Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2007 Eaton Corporation. All rights reserved. Foreseer WebViews Security FE Level II, Rev. B June 17, 2008.

Published byMeryl Barker Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2007 Eaton Corporation. All rights reserved. Foreseer WebViews Security FE Level II, Rev. B June 17, 2008."— Presentation transcript:

1 © 2007 Eaton Corporation. All rights reserved. Foreseer WebViews Security FE Level II, Rev. B June 17, 2008

2 Foreseer WebViews Security Windows Authentication Unique Windows Groups Supports Local Authentication Supports Active Directory

3 Windows Authentication Local Authentication Windows Users Created On Foreseer Server Computer Windows Groups Created On Foreseer Server Computer Administrative Rights Required Computer Management Most Difficult to Manage

4 Windows Authentication Active Directory Foreseer Server Must Be Member of Customer’s Domain Assistance Required From Customer’s Network Administrator User Accounts Reside on Active Directory Domain Groups Created on Foreseer Server Computer Requires Administrative Rights on Foreseer Server Computer Requires Appropriate Rights on Domain Easiest to Manage – Password Change in Other Application Changes it for WebViews Users need log on locally permissions on Foreseer Server computer

5 Windows Groups Excluding NY TRACON & OEX Exact Syntax Required 4crAdminAccess Controls Access to WebViews Editor URL Members Do Not Automatically Have Rights of Other WebViews Groups 4crRootAccess Controls Access to View WebViews Pages Required if Folder Level Access Will Be Needed

6 Windows Groups Excluding NY TRACON & OEX 4crAlarmsAccess Controls Access To Alarm Actions Acknowledgement Arming 4crChanPropsAccess Controls Access to Channel Property Changes Alarm Thresholds Alarm Messages User Defined Equations 4crControlAccess Controls Access to Control Functions

7 Windows Groups NY TRACON & OEX Exact Syntax Required Group Name - PXSauthADMIN Members have all rights in WebViews Members can edit (Webadmin URL) if licensed Group Name - PXSauthROOT Members can view all WebViews pages (full access to the WebViews tree) Members can view Alarms Group Name – PXSrightAlarmActs Members can acknowledge/rearm alarms from Alarm Management Members can view all WebViews pages (full access to the WebViews tree)

8 Windows Groups NY TRACON & OEX Group Name - PXSrightViewAlarms Members can view the Alarm Management page but cannot acknowledge/rearm alarms Members can view all WebViews pages Group Name - PXSrightEditProps Members can view and save changes to Channel Properties Members can view all WebViews pages Group Name - PXSauthNONE Disables all authentication requirements. A user login will not be required to view pages, edit pages, acknowledge/rearm alarms, change channel properties, etc. This group should be used with extreme care. It grants full access to everyone.

9 Branch Level Access Used to Restrict Access to WebViews Pages Requires Additional Windows Groups Group Name will contain the name of the WebViews folder Members can only view pages Restricted from viewing Alarm Management, Reports, and they cannot graph. Membership in any other group overrides Branch Group

10 Branch Level Access ! Root Building ABranch UPS 1Child UPS 2Child Building BBranch SwitchgearChild GeneratorChild

11 Branch Level Access Naming Groups PXSbranch+folder name PXSbranchBuilding A PXSbranchBuilding B Not Acceptable – Cannot be at Child level in the tree PXSbranchUPS 1 PXSbranchSwitchgear

12 Authentication vs. Authorization Authentication is a check of the credentials entered (user/password combination). If the information is valid, the user is authenticated. Authorization is a check to determine if an authenticated user can perform the requested action. If a user is not authenticated (bad credentials), authorization is not checked. If a user is authenticated (good credentials), but does not have rights to perform an action, authorization fails.

13 User OK Password OK Group OK How It Works Local Authentication http://WebViewsUser??/Password??Joe/12345Page Sent User NO or Password NO or Group NO Access Denied

14 How It Works Active Directory – Valid Credentials http://WebViewsUser??/Password??Joe/12345 User OK Password OK Page Sent Joe/12345 Joe Authenticated Domain Controller Group OK Group NO Access Denied

15 Group not Checked How It Works Active Directory – Credentials Invalid http://WebViewsUser??/Password??Joe/12345Access Denied Joe/12345 Domain Controller User NO or Password NO Not Authenticated

16 Version Comparison NY TRACON & OEX More Access Control Branch Level Available Special Group Required to Disable Security Permissions Checking All Others Basic Access Control Branch Level Unavailable Enabled/Disabled through Properties on Server No Permissions Check

Download ppt "© 2007 Eaton Corporation. All rights reserved. Foreseer WebViews Security FE Level II, Rev. B June 17, 2008."

Similar presentations

Managing User, Computer and Group Accounts

Managing User, Computer and Group Accounts
Chapter Five Users, Groups, Profiles, and Policies.

Chapter Five Users, Groups, Profiles, and Policies.
Policing the Power of Identity Controls Power Behavior Verify that controls are in place and functioning Monitor user behavior and verify that people.

Policing the Power of Identity Controls Power Behavior Verify that controls are in place and functioning Monitor user behavior and verify that people.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Windows Server 2003 使用者群組管理 林寶森

Windows Server 2003 使用者群組管理 林寶森
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 5: Managing File Access.
Authenticating Users in an ASP.NET Application. Web Site Administration Tool From VS 2008, click Website/ ASP.Net Configuration to open Web Site Administration.

Authenticating Users in an ASP.NET Application. Web Site Administration Tool From VS 2008, click Website/ ASP.Net Configuration to open Web Site Administration.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:

Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
11 MANAGING USERS AND GROUPS Chapter 13. Chapter 13: MANAGING USERS AND GROUPS2 OVERVIEW  Configure and manage user accounts  Manage user account properties.

11 MANAGING USERS AND GROUPS Chapter 13. Chapter 13: MANAGING USERS AND GROUPS2 OVERVIEW  Configure and manage user accounts  Manage user account properties.
1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.

1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.

Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.
Ins and Outs of Authenticating Users Requests to IIS 6.0 and ASP.NET Chris Adams Program Manager IIS Product Unit Microsoft Corporation.

Ins and Outs of Authenticating Users Requests to IIS 6.0 and ASP.NET Chris Adams Program Manager IIS Product Unit Microsoft Corporation.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
Web Server Administration Chapter 5 Managing a Server.

Web Server Administration Chapter 5 Managing a Server.

Similar presentations

Ads by Google