Home Advanced Topics System Administration Security

Security

Posted on November 14, 2011 by AlexChiu No Comments ↓

System Security

Some companies using proxy servers that restrict access to some sites may also block APS. Exceptions should be created for APS URLs such as:

http://[server name]:[port]/ServerManager.soap
http://[server name]:[port]/PTBroadcaster.soap
http://[server name]:[port]/PTInterface.soap
http://[server name]:[port]/UpdateFileManager.soap

Additionally, the following measures should be taken to avoid security conflicts:

  • On the Server
    • Allow incoming and outgoing APS communication through the firewall. Ports 7990 and say 8001 through 8020 (for 4 instances).
    • Administrator rights for installing ServerManager and Enterprise Client are required.
    • Administrator rights are also required for using the Enterprise Client.
  • On the Clients
    • Allow incoming and outgoing APS communication through local firewall.
    • Note: The Clients are installed in  the user’s directory so no permission changes required.
  • General
    • Allow communication through any proxy servers.
    • Depending on settings, apsportal.com may need to be added to trusted zones.
    • Internet Options –> Internet Security –> .NET reliant component –> Run components signed with Authenticode should be enabled.

 User-Related Security

Although the different User Types automatically lock certain features based on their level of Scenario access, the following options can be assigned to the users regardless of Scenario Access:

  • Control:
    • Administrator: Whether can maintain users and permissions.
    • Scenario access level: Master Scheduler, View All, ViewPublished, etc.
  • Scheduling:
    • Can Lock
    • Can Anchor
    • Can Expediate
    • Can Change Job status
    • Can hold jobs
    • Can reserve CTPs in live scenario
    • Can Reschedule purchases
    • Can enable/disable scheduler add-ins
  • Data:
    • Can Maintain Forecasts
    • Can Maintain Jobs
    • Can Maintain Resources
    • Can run Imports
    • Can Maintain import settings

Users can reset their own passwords from the ‘i’ menu in the upper left corner of the main screen. Administrators can also require the following regarding passwords:

  • Periodic password changes. If checked, users are prompted and required on their next login to reset their passwords. Repeating the current password is disallowed.
  • Strong Passwords: If checked, all user passwords must conform to the strong password requirement of eight  (8) characters, at least one upper and one lower case character, and at least one number or symbol.
When new users are created, an Admin can also check a box in the User dialogue to require that user to reset their password on their next login.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Recent Comments
    Recent News
    • APS Release Notes Link to document information on latest enhancements and resolved bugs