Nortel Networks NN44470-100 manual User accounts, Security Auditor SA

Page 27

- 27 -

MAS administration and security

User accounts

This section introduces the concept of multiple users and user roles. To accommodate customers who wish to use the shared account methodology, support for the use of the shared administrator account is provided.

When a user is added to the system, it is defined as filling one of these user roles assumes the ability to perform the administrative functions associated with that role.

Individual user accounts provides full accountability and monitoring of individual user actions on the system. User accounts are managed on an individual basis for each server; it is the responsibility of the customer to create each individual user account and to ensure that identical users are created on each server within the MAS environment.

Each individual user account has a password that is processed through the password complexity profile and can be enabled or disabled by a Security System Administrator as required.

To maintain the accountability with individual users for the security of their account, each individual user should be knowledgeable of only their own password and not of the passwords of other users.

The following user roles (Windows User Groups) are identified with the MAS system:

System Security Administrator (SSA)

The System Security Administrator is ultimately responsible for the complete range of system administration functions, as follows:

•Maintaining Operating System configuration.

•Maintaining hardware and network configuration.

•Maintaining security policy configuration.

•Performing user management functions such as add, delete, or modify accounts.

•Performing certificate management functions.

•Installing and upgrading MAS platform and application software.

•Performing any task or operation within the MAS Console.

Security Auditor (SA)

The Security Auditor (SA) monitors security related events on the MAS system, and manages the security log files, including viewing the security log files and creating backup archives of the security logs.

The Security Auditor does not have permission to run the MAS Console.

Nortel Media Application Server 6.0 for AS 5300

Fundamentals

NN44470-100 01.01 Standard

Release 6.0 03 June 2008

Copyright © 2008, Nortel Networks

Image 27

Contents Fundamentals Page Contents Nortel MAS Console Other changes FeaturesNew in this release NavigationIntroduction Network architecture MAS installationArchitecture and supported hardware and software System architectureMultimedia Controller Session controllerVxml browser SIP Multimedia Conductor SipmcConference media processor Multimedia Content StoreMAS installation IVR media processor IvrmpOptions for MAS application deployment Unified Communications Application deployment optionsMusic On Hold AnnouncementsCo-resident Application Deployment excluding Meet Me Maintenance ReleasesCo-resident deployment Co-resident Application Deployment including Meet MePackaged applications Packaged application installation and licensingMAS commissioning AS 5300 commissioning for MASConfiguration data MAS clustersOperational state Persistent content storage Controller Peer Ring SIP signaling SIP propertiesSIP domains SIP proxy servers SIP accountsSIP trusted nodes SIP routesPremium conferencing algorithm Media conferencingSIP registrar servers Basic conferencing algorithmMixing different codecs Digit relay Media settingsAudio codecs Video codecsConferencing Quality of ServiceQoS properties Property Description Continuous streaming Directory provider RSS provider RSS 2.0 sample document Access security setup MAS administration and securitySecurity Auditor SA User accountsApplication Administrator AA Remote Desktop ProtocolLogon banners Security tools Ipsec configurationFile system integrity and the fcheck tool Certificate managementService and configuration data backup Automatic and manual backupsService data Backup of configuration data Service data Content Store dataRestrictions System maintenance BackupsEvent logs MAS performance management MAS fault management Fault management architecturePolling management data Supported MIBs Snmp managementEvent logs SyslogField Description Security LogsMAS Console security logs AlarmsField Description Generic Counters & Gauges Nortel MAS ConsoleIP Interfaces Nortel MAS ConsoleLogging SignalingMedia Settings Advanced SettingsDialog boxes Configuration propertiesTranslation properties Translation Properties dialog box SIP Domain Properties dialog box SIP domain propertiesSIP account properties SIP route properties SIP Trusted Nodes propertiesModify SIP Route dialog box Audio codec configuration Video codec configuration Video Codec Configuration dialog box Digit relay configuration Users properties User Properties dialog box Terminology Media Application Server Differentiated Services Code PointDual-tone multi-frequency Management Information BaseSimple Network Management Protocol Redundant Array of Independent DisksSession Description Protocol Session Information ProtocolVoice Extensible Markup Language Universal Resource IndicatorUser Datagram Protocol Video codecPage Fundamentals