exceleron single sign on (contact: info@exceleron-communications.com)
Post on 12-Jun-2015
314 Views
Preview:
DESCRIPTION
TRANSCRIPT
TM
SINGLE SIGN ON SYSTEM
Exceleron Evolutionary Access Management System for Telecommunication Industry
TM
SINGLE SIGN ON SYSTEM DEFINITION
Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them.
TM
SINGLE SIGN ON SOLUTION OVERVIEW
• Improved Security through the reduced need for a
user to handle and remember multiple sets of
authentication information.
• Increased Ease of Use and better implementation of
security schemes
• Improved Response, by system administrators in
adding and removing users to the system or
modifying their access rights.
• Better Visibility into user activities
TM
SINGLE SIGN ON SOLUTION OVERVIEW
• Reduction in the time taken by users in sign-on
operations to individual domains, including
reducing the possibility of such sign-on operations
failing
• Better Administrative Policy Control by managing
password policies, workstation restrictions, lock-out
controls, and more, without having to perform
additional tasks in the cloud
TM
SINGLE SIGN ON SYSTEM DESIGN
TM
SINGLE SIGN ON SYSTEM OVERVIEW
• Single login server will be used to authenticate and
authorized users to access different
workstations/EMS/OMC/NMS
• User matrix with access rights and roles will be defined at
the single login server from administrative server, the
creation, deletion, and modification of user accounts shall
be supported
• SSO will initiate session with OMC both graphically (visually)
or through command line (telnet/ssh/rlogin) interface (as
applicable)
TM
SINGLE SIGN ON SYSTEM AUTHENTICATION
• Only one set of credentials will be required for user to login,
Single Sign On will internally perform automated username
and password mapping of OMC privileged accounts.
• That one set of credentials can be authenticated via
• LDAP
• through an internal database
• Through an external database (Oracle, SQL Server, DB2, Sybase)
• a combination of any of the above.
TM
SINGLE SIGN ON SYSTEM UI
• Robust Windows desktop application and light-weight web
application for command-line access to the monitored
servers
• For accessing the servers via GUI, a light sign-on utility will
run on the front end desktop machines to support multiple
sessions.
TM
SINGLE SIGN ON SYSTEM LOGGING
• All command-line interaction is logged in the SSO server for
security purposes.
• Customizable reporting available through Reporter Module
TM
SINGLE SIGN ON SYSTEM CUSTOMIZATIONS
• Higher level restrictions can be applied for the users logging
on using SSO.
• Example: Even if the connected server allows its logged in user
to run specific commands but these commands can be blocked
at the SSO layer
• A set of commands can be run automatically by just clicking
a button
• Example: The SSO automatically runs a command to get status
of all the ports, then restart down ports sequentially
TM
Thank You!
top related