Customer Login Partner Login
Search
Products Solutions Services Customer Connects Partners Company
 
Home > Products > How It Works
Products

Products

How it Works—BoKS Host Groups, User Groups, and Classes

Your end user and administrative support teams are also placed into User Groups and Classes.

When defining access by your users to services they can be mapped to the appropriate Host or Application group, and the method they login or access the server or application is defined in what FoxT calls an Access Route.

In this diagram, you will see that the US and Europe geographic areas are supported by their own production support teams. The database and application administrators are mapped only to their environments by the functional grouping.

Let us look at an even simpler example: a single administrator connecting to a single server. There may be multiple ways the user can login, transfer files, or access the console of a machine.

Each arrow represents a separate BoKS Access Route between User or User Group and Host or Host Group. Fine-grained access policy allows the BoKS Administrator to define discrete security policies for each arrow on the diagram.

Each Access Route has a number of parameters.
  • For: User (Group, Class)
  • From: Location (for example Desktop PC, or Host Group)
  • To: Host or Application (Group)
  • Using Access Method: Defined by System Administrator
  • When: Administrator can grant 24x7 access, or constrain the period by time/day when the user is expected to carry out this specific function
  • Mitigation: Exceptional session control (e.g. keystroke log the access)
In the above example, the User may be allowed to login using SSH to the server, but be denied the ability to transfer files, or remote execute commands. Access Routes for insecure network connections may be banned, and the user could also be denied the ability to login on the system console.

A BoKS Access Control matrix is built from the application of general Access Routes between groups of Users to Hosts and Applications. The addition of fine-grained exceptions is added to the matrix to control access to high risk areas, especially those requiring session keystroke logging.

Want to Know More About How BoKS Enterprise Access Control Management Works?

  • BoKS Access Control & Authentication Infrastructure

  • BoKs Fine-Grained Access Control Management

  • BoKS Host Groups, User Groups, and Classes



    		•

    Highlights

    Resources
    ©2008 Fox Technologies. All Right Reserved. News & Events   Site Map   Contact Us   Privacy Policy