A Terminal Switch with a Multi-Level User Directory can Simplify User Account Management

In most co-location applications, a terminal switch needs the capability to provide access to many different users and assign different types of privileges to each user, based on job function. The process of managing multiple users and providing a different set of access rights to each user can often be somewhat of a challenge. A multi-level user directory provides the most efficient solution to this task, by allowing administrators to create separate accounts for each user, which define which terminal switch serial ports each user will be allowed to access, which types of commands each user will be allowed to invoke, and which services and tools will be available to each user.

A multi-level user directory should allow administrators to assign a name and password to each user account, and then select the serial ports, commands and services that the user will be allowed to access. This enables administrators to assign serial ports to each user account based on the user’s need to access those serial ports, and either block or allow the users access to command and configuration functions.

The ability to allow or deny access to specific types of commands enables administrators to allow some terminal switch users to access all command functions, while preventing other terminal switch users from invoking potentially harmful commands such as device configuration functions. Likewise, the user directory should also include the ability to create user accounts that permit only limited access to command functions; this allows administrators to create low level user accounts that only allow access to status displays while preventing access to serial port connection functions and other operational commands.

In order to simplify the process of defining user accounts, it can also be helpful for the terminal switch user directory to include pre-defined security levels that can be quickly assigned to each user. For example, a user directory could include a security level for administrators that provides access to all commands, a security level for general users that permits access to port connection commands but denies access to configuration functions, and a security level for low level users that only permits access to status display commands. When users accounts are defined, the access privileges for each user can be quickly defined by simply assigning the user to one of the available pre-defined security levels, rather than requiring the administrator to permit or deny each individual command for each user account.

In addition, the terminal switch user directory should also include the ability to select available services for each user account. For example, an administrator might want to permit or deny some users to access the terminal switch via local serial port, permit or deny access to outbound SSH capabilities, or restrict users to either Telnet/SSH access or web access.

The process of managing terminal switch access rights for multiple users can often be somewhat confusing and frustrating. But an intelligently designed user directory can simplify this process and ease confusion and frustration by providing a centralized interface that allows administrators to easily select port access rights, command access rights and service access rights for terminal switch user accounts, based on the responsibilities and needs of each individual user.

Tags: , , , , , ,

Comments are closed.