In order to effectively manage users' Internet access, network administrators should establish user access management systems as soon as possible to improve the efficiency of using Internet dedicated lines for enterprise internal network access. A complete user access management system should have the following functions.
1. Internet permission management function
You can set the permissions for each user and each computer to access the Internet: organize the user or computer into a user group, and set the time period to which the user or computer belongs is based on the time period that can be configured as the time unit, and set the time period that allows the Internet to be accessed; you can easily change the group to which the user or computer belongs according to the adjustments of personnel, computers or departments. Through this feature, network administrators can assign Internet access to departments and employees who really need it, avoiding wasting resources.
2. Access content management function
Restrict users to access certain bad content websites or websites that are not related to work during working hours to prevent employees from misuse of Internet resources. An ideal system should be able to provide a website classification database and support networked dynamic updates of the database. Network administrators can customize their Internet access policies according to their needs through the functions provided by the database, and can add and delete website addresses that need to be managed by themselves.
3.1P address management function
Address management means that network administrators can monitor and bill users' access to the Internet according to the II) address of the user's computer in various modes. The IP addresses of the enterprise intranet can be divided into the following types of management.
(1) Prohibit access to the Internet's IP address.
(2) The IP address that allows access to the Internet, but requires login and is accounted for. After the user logs in with a computer with such an IP address, the access to the Internet will be recorded on the logged-in user's account.
(3) The IP address that allows access to the Internet is not required to log in but is accounted for. Users do not need to log in when accessing the Internet using computers with such IP addresses (and they are not allowed to log in). Access to the Internet will be recorded on the account of the IP address.
(4) The IP address that allows access to the Internet does not require login and accounting. Users use computers with such IP addresses to access the Internet without logging in or fees.
4. Monitoring and auditing function
Ability to conduct real-time online monitoring and post-audit audit of users' Internet behavior. Network administrators should be able to monitor the live user access to the haternet in real time and be able to abort Internet access connections with designated users or specified IP addresses in real time. The system can record the Internet access status of all users to the log file one by one in chronological order. One log file per day. In addition, the system should also provide the function of selecting audit objects in a targeted manner. Using this function, network administrators can set up a system to record the audited user's Internet access behavior one by one to audit files named after the user's name or named the IP address of the computer used by the user. The system should provide log and audit record review functions. The system should also be able to read log files or audit files and generate reports of different categories based on history, such as web page access, sending and receiving emails, downloading software, downloading files, etc. Through these reports, network administrators can understand the following situations.
(1) You can query the records, access time, and related data traffic of each user or computer in the enterprise's internal network.
(2) You can view the visits of a website at any time to show which user has visited the website and the specific web pages he has visited.
(3) You can view the URL list of the Internet access by the enterprise intranet users in a certain time period, as well as the classification list and statistics according to the nature of the website, so that network administrators can analyze users' Internet access behavior and make targeted adjustments to Internet access management strategies.
Through various reports, network administrators are well aware of the Internet usage of each user in the enterprise's internal network, and can obtain data basis for various issues in network resource management in order to make more accurate relevant decisions.
5. Billing control function
The system should provide the function of billing according to users and user groups, and dynamically accumulate billing based on the user's access to the Internet; it should be able to set a billing threshold for the specified user or IP address. When the billing exceeds the threshold, the system can automatically stop its Internet access permissions.
6. Access cache function
An ideal user access management system should provide access caching function, which can save the Internet pages accessed by the enterprise intranet users for users who have the same requirements in the future. Using cache can not only avoid repeated communications of the same web page, but also saves considerable network communication costs for institutions, but also enables enterprise intranet users to get quick responses when accessing the same web page.
7. Bandwidth management function
Using the bandwidth management function, network administrators can allocate different network resources to different departments and personnel and at different times according to their needs, and set up their uplink bandwidth and downlink bandwidth for important users and ordinary users respectively, so that the Internet access behavior between different departments and different users will not affect each other, effectively preventing some users or departments from abused network resources and affecting the Internet access of other users.
8. Data backup function
The system should provide data backup and recovery functions, and network administrators can regularly back up user management data and user online records. When an unexpected situation occurs in the system and the data is corrupted, data recovery can be carried out quickly.
1. Internet permission management function
You can set the permissions for each user and each computer to access the Internet: organize the user or computer into a user group, and set the time period to which the user or computer belongs is based on the time period that can be configured as the time unit, and set the time period that allows the Internet to be accessed; you can easily change the group to which the user or computer belongs according to the adjustments of personnel, computers or departments. Through this feature, network administrators can assign Internet access to departments and employees who really need it, avoiding wasting resources.
2. Access content management function
Restrict users to access certain bad content websites or websites that are not related to work during working hours to prevent employees from misuse of Internet resources. An ideal system should be able to provide a website classification database and support networked dynamic updates of the database. Network administrators can customize their Internet access policies according to their needs through the functions provided by the database, and can add and delete website addresses that need to be managed by themselves.
3.1P address management function
Address management means that network administrators can monitor and bill users' access to the Internet according to the II) address of the user's computer in various modes. The IP addresses of the enterprise intranet can be divided into the following types of management.
(1) Prohibit access to the Internet's IP address.
(2) The IP address that allows access to the Internet, but requires login and is accounted for. After the user logs in with a computer with such an IP address, the access to the Internet will be recorded on the logged-in user's account.
(3) The IP address that allows access to the Internet is not required to log in but is accounted for. Users do not need to log in when accessing the Internet using computers with such IP addresses (and they are not allowed to log in). Access to the Internet will be recorded on the account of the IP address.
(4) The IP address that allows access to the Internet does not require login and accounting. Users use computers with such IP addresses to access the Internet without logging in or fees.
4. Monitoring and auditing function
Ability to conduct real-time online monitoring and post-audit audit of users' Internet behavior. Network administrators should be able to monitor the live user access to the haternet in real time and be able to abort Internet access connections with designated users or specified IP addresses in real time. The system can record the Internet access status of all users to the log file one by one in chronological order. One log file per day. In addition, the system should also provide the function of selecting audit objects in a targeted manner. Using this function, network administrators can set up a system to record the audited user's Internet access behavior one by one to audit files named after the user's name or named the IP address of the computer used by the user. The system should provide log and audit record review functions. The system should also be able to read log files or audit files and generate reports of different categories based on history, such as web page access, sending and receiving emails, downloading software, downloading files, etc. Through these reports, network administrators can understand the following situations.
(1) You can query the records, access time, and related data traffic of each user or computer in the enterprise's internal network.
(2) You can view the visits of a website at any time to show which user has visited the website and the specific web pages he has visited.
(3) You can view the URL list of the Internet access by the enterprise intranet users in a certain time period, as well as the classification list and statistics according to the nature of the website, so that network administrators can analyze users' Internet access behavior and make targeted adjustments to Internet access management strategies.
Through various reports, network administrators are well aware of the Internet usage of each user in the enterprise's internal network, and can obtain data basis for various issues in network resource management in order to make more accurate relevant decisions.
5. Billing control function
The system should provide the function of billing according to users and user groups, and dynamically accumulate billing based on the user's access to the Internet; it should be able to set a billing threshold for the specified user or IP address. When the billing exceeds the threshold, the system can automatically stop its Internet access permissions.
6. Access cache function
An ideal user access management system should provide access caching function, which can save the Internet pages accessed by the enterprise intranet users for users who have the same requirements in the future. Using cache can not only avoid repeated communications of the same web page, but also saves considerable network communication costs for institutions, but also enables enterprise intranet users to get quick responses when accessing the same web page.
7. Bandwidth management function
Using the bandwidth management function, network administrators can allocate different network resources to different departments and personnel and at different times according to their needs, and set up their uplink bandwidth and downlink bandwidth for important users and ordinary users respectively, so that the Internet access behavior between different departments and different users will not affect each other, effectively preventing some users or departments from abused network resources and affecting the Internet access of other users.
8. Data backup function
The system should provide data backup and recovery functions, and network administrators can regularly back up user management data and user online records. When an unexpected situation occurs in the system and the data is corrupted, data recovery can be carried out quickly.