Adding | Customizing a Security Policy

Operators can view, add, customize, or edit Security Policies in the newly added Security Policies page (Settings > Administration > Security Policies).

➢

To add a new Security Policy:

1.

Click the + icon; the Add Security Policy screen opens.

The Edit Security Policy screen which opens when modifying an existing Security Policy, is identical to the Add Security Policy screen.

2.

Always customize a Security Policy based on Monitor. Use the table below as reference to the preceding figure.

Parameter	Description
Name	The name of the policy. Saved as the identifier when attaching the policy to an operator.
LDAP Mapping	The value that is checked against the value of the defined permission attribute in the LDAP Authentication to match this Security Policy.
Open LDAP Mapping	The value which that is checked against the value of the defined permission attribute in the Open LDAP Authentication to match this Security policy.
Azure Mapping	The value that is checked against one of the roles defined for Azure authentication.
RADIUS Mapping	The value that is checked against the value of ACLAuthLevelAttribute of the RADIUS server. The following values can be used if the default AudioCodes values are used: ■ Security admin - 200 ■ Admin - 100 ■ Monitor - 50

3.

Choose one of the following default Security Levels for the Security Policy:

✔

Security Admin – ‘Read and Write’ access to anything in the ARM.

✔

Admin – ‘Read and Write’ access to anything besides the security properties of the ARM and operator credentials.

✔

Monitor – ‘Read’ access to anything besides the security properties of the ARM (including other operators)

4.

If Monitor is chosen, you can add a ‘Write’ permission to one or more of the following actions:

✔

Routing - Routing Groups and Routing Rules

✔

User Groups

✔

User Management - Adding, updating or removing LDAP servers, Azure AD, file repository or any local user.

✔

Normalization Groups

✔

Prefix Groups

✔

Policy Studio