All of the asset access controls provided in Security Management are maintained through policies you define in the MDB. Once these policies are set, they are enforced until the security administrator changes them.
Additionally, all access violation attempts are routed to the Event Console Log, providing a real-time window into security activity.
The primary policy definitions used in managing security policies are as follows:
User groups logically group users and access permissions together, providing a role-based security policy. Defining user groups is optional and is not tied to the native OS user groups.
Assets describe specific occurrences of a protected entity, such as an Enterprise Management calendar object. Users can be given access to an asset directly by granting permission to the user, or indirectly by granting permission to a user group of which the user is a member.
Asset groups describe multiple assets with similar attributes; for example, all the Enterprise Management components to which a user group has CONTROL access. As with assets, users may be given access to an asset group directly by granting permission to the user, or indirectly by granting permission to a user group of which the user is a member.
|
Copyright © 2010 CA.
All rights reserved.
|
|