+ All Categories
Home > Business > 09 necto architecture_ready

09 necto architecture_ready

Date post: 07-Dec-2014
Category:

Business
Upload: wwwpanoramacom
View: 944 times
Download: 1 times
Download Report this document
Share this document with a friend
Description:
 
Popular Tags:
necto analysis server
necto server data calculation
server users
necto trainingmodule
necto manuallyserver
roles necto software
permission role b
server architecture
33
Necto Training Module 9: Necto Architecture and Security
Transcript
Page 1: 09 necto architecture_ready

Necto TrainingModule 9: Necto Architecture and Security

Page 2: 09 necto architecture_ready

Agenda

Necto ArchitectureNecto Security

Page 3: 09 necto architecture_ready

Server Architecture

Page 4: 09 necto architecture_ready

Prerequisites

Windows 2008

Necto Software

Necto Server

Customer DataData Warehouse

Analysis Server

IIS

Client

Necto Server

Page 5: 09 necto architecture_ready

BI Services

Windows 2008

Necto Software

Necto Server

Customer DataData Warehouse

Analysis Server

BI Server

NovaView.aspx

IIS

Necto Server

Client

BI CalculationsBI Display

Page 6: 09 necto architecture_ready

Administrative Services

Windows 2008

Necto Software

Necto Server

Customer DataData Warehouse

Analysis Server

BI Server

Admin ServerSocial

NovaView.aspx

Admin Web Services

IIS

Necto Server

Client

Administration of:• Workboard trees• Social• Users and roles• Etc.

Page 7: 09 necto architecture_ready

Necto Server Data Calculation and Storage

Windows 2008

SQL Express

Necto Software

Necto Server

Necto DB

Necto Calculations Server/s

SQL Server

BI Server

Admin ServerSocial

NovaView.aspx

Admin web services

IIS

Necto Server

Client

Both BI and Admin servers use this work area

Can use SQL express installed with Necto

or

Recommended: separate SQL servers

Page 8: 09 necto architecture_ready

Universal Data Connector (UDC)

SQL

Windows 2008

Necto Software

Necto Server

Customer dataData WarehouseUDC

LB

Analysis Server

Analysis Services instance

UDC

BI Server

Admin ServerSocial

NovaView.aspx

Admin Web Services

IIS

Necto Server

Client

Data Sources

Provides connection to additional data sources

Performs load balancing of UDC requests

Creates and updates cubes

Page 9: 09 necto architecture_ready

Necto Architecture Summary

SQL

Windows 2008

SQL Express

Necto Software

Necto Server

Customer DataData WarehouseUDC

LB

Necto DB

Necto Calculations Server/s

Analysis Server

Analysis Services instance

SQL Server

UDC

BI Server

Admin ServerSocial

NovaView.aspx

Admin Web Services

IIS

Necto Server

Client

Data Sources

Page 10: 09 necto architecture_ready

Security

Page 11: 09 necto architecture_ready

Security Overview Content Security

Data (OLAP ) Security

Roles

• Which portions of the data will be available

• Defined in terms of Dimensions and Members

Users

• Which workboards will be available

• Can be implemented by user name or by the role the user belongs to

Page 12: 09 necto architecture_ready

Content Security

OLAP Security

Roles

Users

Data (OLAP ) Security

Page 13: 09 necto architecture_ready

Data (OLAP) Security

Users are added to roles in a SSAS cubeRoles specify which objects and members will be available to usersUsers must be part of an Active Directory domain and imported into Necto Dashboard

OLAP Domain Users

Roles

User

Groups

UserUser

Page 14: 09 necto architecture_ready

Users and Roles

Roles

NectoOLAP Domain Users

Roles

User

Groups

UserUser

Domain Users

Import

Groups

Roles can be added manually

When an active directory user logs into Necto – a user is created in Necto

Server Users

From Necto Server

Necto Users

Manually defined

Page 15: 09 necto architecture_ready

Data (OLAP) Security

Users are added to roles in a SSAS cubeRoles specify which objects and members will be available to usersUsers must be part of an Active Directory domain and imported into NovaView DashboardNecto and Server users can be mapped to domain users

For example: a guest user

Roles

Necto

Server Users

Domain Users

Necto Users

Groups

Page 16: 09 necto architecture_ready

Role vs. User Based Security

Users

Content Security

Data (OLAP ) Security

RolesBoth security methods can be implemented per role or per user.What should I use?

Page 17: 09 necto architecture_ready

Analysis Server

Role vs. User Based Security

Connection to data source is defined by:Server, database, cube, security (Role or User)

Role-based security enables reuse of connection

Better efficiency of Necto and AS

Necto Server

Page 18: 09 necto architecture_ready

Content Security

Data (OLAP ) Security

Roles

Users

Content Security

Page 19: 09 necto architecture_ready

Content Security

Public WorkboardsAccess rights (permissions) are assigned by administrator per role

Private foldersPer userUser can share with users or roles

Shared folders of other users

Best Practice:• Public folders – view-only for most

users• Users should create new

workboards in their private folder

Page 20: 09 necto architecture_ready

Content Permissions Levels

Name Weight Description

Admin 5All administrative rights, including giving rights to others

Deny 4The user will see that the workboard existsbut will not be able to view it

Write 3User will be allowed to change and edit the workboard

Read 2 View only

Hidden 1

The user will not see that the Workboard existsTherefore will not be able to access it

None 0No permission has been assigned. Permissions will be inherited from parent folder

Page 21: 09 necto architecture_ready

Role A = Permission Admin

User James Part of Role A

Permission = Inherit Admin

Admin 5

Deny 4

Write 3

Read 2

Hidden 1

None 0

Role A

Page 22: 09 necto architecture_ready

Role A = Permission Admin

Breaking InheritanceIf Same Role Take Last, Unless Admin

Permission – Inherit Admin

Role A = Permission Hidden

Role A = Permission Read

Permission – Inherit Hidden

Role A = Permission Hidden

Role A = Permission Read

Permission – Inherit Deny

Role A = Permission Deny

Same Role, Take Last, Unless Admin

Same Role, Take Last

Same Role, Take Last

Admin 5

Deny 4

Write 3

Read 2

Hidden 1

None 0

Page 23: 09 necto architecture_ready

Role A = Permission Admin

Combining Hierarchies – User James is Member of Role A & B

Permission – Inherit Admin

Role B = Permission Hidden

Role A = Permission Read

Permission – Inherit Read

Role B = Permission Hidden

Role A = Permission Read

Permission – Inherit Deny

Role B = Permission Deny

MAX(Admin, Hidden)

MAX(Read, Hidden)

MAX(Read, Deny)

Admin 5

Deny 4

Write 3

Read 2

Hidden 1

None 0

Role ARole B

Page 24: 09 necto architecture_ready

Role A = Permission Hidden

Breaking & Combining HierarchiesFirst Break Then Combine

Role A = Permission Read

Role A = Permission Hidden

Role A = Permission Deny

Role A = Permission Admin

Role A = Permission Read

Role A = Permission Hidden

Role A = Permission Deny

Role B = Permission Admin

Role B = Permission Admin

Role B = Permission Read

Role B = Permission Hidden

Role B = Permission Deny

Role C = Permission Read

Role C = Permission Hidden

Role B = Permission Read

Admin 5

Deny 4

Write 3

Read 2

Hidden 1

None 0

Page 25: 09 necto architecture_ready

Remove

Remove any role that James is not a part of

Page 26: 09 necto architecture_ready

Role A = Permission Hidden

Removing Role C“James is a Member of Role A & B”

Role A = Permission Read

Role A = Permission Hidden

Role A = Permission Deny

Role A = Permission Admin

Role A = Permission Read

Role A = Permission Hidden

Role A = Permission Deny

Role B = Permission Admin

Role B = Permission Admin

Role B = Permission Read

Role B = Permission Hidden

Role B = Permission Deny

Role C = Permission Read

Role C = Permission Hidden

Role B = Permission Read

Admin 5

Deny 4

Write 3

Read 2

Hidden 1

None 0

Page 27: 09 necto architecture_ready

Break Hierarchy

In each role use Thumb Rule 1: Break Hierarchy

“Use last folder permission unless Root = Admin”

Page 28: 09 necto architecture_ready

Role A = Permission Hidden

Breaking Hierarchies“Use last folder permission unless Root = Admin”

Role A = Permission Read

Role A = Permission Hidden

Role A = Permission Deny

Role A = Permission Admin

Role A = Permission Read

Role A = Permission Hidden

Role A = Permission Deny

Role B = Permission Admin

Role B = Permission Admin

Role B = Permission Read

Role B = Permission Hidden

Role B = Permission Deny

Role B = Permission Read

Role A = Permission Deny

Role B = Permission Admin

Admin 5

Deny 4

Write 3

Read 2

Hidden 1

None 0

Page 29: 09 necto architecture_ready

Combine

The highest permission is selected

Page 30: 09 necto architecture_ready

Role A = Permission Hidden

Combining Hierarchies”The highest permission is selected”

Role A = Permission Read

Role A = Permission Hidden

Role A = Permission Deny

Role A = Permission Admin

Role A = Permission Read

Role A = Permission Hidden

Role A = Permission Deny

Role B = Permission Admin

Role B = Permission Admin

Role B = Permission Read

Role B = Permission Hidden

Role B = Permission Deny

Role B = Permission Read

Role A = Permission Deny

Role B = Permission Admin

Admin 5

Deny 4

Write 3

Read 2

Hidden 1

None 0

Page 31: 09 necto architecture_ready

Role A = Permission Hidden

Breaking & Combining HierarchiesFirst Break, Then Combine

Role A = Permission Read

Role A = Permission Hidden

Role A = Permission Deny

Role A = Permission Admin

Role A = Permission Read

Role A = Permission Hidden

Role A = Permission Deny

Role B = Permission Admin

Role B = Permission Admin

Role B = Permission Read

Role B = Permission Hidden

Role B = Permission Deny

Role B = Permission Read

Permission – Inherit Admin

Admin 5

Deny 4

Write 3

Read 2

Hidden 1

None 0

Page 32: 09 necto architecture_ready

Summary

In this lesson you have learned about:

Necto ArchitectureNecto Security

Page 33: 09 necto architecture_ready

Thank youAny Questions?


Recommended
Necto BI 3.0 presentation

Necto BI 3.0 presentation

Business

Necto 16 training 24 (archive) nova view to necto migration

Necto 16 training 24 (archive) nova view to necto migration

Technology

28 - Panorama Necto 14 support - visualization & data discovery solution

28 - Panorama Necto 14 support - visualization & data discovery solution

Technology

26 - Panorama Necto 14 data security - visualization & data discovery solution

26 - Panorama Necto 14 data security - visualization & data discovery solution

Technology

Panorama necto, la business intelligence collaborativa mr v02

Panorama necto, la business intelligence collaborativa mr v02

Healthcare

Necto 16 training 22 necto server

Necto 16 training 22 necto server

Technology

7 - Panorama Necto 14 navigation component - visualization & data discovery solution

7 - Panorama Necto 14 navigation component - visualization & data discovery solution

Technology

Necto 15-Is it for you?

Necto 15-Is it for you?

Documents

10 necto administration_ready

10 necto administration_ready

Business

3 - Panorama Necto 14 application - visualization & data discovery solution

3 - Panorama Necto 14 application - visualization & data discovery solution

Technology

Panorama Necto 16

Panorama Necto 16

Technology

12 Panorama Necto 14 infographic usage - visualization & data discovery solution

12 Panorama Necto 14 infographic usage - visualization & data discovery solution

Technology

9 - Panorama Necto 14 html component - visualization & data discovery solution

9 - Panorama Necto 14 html component - visualization & data discovery solution

Technology

23 - Panorama Necto 14 nova view to necto migration - visualization & data discovery solution

23 - Panorama Necto 14 nova view to necto migration - visualization & data discovery solution

Technology

1 - Panorama Necto 14 training - visualization & data discovery solution

1 - Panorama Necto 14 training - visualization & data discovery solution

Technology

29a - Panorama Necto 14 deliveries - visualization & data discovery solution

29a - Panorama Necto 14 deliveries - visualization & data discovery solution

Technology

11 necto installation_ready

11 necto installation_ready

Business

Necto 16 training 6 - web component

Necto 16 training 6 - web component

Technology