User Guide
OmniVista SafeGuard Manager Administration Guide
174
Chapter 7: Managing the Server
User Authentication
An integral part of any security solution is access control, which is the way you control
user access into the network and what services users are allowed to use after they have
access. Authentication, Authorization, and Accounting (AAA) is an industry accepted
framework that implements access control. This section focuses on the authentication
component and how an administrator can set user authentication using OmniVista
SafeGuard Manager.
SafeGuard OS has a local authentication mechanism built-in to the authentication
manager. You can use SafeGuard OS’ authentication in stand-alone mode or use it with
external authentication servers such as RADIUS. The local system also serves as a local
mechanism to derive the role for a given user.
The database contains an entry for each user, which includes the user name, password,
and the role being assigned to the user. The user role can be derived based on the rule
map configured for the authentication protocol.
In addition to local database authentication, OmniVista SafeGuard Manager users can be
authenticated using an external RADIUS server. The OmniVista SafeGuard Manager
administrator logs in for the first time and configures OmniVista SafeGuard Manager to a
RADIUS server. The administrator sets up user accounts requiring all subsequent log ins
by all users to be authenticated by RADIUS.
To change user authentication to an external authentication server (RADIUS):
1 Select Too ls > OmniVista SafeGuard Manager Users > User Authentication. The Edit
Authentication dialog box displays (Figure 111).
Figure 111 Edit Authentication
2 By default the users are authenticated locally. Select RADIUS from the
Authentication Server dropdown list.