Creating and configuring a Security Center Federation role - Security Center 5.12

Security Center Administrator Guide 5.12

Product
Security Center
Content type
Guides > Administrator guides
Version
5.12
Language
English
Last updated
2024-09-13

To connect to a remote Security Center system using Security Center Federation™, you must create and configure a Security Center Federation™ role on your system using the credentials for your Federation™ user.

Before you begin

  • Ensure that you have the username and password of a Federation user for the system you want to federate.
  • When you delete a Federation role, you can release ownership of its entities to your local Security Center system. When you create a new Federation role, you can reclaim ownership of previously released entities. For more information, see About releasing or reclaiming ownership of entities from a role.

What you should know

  • On the federated system, users from your system have the same rights and privileges as the Federation user.
  • The Federation user's rights and privileges determine what the users on your system can see and do on the federated system. The Federation user must have the Federation privilege .

Procedure

  1. From the Config Tool homepage, open the System task and click the Roles view.
  2. Click Add an entity () and select Security Center Federation™.
  3. In the Directory field, enter the name or IP address of the remote Security Center Directory.
  4. Enter the username and password for the Federation user.
    The Federation role uses these credentials to log on to the remote Security Center system.
    Best Practice:
    • Give the Federation user a descriptive name. That way, if multiple hosts federate the same system, it is easy for the federated system to tell which Federation host is connected to their system.
    • Ensure that Use secure communication is enabled in the Media Router on both systems. This ensures secure communication and allows Live/Playback streaming requested from Federation to be logged in the Activity trails report. This applies to 5.11.1.0 or later.
  5. (Optional) Select the Reclaim ownership of local entities option.
    This option enables the role to reclaim ownership of entities that were released to your local Security Center system when a previous Federation role was deleted.
    The Specific info page of the dialog box for creating a Security Center Federation role, with the Reclaim ownership of local entities option highlighted.
  6. In the Federated events tab, select the events that you want to receive from the federated system.
    The Specific info page of the dialog box for creating a Security Center Federation role, displaying the Federated events options.
  7. In the Federated entity types tab, select the entities that you want to monitor from the federated system.
    The Specific info page of the dialog box for creating a Security Center Federation role, displaying the Federated entities options.
    NOTE: After creating the role, you can change the selection of federated events and federated entity types in the Properties page of the Federation role.
  8. Click Next.
  9. On the Basic information page, enter a name and description for the role.
  10. Select the partition that this role belongs to and click Next.
    All federated entities are created in this partition. Only users in this partition can view or modify those entities.
  11. Click Next > Create > Close.
  12. Select the new Federation role () and click the Properties tab.
    The connection status is either Synchronizing entities or Connected.
  13. To reduce the loss of a role in case of connection interruption, configure the following settings:
    Resilient connection
    Turn this option on for the Security Center Federation role to reconnect to the federated Security Center Directory server after a connection interruption. After a specified period of attempting to reconnect, the connection is considered lost and the role goes into a warning state.
    NOTE: Activating Resilient connection is highly recommended for remote systems that might have an unstable connection to the cloud.
    Reconnection timeout
    Specify the number of seconds that the Security Center Federation role attempts to reconnect to the Directory before the connection is considered lost.
  14. (Optional) Configure the additional options for the Security Center Federation™ role :
    Forward Directory reports
    Turn this option on to view user activities (viewing cameras, activating the PTZ, and so on) and configuration changes performed at the federated site. This information is provided from the Activity trails and Audit trails reports on the Federation host, provided the Federation user has the privileges and access rights to view them. You can also view the federated units in the Hardware inventory task.
    IMPORTANT: To return federated entities in reports generated on the Federation host, Forward Directory reports must be turned on.
    Default live stream
    The default video stream that is used for viewing live video from federated Security Center cameras. Remote is selected by default.

    If your workstation doesn’t require specific video stream settings for Federation, you can use the default stream settings from Security Desk instead.

    Enable playback requests
    Turn this option on for users to view playback video from federated Security Center cameras.
    Enable Record Fusion queries
    Turn this option on to synchronize data sources, in order to allow the Record Fusion Service role to forward queries to the federated Security Center systems. Record types are configurable on the Properties page of the Record Fusion Service role.
    Federate map providers
    Turn this option on to synchronize map providers from the remote Map Manager, therefore allowing users to display federated online maps. Note that this is not necessary to display image maps.
    Federate custom icons
    Turn this option on for federated entities to share custom icons with the Federation host. Entity icons in the Federation host appear identical to the icons on the federated system. It can take a few minutes to synchronize custom icons.
    Federated events
    Select the events that you want to receive from the federated Security Center system. Events are necessary if you plan to monitor the federated entities in Security Desk, or to configure event-to-actions for the federated entities.
    Federated entity types
    Select the entity types that you want to monitor from the federated Security Center system.
    Enable inbound alarm acknowledgement source
    Get the Acknowledgement source on the host system for alarms that are acknowledged on the federated system. Acknowledgement source is available in the Report pane columns for the Alarm report task.
    Enable outbound alarm acknowledgement source
    Send the Acknowledgement source to the federated system for alarms that are acknowledged on the host system. Acknowledgement source is available in the Report pane columns for the Alarm report task.
  15. Click Apply.
  16. Change the default multicast addresses used by the Media Router for local and federated streams.

After you finish

In the Area view task, expand the Security Center Federation™ role () and verify that all federated entities were imported by the role.

The entity hierarchy corresponds to the Area view on the federated remote system.