A partition is an entity in Security Center that defines a set of entities that are only visible to a specific group of users. For example, a partition could include all areas, doors, cameras, and zones in one building.
Partitions eliminate the tedious task of creating one-to-one relationships between users and the entities that they are allowed to see in the system. If a user doesn’t have rights to a partition, that partition and everything it contains are hidden from that user.
Each partition is defined by the following:
- List of members
- Entities that belong to the partition (areas, applications, doors, cameras, cardholders, users, and so on). Members are listed on a partition's Properties page. For more information, see Partition - Properties tab.
- List of authorized users
- Users and user groups that have the right to access the entities in the partition. A
user's privileges determine the type of access
that they have (view, add, modify, delete). Exceptions to the basic privileges of a user
can be configured for each partition the user has access to. Authorized users are listed
in the Relationships section of the partition's
Identity page. For more information, see Granting access rights for partitions.NOTE: An authorized user of a partition isn’t necessarily a member of that partition. A user who is a member of a partition isn’t necessarily an authorized user.
Benefits of partitions
Dividing your system into smaller parts has the following benefits:
- It reduces the scope of what a user can access for security reasons. For example, in a multi-site system, it might be undesirable for the security team of one site to be able to see or interfere with the activities of the security team of another site.
- It reduces the scope of a user’s work to make it more manageable. If a user is only responsible for one part of the system (one site in a multi-site system), it’s better not to distract the user with the entities the user isn’t responsible for.
System-created partitions
By default, two partitions are created in Security Center. They are invisible unless you
explicitly created other partitions in your system. The idea is that if you don’t need to
divide your system into partitions, you don’t need to see any partition at all.
- Root partition
- The root partition (
) is the partition that contains everything you create in your system.
It’s named after your main server. When there are no
user-created partitions in the system, all created entities belong to the root
partition, and all users are authorized users of the root partition. - System partition
- The System partition (
) is a partition that is exclusively managed by the system for the
purpose of always keeping certain system entities accessible to all users, such as the
Always schedule, the Default network entity, the main server entity,
the Health Monitor role, the Report Manager role, and so on. No one can alter the
System partition, not even the system administrators.
NOTE: The root partition and the System partition are the only two top level partitions in the
system. All partitions you create are subordinate to the root partition.