SeeView Server Gateway (SSG) Manual
SSG Component Configuration
HP NonStop SeeView Server Gateway (SSG) Manual—526356-004
3-11
Management Scenario
Because AUTOSTART is set ON in the $SYSTEM.SYSTEM.SSGCONF file, each
user's SSG, with the specified ID, is started automatically on demand. Each user can
also then access only his or her own SSG and his or her own dedicated set of CIs. In
this case, there is no shared access, and each user is only given the authority
necessary to perform his or her specific tasks.
Also, it is generally not necessary to set default CI access to NONE. That was done for
illustrative purposes here, but the standard setting of USER is preferable in most
cases. This approach provides for a completely secure environment, identical to the
access a user would have using TACL, and at the same time gives users the flexibility
of accessing additional CIs via the SSG. SSG security for a given CI or set of CIs to
NONE only in cases where you are absolutely certain users will never need to access
the CIs in question using the SSG.
Again, there are many possibilities, and in many cases some combination of shared
and non-shared access might be desired. Any such combination can be configured
using the techniques described previously. Because SSG security is user-based, the
key point is that user-specific security configuration is achieved using multiple SSGs
and the user-specific SSGCONF files. General access rules for the system are set in
$SYSTEM.SYSTEM.SSGCONF, and these rules are usually sufficient for monitoring-
only environments. However, in management and command and control environments,
user-specific settings are usually needed.
Figure 3-3. SUPER.ADMIN’s SSG Configuration
vst013.vsd