When defining the functional categories for users, consider the VMware Smart Assurance security implementation. For each user category, determine the following:
-
List the specific VMware Smart Assurance managers that must be accessed by the users in the category. If necessary, divide a category. For example, in a category of network administrators, some users require access to managers in Asia, other users require access to managers in Europe, and still other users require access to all managers. In this case, the network administrators category could be divided into three categories to match these user needs while maintaining tighter security.
-
Determine what functionality must be accessed by users in this category. VMware Smart Assurance software is designed so that users can be classified into levels that define access:
-
All - A level where users can access all Global Console functionality available for one or more VMware Smart Assurance Managers, if their user profile permits it.
-
Monitor - A level where users can access only Global Console monitoring functionality, not administrative functionality, at one or more VMware Smart Assurance Managers, if their user profile permits it.
-
Ping - A level normally reserved for VMware Smart Assurance processes, where processes will ping hosts where other VMware Smart Assurance processes are installed to determine if the hosts are running.
-
None - A level that specifically excludes access to the Global Console.
These types of security access are defined in the serverConnect.conf file located in the BASEDIR/smarts/local/conf directory on the servers where VMware Smart Assurance software is installed.
-