A Terminal Switch with a Multilevel User Directory Provides Different Capabilities to Different Users

Sometimes, the out of band management capabilities provided by a terminal switch (http://www.wti.com/c-56-terminal-switch.aspx) are almost too useful for their own good. Often, the ability to access console port functions on remote network elements proves to be so handy, that the network administrator is faced with the challenge of providing terminal switch access to a variety of different users, while also restricting those users from devices and functions that are not related to their jobs. In cases like this, a terminal switch unit with a multilevel user directory provides a simple means for administrators to grant users with out of band access to the devices that they need, while preventing those users from accessing devices that may belong to other departments or functions.

Typically, a terminal switch with a multilevel user directory allows administrators to assign different port access rights and command capabilities to each individual terminal switch user, and also select appropriate authentication protocols, security features and allowable access channels for each user. For example, a multilevel user directory could be used to provide a high level user with access to all serial ports on the terminal switch and access to all command functions, and at the same time, restrict lower level users to only a handful of ports and bar access to terminal server configuration functions.

In addition, the multilevel user directory can also be used to select different security and authentication protocols for each user that match the methods that each user typically employs to access the terminal switch. For example, a user who typically accesses the terminal switch via an IP connection would most likely need authentication protocols such as RADIUS, TACACS+, Kerberos and LDAP, whereas a user who accesses the terminal switch via dial-up connection would be more like to require features such as callback security.

Once the multilevel user directory has been employed to define a number of user accounts, the terminal switch should then be able to track each user and create a log that records login times and dates, user activity and other events. In addition to providing an overview of typical user activity, this capability also provides administrators with the ability to perform a “post mortem” examination after a network failure, in order to determine what actions or events might have contributed to the network outage or equipment failure.

A terminal switch with a multilevel user directory provides administrators with an intelligent means to grant appropriate port access rights and command capabilities to each individual user; is an extremely vital function in any co-location application. This simplifies the process of enabling a wide variety of different types of users to share access to the terminal switch, and also provides administrators with a means to track user activity and noteworthy events in order to continually improve the manner in which the terminal switch is deployed and also gives administrators a clearer picture of just exactly how each user employs the terminal switch.

Link to Original Content

Tags: , , , , ,

Comments are closed.