The Importance of Security Management in Element Management Systems
Within a Communication Service Provider (CSP) operational organization, there are several different departments/groups that are involved in the management of the network and its elements. EMS Security Management refers to the establishment of user accounts/groups with specific access roles and privileges. One mandatory CSP EMS feature is the ability to create multiple groups to access and manage the network elements plus assign individual staff roles and access permissions. In addition, the actions performed by the user should be logged and accessible for review and analysis. The ability to log the actions of users is important especially if there are security violations or if user actions need to be reversed. The following EMS/NMS security management rules are defined for users, their roles and group assignment: Group Management: A user can be assigned to a specific group, e.g., field personnel, service configuration, product line management, order administration, technical support. Each group can be individual created, deleted and modified. User management: Creation and management of EMS users as well as the establishment of trusted client end points. Features such as logging user actions, password recovery, user lock and even self deletion are standard security features. Role based management: Creation and EMS/NMS management of roles e.g. configure network elements, provision of network elements.
© NOCVue 2012
The following examples illustrated a typical role for an EMS system:
Administrator Role – Full Access Rights to NOCVue© Fault managed Role – Provision alarm severities and view alarm and event logs Configuration Manager Role- Provision and view all equipment Security Manager Role – Provision and view all user account data and security logs. Report Manager Role – Create, schedule, and view reports.
User Role assignment: A user can be assigned to a number of different roles. User roles can be combined in a hierarchy where higher-level roles assume permissions owned by sub-roles. The NOCVue© EMS/NMS contains an integrated security management module, covering all of these rules including:
User access credentials User/Password assignments Managing User Roles/Groups and Privileges Tracking and maintaining a history of security access Configure specific user/group views based on access right privileges A full suite of role based management and role assignment capabilities [I added this in]
NOCVue™ is an industry leader among Element Management System (EMS) and Network Management System (NMS) products.