14.1 Console Security Checklist

To define and manage security controls on the Secure Configuration Manager console, you must be a console administrator, which is a console user assigned to the Secure Configuration Manager Administrator’s role. For more information, see Understanding Console Administrators.

The following checklist outlines the workflow for configuring Secure Configuration Manager console security settings. You can modify this workflow to accommodate your specific security needs.

 

Checklist Items

  1. Understand the console security components. See Understanding Console Security.

  1. Log on to Secure Configuration Manager using a console administrator account. By default, you can specify a console administrator account during installation. See the Secure Configuration Manager Installation Guide.

  1. Determine whether you want to implement an external authentication source to validate the console users. See Managing User Authentication.

  1. Determine whether you want Secure Configuration Manager to enforce password policy on the console user accounts. See Managing Password Policy.

  1. Identify which personnel you want to give permissions in Secure Configuration Manager, and then create a user account in Secure Configuration Manager for each console user and administrator. See Creating a Console User.

  1. Determine which sets of roles and permissions you want to assign to those users. If needed, create the appropriate roles. See Managing Roles and Managing Permissions.

  1. Assign the appropriate roles and permissions to the appropriate console users. See Assigning Roles to a Console User and Assigning Permissions to a Console User.

  1. Assign limit to the number of concurrent web or console sessions for required roles. See section Assigning Session Limit to Roles