Over the last few months, Opmantek has been working on an alternate authorization system which will permit our customers to be able to define views of what is being managed so that they can permit their customers to see information that they might not ordinarily be able to see without giving them access to view an entire node.
A simple example of the benefits of this capability would be for service providers who have shared equipment, where multiple customers are using one or more interfaces from one or more switches. This might be a metropolitan area network, with switches in the basements of buildings and each customer uses one or more interfaces.
With our new multi-tenancy authorization, roles are created for each customer and the associated user names, then several business service views are created by selecting the interfaces of one or more switches and adding them to a business services view for the customer. When the customer logs in, they have access to see the business services view and all of the associated interfaces. They are then able to drill into the interface to see the statistics.
Another good example of this might be an IT Services company which provides general IT services to businesses, along with network and server management. Amongst the equipment being managed are some telephones and the related network interfaces. A partner of the IT services company assists with the management of the phone systems and requires the ability to see switch ports which the phones connect to. With traditional authorization schemes the telephony engineers would require logins giving them permission to see the entire switch including interfaces for things not related to their duties.
With the new multi-tenancy authorization, a business services view can be created and the required telephony interfaces added to that view. When the telephony engineer logs into the system, they will only see the interface information they need to keep an eye on the telephony system.
Going forward Opmantek will expand this capability significantly to include more granularity in the authorization and more resources available to be permitted. We will also work to simplify administration of the system wherever possible.
We are very excited by being able to take authorization to a new level of flexibility and simplicity, enabling our customers to in turn be more flexible with their customers and manage third party vendor access more diligently.