- 27 -

MAS administration and security

User accounts

This section introduces the concept of multiple users and user roles. To accommodate customers who wish to use the shared account methodology, support for the use of the shared administrator account is provided.

When a user is added to the system, it is defined as filling one of these user roles assumes the ability to perform the administrative functions associated with that role.

Individual user accounts provides full accountability and monitoring of individual user actions on the system. User accounts are managed on an individual basis for each server; it is the responsibility of the customer to create each individual user account and to ensure that identical users are created on each server within the MAS environment.

Each individual user account has a password that is processed through the password complexity profile and can be enabled or disabled by a Security System Administrator as required.

To maintain the accountability with individual users for the security of their account, each individual user should be knowledgeable of only their own password and not of the passwords of other users.

The following user roles (Windows User Groups) are identified with the MAS system:

System Security Administrator (SSA)

The System Security Administrator is ultimately responsible for the complete range of system administration functions, as follows:

Maintaining Operating System configuration.

Maintaining hardware and network configuration.

Maintaining security policy configuration.

Performing user management functions such as add, delete, or modify accounts.

Performing certificate management functions.

Installing and upgrading MAS platform and application software.

Performing any task or operation within the MAS Console.

Security Auditor (SA)

The Security Auditor (SA) monitors security related events on the MAS system, and manages the security log files, including viewing the security log files and creating backup archives of the security logs.

The Security Auditor does not have permission to run the MAS Console.

Nortel Media Application Server 6.0 for AS 5300

Fundamentals

NN44470-100 01.01 Standard

Release 6.0 03 June 2008

Copyright © 2008, Nortel Networks

Page 27
Image 27
Nortel Networks NN44470-100 manual User accounts, Security Auditor SA