unit, to set the period allowed for Internet access, and to easily change the group to which a user or computer belongs, depending on the adjustment of the person, computer, or department. With this feature, network administrators can assign Internet access to the departments and employees they really need to avoid wasting resources.
2. Accessing Content management features
Restrict user access to certain content-poor sites or work-related sites during working hours to prevent employees from abusing Internet resources. An ideal system should be able to provide a Web site classification database and support the dynamic updating of the database network. Network administrators can customize their Internet access policies, as needed, through the functionality provided by the database, and can add and remove Web site addresses that need to be managed on their own.
3.IP Address management function
Address management means that a network administrator can monitor and charge users ' access to the Internet in a variety of modes, based on the address of the user's computer (ii). You can divide the IP address of an intranet into the following types of management.
(1) Prohibit access to the IP address of the Internet.
(2) Allow access to the Internet IP address, but need to log in and account. Once a user has logged on to a computer with such an IP address, access to the Internet will be recorded on the logged-on user's account.
(3) Allow access to the Internet IP address, do not need to log in but the account. Users with such an IP address do not need to log on to the Internet when they access the computer (nor do they allow the user to log on). Access to the Internet will be recorded on the account of the IP address.
(4) Allow access to the Internet IP address, do not need to log in and account. Users using this type of IP address are not required to log on to the Internet without the cost of accessing the computer.
4. Monitoring Audit function
Be able to conduct real-time online monitoring and post audit on users ' Internet behavior. The network administrator should be able to monitor the user's access to haternet in real time and be able to abort the Internet access connection for the specified user or the specified IP address in real time. The system can record all users ' Internet access to the log file in chronological order. Log files one at a day. In addition, the system should also provide a targeted selection of audit object function.
With this function, the network administrator can set up a system to record the internet behavior of the audited users in an audit file named after the user name or the IP address of the user's computer. The system should provide log and audit record lookup functions.
The system should also be able to read log files or audit files, generate different types of reports based on historical records, such as Web Access, email, download software, download files, and so on. Through these reports, the network administrator can master the following conditions.
(1) You can query the intranet of each user or each computer access to the Internet records, access time, related data traffic.
(2) can look at any time, a site is visited, showing exactly which user visited the site and the specific pages visited.
(3) can view a period of time, intranet users access to the Internet Web site list, as well as according to the nature of the site classification list and statistics, to facilitate network administrators to analyze the user's Internet behavior, targeted to make Internet access management policy adjustment.
Through a variety of reports, so that the network administrator on the intranet of each user to use the Internet is very familiar with the network resource management for all kinds of problems can get data basis, in order to make more accurate related decision-making.
5. Billing control function
The system should provide the billing setup according to the user and the user group, according to the user access to the Internet dynamic billing accumulation; you should be able to set up a billing threshold for the specified user or IP address, and the system can automatically stop its Internet access when the billing exceeds the threshold.
6. Access Caching function
An ideal user access management system should provide access caching to enable users of intranet users to access the Web pages to be saved for use by those who follow the same requirements. The use of caching not only avoids the repeated access to the same Web page, saves the organization considerable network traffic costs, but also enables intranet users to respond quickly when accessing the same Web page.
7. Bandwidth management function
Using the bandwidth management function, the network administrator can assign different network resources to different departments and people at different time, and set up their uplink bandwidth and downlink bandwidth to the important users and ordinary users, so that the behavior of the Internet between different departments and users will not affect each other. Effectively prevent some users or departments misuse of network resources and affect other users of Internet access, it is noteworthy that at present in the LAN host bandwidth, traffic management, compared with the typical representative of the software, can real-time, dynamic display of LAN each host bandwidth flow, more intuitive, And it can be controlled very conveniently.
In addition, the control of bandwidth, the key is to the LAN host of Peer-to-peer download effective management, because these tools can exhaust most of the bandwidth of the enterprise, and this aspect of the blocking Peer-to-peer tools, whether from the number or effectiveness of the effects are very obvious, such as plugging domestic other network management software generally can not block the Thunderbolt, A little mouse can be completely controlled, extremely convenient.
8. Data Backup function
The system should provide data backup and recovery functionality, and network administrators can regularly back up user management data and user access records. The data can be recovered quickly when the system is in an unexpected situation and the data is destroyed.