This page presents the VG WinConsole,
a Windows Application provided by Visual Guard for Access Control Administration
purposes.
Visual Guard Enterprise Edition also provides VG WebConsole,
a Web Application designed for non-technical administrators and supporting
a Distributed Administration Model. You can read more about the VG WebConsole
here.
Top
User Management
The VG WinConsole includes a User Management module.
This module allows the administrator to manage Username/Password accounts
Fig 2 - Managing Username/Password Accounts
The Administrator can also declare Windows Accounts
and Windows Groups in the VG Repository, in order to grant them Roles
and Permissions.
Then the administrator can grant Roles to User Accounts
Fig 3 - Granting Roles to Users
For Username/Password accounts, the Administrator
can define a specific Password Policy to comply with internal security
policies.
Fig 4 - Defining a Password Policy
Top
Permission Management
The VG WinConsole includes a Permission Management
module.
This module allows developers to define the permissions related to their
application.
Fig 5 - Managing Permissions
Developers also define Permission Sets
Fig 6 - Managing Permission Sets
Finally, they group Permissions into Permission Sets
Fig 7 - Grouping Permissions into Permission Sets
For more flexibility, developers can define a hierarchy
of Permission Sets: each one inherits its Parent’s permissions.
Fig 8 - Grouping Permissions into Parent Permission Sets
Whenever necessary, developers can use the VG*DynamicPermissions
technology: the actions that change the application when the permission
is applied are defined with the VG WinConsole, and Visual Guard dynamically
executes these actions when the application is running. Your code remains
unchanged: you do not have to write or maintain any security code in your
application. You can read more about VG*DynamicPermissions technology
here.
Fig 9 - Defining Dynamic Actions
Top
Role Management
The VG WinConsole includes a Role Management module.
This module allows developers or administrators to define Roles and grant
them to users.
Visual Guard provides 2 types of Roles:
1 – Shared Roles contain permissions for several applications. For
example, you may use Shared Roles when your security model includes a
limited number of Roles with a large number of applications.
Fig 10 - Managing Shared Roles
2 – Application Roles contain permissions for
only 1 application.
For example, you may use Applications Roles when your security model requires
more flexibility and the possibility to grant several roles for several
applications to each user.
Fig 11 - Managing Application Roles
Each Role is then defined by the Permission Sets it
contains:
Fig 12 - Grouping Permissions Sets into Roles
Finally, the administrator relates Users to Roles:
Fig 13 - Granting Users to Roles
Top
Auditing & Reporting
The VG WinConsole includes an Auditing and Reporting
module.
This module allows auditors to review and document the security of the
applications.
Auditors can generate documentation about the current security data (User
accounts, Permissions and Roles granted, etc.)
See an example of report (.pdf)
Fig 14 - Reporting
Auditors can also review user operations in real time.
Whenever needed, they can focus on a specific transaction: for instance,
they can filter for a specific type of operation, a given user, during
a given period in time, etc.
See an example of audit report (.pdf)
Fig 15 – Using the Event Viewer for Auditing purposes.
Top
Global Settings
Fig 16 - Managing Repositories
Fig 17 - Managing Applications secured by Visual Guard
Top
|
