This page presents the VG WinConsole, a Windows Application provided by Visual Guard for Access Control Administration purposes.
Visual Guard also provides VG WebConsole,
a Web Application designed for non-technical administrators and supporting
a Distributed Administration Model. You can read more about the VG WebConsole
here.
The VG WinConsole includes a User Management module.
This module allows the administrator to manage Username/Password accounts
Fig 2 - Managing Username/Password Accounts
The Administrator can also declare Windows Accounts and Windows Groups in the VG Repository, in order to grant them Roles and Permissions.
Then the administrator can grant Roles to User Accounts
Fig 3 - Granting Roles to Users
For Username/Password accounts, the Administrator can define a specific Password Policy to comply with internal security policies.
Fig 4 - Defining a Password Policy
The VG WinConsole includes a Permission Management
module.
This module allows developers to define the permissions related to their
application.
Fig 5 - Managing Permissions
Developers also define Permission Sets
Fig 6 - Managing Permission Sets
Finally, they group Permissions into Permission Sets
Fig 7 - Grouping Permissions into Permission Sets
For more flexibility, developers can define a hierarchy of Permission Sets: each one inherits its Parent’s permissions.
Fig 8 - Grouping Permissions into Parent Permission Sets
Whenever necessary, developers can use the VG*DynamicPermissions technology: the actions that change the application when the permission is applied are defined with the VG WinConsole, and Visual Guard dynamically executes these actions when the application is running. Your code remains unchanged: you do not have to write or maintain any security code in your application. You can read more about VG*DynamicPermissions technology here.
Fig 9 - Defining Dynamic Actions
The VG WinConsole includes a Role Management module.
This module allows developers or administrators to define Roles and grant
them to users.
Visual Guard provides 2 types of Roles:
1 – Shared Roles contain permissions for several applications. For
example, you may use Shared Roles when your security model includes a
limited number of Roles with a large number of applications.
Fig 10 - Managing Shared Roles
2 – Application Roles contain permissions for
only 1 application.
For example, you may use Applications Roles when your security model requires
more flexibility and the possibility to grant several roles for several
applications to each user.
Fig 11 - Managing Application Roles
Each Role is then defined by the Permission Sets it contains:
Fig 12 - Grouping Permissions Sets into Roles
Finally, the administrator relates Users to Roles:
Fig 13 - Granting Users to Roles
The VG WinConsole includes an Auditing and Reporting
module.
This module allows auditors to review and document the security of the
applications.
Auditors can generate documentation about the current security data (User
accounts, Permissions and Roles granted, etc.)
See an example of report (.pdf)
Fig 14 - Reporting
Auditors can also review user operations in real time. Whenever needed, they can focus on a specific transaction: for instance, they can filter for a specific type of operation, a given user, during a given period in time, etc.
Fig 15 – Using the Event Viewer for Auditing purposes.
Fig 16 - Managing Repositories
Fig 17 - Managing Applications secured by Visual Guard