What is NFM-P user security?
NFM-P user management scope
NSP Users and Security, rather than the NFM-P, manages NFM-P GUI client access. To gain GUI client access, an NFM-P operator must sign in to the NSP UI.
Note: NFM-P user management is limited to NFM-P XML API client access; for such users, the NFM-P user group properties define the level of XML API access using the mechanisms described below.
User security mechanisms
This section describes the NFM-P user security mechanisms for providing and restricting access to various objects and functions. NFM-P user security includes the following:
-
user group and account management, which involves the following elements:
-
Scope of command roles — contains the roles that define the level of user control in NFM-P functional areas such as the read, create, update, and delete access permissions
-
Scope of command profiles — contains the appropriate scope of command role for the types of tasks to be performed
-
Span of control — list of objects to which a user has access
-
Span of control profiles — contains the required spans that allow group access to specific NFM-P objects
-
Span rules — directs the NFM-P to add new services to other spans in addition to the Default Service span
-
-
global security parameters such as password expiry periods, the allowed number of login attempts, and any automated security e-mail notifications.
-
managing user-group workspaces, which are customized configurations of NFM-P GUI elements; see “NFM-P custom workspaces” in the NSP NFM-P User Guide for comprehensive workspace information
-
deleting NFM-P security elements that are no longer required, such as inactive user accounts or user groups.
-
configuring task monitoring parameters and monitoring the progress of operational tasks:
Note: See Appendix A, Classic management scope of command roles and permissions for a list of the permissions, access levels, and descriptions of all predefined scope of command roles and profiles.