To allow an external Security Center system to
remotely access your system and the entities that belong to it, you must first create a local
user account for the Security Center
Federation™ host.
Procedure
-
Create the Federation™ user.
NOTE: Give the Federation™ user a descriptive
name. For example, instead of using federation_1, use PoliceDepartment or
CompanyHeadquarters. That way, if multiple hosts federate your system, it would
be easy for you to tell which Federation™ host is
connected to your system.
-
Configure the Federation™ user.
-
Assign the necessary
privileges.
NOTE: The rights and privileges of the Federation™ user
determine what the users on the Federation™ host can
see and do on the federated system. The Federation™
user must have the application privilege Federation™. Any other access rights and privileges depend on what you want to let the
Federation™ user do on your system. The Federation™ user should not be a member of the Administrators
group, as it increases the security risks if ever the associated credentials are
compromised. This could lead to a malicious user taking control of your system.
Instead, you should only grant the privileges that the Federation™ host requires to perform their operations.
After you finish
Provide the Security Center
Federation™ host with the credentials created for the
Federation™ user. The Federation™ host will use the credentials to create the Federation™ role and remotely connect to your system.