Role-Based Access Management; Distributed Server Mode (Epicenter Gold Upgrade) - Extreme Networks EPICenter Guide Manual

cannot run the browser-based or installed EPICenter clients. Reports can be printed using the browser
print function.
The Reports capability provides a large number of predefined HTML reports that present a variety of
types of information from the EPICenter database. You can also create your own reports by writing Tcl
scripts. Further, within the Reports Module are several useful tools such as a MIB Browser and other
tools that can provide EPICenter system information.
The Reports module can also be accessed from the Navigation toolbar within the EPICenter client
application. A Summary report is displayed on the EPICenter Home page that provides basic
information on the status of EPICenter devices and alarms. From this report you can access other more
detailed reports.

Role-based Access Management

All EPICenter users must log in with a user name and password in order to access EPICenter features.
EPICenter initially provides four user roles:
Monitor role—users who can view status information only.
●
Manager role—users who can modify device parameters as well as view status information.
●
Administrator role—users who can create, modify and delete EPICenter user accounts as well as
●
perform all the functions of a user with Manager access.
Disabled role—users whose account information is maintained, but who have no access to any
●
features of the product.
An Administrator user can create additional roles, can modify the capabilities available under each role,
and can add and delete EPICenter users, as well as enable or disable access for individual users.
By default, EPICenter provides its own authentication and authorization for EPICenter users. However,
through the EPICenter Admin applet, EPICenter can be configured to act as a Remote Authentication
Dial In User Service (RADIUS) client, allowing it to use an external RADIUS server to authenticate
EPICenter users. As an option, the external RADIUS server can be configured to return user role
information as well as the user authentication.
As an alternative, EPICenter can be configured to act as a RADIUS server, providing authentication for
EPICenter users as well as for other devices such as Extreme switches. However, the RADIUS server
built into EPICenter should only be used for demonstration or testing purposes, and should not be used
to provide primary authentication services in a production environment. The EPICenter RADIUS server
is not sufficiently robust to perform as the authentication server in a production environment.

Distributed Server Mode (EPICenter Gold Upgrade)

To manage very large numbers of network devices, or devices that are geographically distributed, the
management task can be divided up between multiple EPICenter servers. Each server in the server
group is updated at regular intervals with network summary and status information from the other
servers in the group. From the EPICenter home page, a client attached to any one of the servers in the
server group can view summary status information from the other servers in the group in addition to
the standard Network Summary report. The EPICenter client also lets the user easily navigate between
the different servers in the group to see detailed management information about the devices managed
by those servers.
EPICenter Concepts and Solutions Guide
EPICenter Features
19