Administrator overview, Access controls – HP Secure Key Manager User Manual
Page 201
• Multiple Credentials Overview
• Multiple Credentials Sections
• Multiple Credentials Procedures
• Remote Administration Settings Overview
• Remote Administration Settings Sections
Administrator overview
An administrator is a user who can configure and manage the SKM appliance. This is done using the
Management Console and the Command Line Interface (CLI). An administrator’s access control settings
determine which features can be configured and which operations can be performed.
Access controls
An access control is the permission to configure a feature or perform an operation. To create a certificate,
the administrator must have the Certificates access control. Access Controls are managed and stored on
the SKM appliance. The available access controls are grouped into categories and described here.
Security Configuration access controls enable the administrator to:
•
create, modify, and delete keys and establish authorization policies (Keys and Authorization
Policies).
•
create and modify users and groups and maintain LDAP server settings (Users and Groups).
•
create and import certificates (Certificates).
•
manage certificate authorities on the SKM appliance (Certificate Authorities).
•
manage advanced security settings, including FIPS (Advanced Security).
•
modify SSL configuration (SSL).
Device Configuration access controls enable the administrator to:
•
create a cluster, join or remove a device from an existing cluster (Cluster).
•
configure network and date/time settings (Network and Date/Time).
•
enable and configure high availability settings (High Availability).
•
manage SNMP community names and management stations (SNMP).
•
modify logging settings (Logging).
Backup & Restore access controls enable the administrator to:
•
create backups excluding backup of keys, certificates and local certificate authorities (Backup
Configuration).
•
create backups of keys and certificates (Backup Keys & Certificates).
•
create backups of local certificate authorities and associated private keys (Backup Local CAs).
•
restore backups excluding backup of keys, certificates, and local certificate authorities (Restore
Configuration).
•
restore backups of keys and certificates (Restore Keys & Certificates).
•
restore backups of local certificate authorities and associated private keys (Restore Local CAs).
Maintenance access controls enable the administrator to
•
modify the startup service setting (Services).
•
upgrade to a new software version and add and remove disks (Software Upgrade and System
Health).
Administrative Access access controls enable the administrator to:
•
access the Management Console (Admin Access via Web)
•
access the Command Line Interface over an SSH connection (Admin Access via SSH).
Regardless of the Administrative Access settings, all administrators can access the SKM appliance
directly using the serial console. Using the serial console connection precludes the administrator from
modifying almost all security configuration settings and some device configuration settings (for example,
Keys, Users & Groups, etc. )
Secure Key Manager
201