Securing CA NSM Objects › How Security Management Works

How Security Management Works

Security Management provides a policy‑based layer of security that works with native operating system security to provide enhanced security, including the following:

• Controlled resource access by users with administrator privileges; you can delegate operator or support functions that require administrator authority, such as loading management policy, without allowing the user complete access to your policy records
• Restricted access to critical management systems such that important policy records are not removed or modified

One of the most important advantages of a policy‑based security system over access control lists (ACLs) is that systems are protected, not by their physical attributes and ACLs, but rather by security policies you define. These security policies are stored in the MDB.

By configuring default DENY security policy, newly created management policy is protected automatically. This set‑and‑forget nature of policy‑based security is the key to managing hundreds of users on a system as easily as you can manage a dozen.