Raritan Paragon II, Руководство по развертыванию

Страница: 47 / 64

C
HAPTER
7: A
DDING
A P
ARAGON
II S
YSTEM
T
O
C
OMMAND
C
ENTER
S
ECURE
G
ATEWAY
39
1. Click on the Users tab.
2. On the Users menu, click User Group Manager , and then Add User Group . Alternatively,
right-click on the space next to the list of user groups and select Add User Group . The Add
User Group screen appears.
3. Type the group name in the User Group Name field.
4. Type the group description (for example, based on department, region, or assignment) in the
Description field.
5. Click on the Privileges tab, and select the checkbox that corresponds with each privilege you
want to assign to the user group. Most user groups should have Node Access privilege(s)
enabled to allow them to access systems and servers.
6. Click on the Device/Node Policies tab. A policy represents a rule allowing or denying access
to a group of nodes.
7. Click on a line item in the All Policies list (under the All Policies panel) that you wish to
assign to the group.
8. Click Add to add the policy to the Selected Policies list. Policies in the Selected Policies list
allow or deny access to the nodes or devices controlled by the policy.
9. To remove an assigned policy from the Selected Policies list, select the policy line item and
click Remove .
10. Click OK to add the group.
11. Repeat steps 1 through 7 to add other groups.
Create/Edit Device and Node Groups
CC-SG uses device and node groups to control user access. Policies can be applied to specific
device or node groups that allow or deny access to those devices or nodes specified in the group.
For example, if you wanted to restrict user access to only UNIX ports, you would create a node
group that included only UNIX ports. Then you would create a policy that included this node
group and apply it to the desired user group.
Device/node groups and associated policies can be created with the Guided Setup command. See
CommandCenter Secure Gateway Administrator Guide for more information if you want to
add more specific rules.
Add Users to User Group
You now need to add users or drag and drop an existing user to the user group that has been
assigned a policy. These users will then be able to login to the CC-SG and have access or be
denied access to the ports as specified in the policy.
1. Click on the Users tab and select the user group you wish to add the user to.
2. On the User menu, click User Manager , and then Add User . Alternatively, right-click on a
user group and select Add User . The Add User screen appears.
3. Type the user’s name in the Username field.
4. Check the Check Remote Authentication check box only if the user should be
authenticated by an external server, such as , RADIUS, LDAP, or AD. Note :
Checking the Check Remote Authentication box implies that a remote server is being used
for authentication. If so, a local password is not needed and the New Password and Retype
New Password fields are greyed out.
5. If using local authentication, type the new password into the New Password field.
6. If using local authentication, re-type password in Retype New Password field.
7. Type the user’s telephone number in the Telephone Number field, if needed.
8. Check the Login Enabled check box to authenticate against the system (if not, user cannot
enter the system).