• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
09 necto architecture_ready
 

09 necto architecture_ready

on

  • 801 views

 

Statistics

Views

Total Views
801
Views on SlideShare
799
Embed Views
2

Actions

Likes
0
Downloads
26
Comments
0

1 Embed 2

http://labgov80 2

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    09 necto architecture_ready 09 necto architecture_ready Presentation Transcript

    • Necto TrainingModule 9: NectoArchitecture andSecurity
    • Agenda Necto Architecture Necto Security
    • Server Architecture
    • Prerequisites Necto Software IIS AnalysisClient Server Data Necto Server Customer Data Warehouse Windows 2008 Necto Server
    • BI Services BI Display BI Calculations Necto Software NovaView.aspx BI Server IIS AnalysisClient Server Data Necto Server Customer Data Warehouse Windows 2008 Necto Server
    • Administrative Services Administration of: • Workboard trees • Social • Users and roles Necto Software • Etc. NovaView.aspx BI Server IIS Admin Web Admin Analysis Services Server ServerClient Social Data Necto Server Customer Data Warehouse Windows 2008 Necto Server
    • Necto Server Data Calculation and Storage Can use SQL express installed or with Necto SQL Express Necto DB SQL Server Necto Software NovaView.aspx BI Necto Calculations Server Server/s IIS Recommended: Admin web Admin separate SQL services ServerClient servers Social Necto Server Both BI and Admin servers use this work area Windows 2008 Necto Server
    • Universal Data Connector (UDC) Provides connection to additional data sources Necto Software NovaView.aspx BI Server IIS Admin Web Admin Analysis Services Server ServerClient Social Data Necto Server UDC Customer data Warehouse LB Performs load balancing Analysis of UDC requests Windows 2008 Services instance Data Necto Server SQL Sources Creates and updates cubes UDC
    • Necto Architecture Summary SQL Express Necto DB SQL Server Necto Software NovaView.aspx BI Necto Calculations Server Server/s IIS Admin Web Admin Analysis Services Server ServerClient Social Data Necto Server UDC Customer Data Warehouse LB Analysis Windows 2008 Services instance Data Necto Server SQL Sources UDC
    • Security
    • Security Overview Content Data (OLAP ) Security Security• Can be Roles implemented by user name or by the role the user belongs to Users • Which • Which portions of the workboards will data will be available be available • Defined in terms of Dimensions and Members
    • Content Data (OLAP ) Security Security Roles UsersOLAP Security
    • Data (OLAP) Security Users are added to roles in a SSAS cube OLAP Domain Users Roles specify which objects and members will be available Roles to users Users must be part of an Active Groups Directory domain and imported into Necto Dashboard User User User
    • Users and RolesOLAP Domain Necto Roles can be added manually Users Roles Import Roles Groups Groups User User User Domain Server Necto When an active directory Users Users Users user logs into Necto – a user is created in Necto From Necto Manually Server defined
    • Data (OLAP) Security Necto Users are added to roles in a SSAS cube Roles Roles specify which objects and members will be available to users Groups Users must be part of an Active Directory domain and imported into NovaView Dashboard Necto and Server users can be mapped to domain users Domain Server Necto Users Users Users For example: a guest user
    • Role vs. User Based Security Content Data (OLAP ) Security SecurityBoth security Rolesmethods can beimplemented perrole or per user.What should I use? Users
    • Role vs. User Based Security Connection to data source is defined by: Server, database, cube, security (Role or User) Role-based security enables reuse of connection Better efficiency of Necto and AS Necto Analysis Server Server
    • Content Data (OLAP ) Security Security Roles UsersContent Security
    • Content Security Public Workboards Access rights (permissions) are assigned by administrator per role Private folders Per user User can share with users or roles Shared folders of other users Best Practice: • Public folders – view-only for most users • Users should create new workboards in their private folder
    • Content Permissions LevelsName Weight Description All administrative rights, including giving rights toAdmin 5 others The user will see that the workboard existsDeny 4 but will not be able to view it User will be allowed to change and edit theWrite 3 workboardRead 2 View only The user will not see that the Workboard existsHidden 1 Therefore will not be able to access it No permission has been assigned. PermissionsNone 0 will be inherited from parent folder
    • User James Part of Role ARole A = PermissionAdmin Permission = Inherit Admin Admin 5 Deny 4 Write 3 Read 2 Hidden 1 None 0
    • Breaking InheritanceIf Same Role Take Last, Unless AdminRole A = PermissionAdmin Role A = Permission Same Role, Take Last, Hidden Unless Admin Permission – Inherit AdminRole A = PermissionRead Role A = Permission Same Role, Take Last Hidden Permission – Inherit Hidden Admin 5Role A = PermissionRead Deny 4 Role A = Permission Same Role, Write 3 Deny Take Last Read 2 Permission – Inherit Deny Hidden 1 None 0
    • Combining Hierarchies – UserJames is Member of Role A & BRole A = PermissionAdmin Role B = Permission MAX(Admin, Hidden Permission – Inherit Hidden) AdminRole A = PermissionRead Role B = Permission MAX(Read, Hidden) Hidden Permission – Inherit Read Admin 5Role A = PermissionRead Deny 4 Role B = Permission MAX(Read, Write 3 Deny Permission – Inherit Deny) Read 2 Deny Hidden 1 None 0
    • Breaking & Combining HierarchiesFirst Break Then Combine Role A = Permission Hidden Role A = Permission Role B = Permission Role C = Permission Read Admin Read Role A = Permission Role B = Permission Role C = Permission Hidden Admin Hidden Role A = Permission Role B = Permission Deny Read Role A = Permission Role B = Permission Admin Hidden Role A = Permission Role B = Permission Read Deny Admin 5 Role A = Permission Hidden Deny 4 Role A = Permission Role B = Permission Write 3 Deny Read Read 2 Hidden 1 None 0
    • Remove Remove any role that James is not a part of
    • Removing Role C“James is a Member of Role A & B” Role A = Permission Hidden Role A = Permission Role B = Permission Role C = Permission Read Admin Read Role A = Permission Role B = Permission Role C = Permission Hidden Admin Hidden Role A = Permission Role B = Permission Deny Read Role A = Permission Role B = Permission Admin Hidden Role A = Permission Role B = Permission Read Deny Admin 5 Role A = Permission Hidden Deny 4 Role A = Permission Role B = Permission Write 3 Deny Read Read 2 Hidden 1 None 0
    • Break Hierarchy In each role use Thumb Rule 1: Break Hierarchy “Use last folder permission unless Root = Admin”
    • Breaking Hierarchies“Use last folder permission unless Root = Admin”Role A = PermissionHidden Role A = Permission Role B = Permission Read Admin Role A = Permission Role B = Permission Hidden Admin Role A = Permission Role B = Permission Deny Read Role A = Permission Role B = Permission Admin Hidden Role A = Permission Role B = Permission Read Deny Admin 5 Role A = Permission Hidden Deny 4 Role A = Permission Role B = Permission Write 3 Deny Read Read 2 Role A = Permission Role B = Permission Hidden 1 Deny Admin None 0
    • Combine The highest permission is selected
    • Combining Hierarchies”The highest permission is selected” Role A = Permission Hidden Role A = Permission Role B = Permission Read Admin Role A = Permission Role B = Permission Hidden Admin Role A = Permission Role B = Permission Deny Read Role A = Permission Role B = Permission Admin Hidden Role A = Permission Role B = Permission Read Deny Admin 5 Role A = Permission Hidden Deny 4 Role A = Permission Role B = Permission Write 3 Deny Read Read 2 Role A = Permission Role B = Permission Hidden 1 Deny Admin None 0
    • Breaking & Combining HierarchiesFirst Break, Then Combine Role A = Permission Hidden Role A = Permission Role B = Permission Read Admin Role A = Permission Role B = Permission Hidden Admin Role A = Permission Role B = Permission Deny Read Role A = Permission Role B = Permission Admin Hidden Role A = Permission Role B = Permission Read Deny Admin 5 Role A = Permission Hidden Deny 4 Role A = Permission Role B = Permission Write 3 Deny Read Read 2 Permission – Inherit Admin Hidden 1 None 0
    • Summary In this lesson you have learned about: Necto Architecture Necto Security
    • Thank youAny Questions?