Hello JMcCann,

Role Based Security (RBS) is only applied to the Prognosis Web UI.

• If the Prognosis Web UI is only installed on the Managing Node (normal configuration), then no action is needed for RBS settings to be applied to Monitoring Nodes.
• If the Prognosis Web UI is installed on the Managing and Monitoring Nodes, then the RBS settings will need to be applied manually to all Prognosis Nodes with the Web UI.

Thank you,

Scott Baldwin

Scott,

That brings up an interesting thought.  Should I disable the WebUI for all the monitoring nodes and force our NOC to use the Management node?  I think that is the desired result but wanted your input.  How are other service providers doing this?

Hello JMcCann,

I've seen other Service Providers handle the question of Prognosis Web UI access using either option.

• Some Service Providers only use a single Web UI on the top level Managing Node and use Role Based Security (RBS) to filter devices on a per user bases.
  - This option requires more RBS configuration, and requires completing the "Customer" field for all devices monitored, but simplifies the Prognosis topology by having only 1 Web UI publisher.
• Other Service Providers have bypassed most of the RBS configurations required for client filtering and provided the URL specific to the client's devices. The specific URL would be the Web UI of the Mid Level Managing Node or the Monitoring Node (depending on client size).
  - This option simplifies RBS, but requires a more complex list of Prognosis Web UI addresses, and making sure the correct Managing Node is used to configure devices.
• Prognosis supports both types of configurations, but the official recommendation is to use a single Managing Node Web UI.

I would recommend choosing whichever option seems to fit the need best. The important part is to know which type of Web UI configuration is used, and then stick to processes put in place for the choosen option.

Thank you,

Scott Baldwin