Manualshelf

User's Manual

ManualsBrandsAvaya ManualsGatewayAvaya B5800 Branch Gateway Manager
61626364656667686970
Avaya Branch Gateway Manager 10.0 Page 65
15-601011 Issue 29r (Friday, November 02, 2012)B5800 Branch Gateway
Security Mode: The Security Mode Interface
3.4 Security Administration
This section also covers a basic introduction to security principles and the security mechanisms.
· NOTE: If administration security is of no concern, the default settings allow modification of all system features
without restriction. It is recommended as a minimum that default passwords are changed.
1. Introduction
Administration security is achieved using a number of optional cryptographic elements:
· Access control to prevent unauthorized use.
· Encryption to guarantee data remains private.
· Message Authentication ensures data has not been tampered with.
· Identity assures the source of the data.
2. Access Control
Access to configuration, security settings and SSA is controlled by the use of service users, passwords and Rights Groups.
All actions involving communications between the Branch Gateway Manager user and the system require a service user
name and password. That service user must be a member of a Rights Group configured to perform the required action.
In the example illustrated above:
· Service user X can read and write the configuration. However they can only edit Operator settings and can only
make changes that can be merged.
· Service user Y can read and write the configuration, edit all settings and make changes that require reboots.
· Service user Z can read and write the configuration, edit all settings and make changes that require reboots. They
can also access the security settings.
· The Security Administrator can only access the security settings.
Security Administrator
By default the security administrator is the only user who can access the system's security settings using Branch
Gateway Manager's security mode.
Service Users
Each service user has a name, a password and is a member of one or more Rights Groups.
Rights Groups
The Rights Groups to which a service user belongs determine what actions they can perform. Actions available to Rights
Groups include configuration actions, security actions and system status actions.
Where a service user has been configured as a member of more than one Rights Group, they combine the functions
available to the separate Rights Groups.