Administration activity helps you to view your account details, manage security options, administrators, users and user profiles, partnerships and connection to external accounts used for subscription management and SMS sending.
The activity is organized into sections designed to help you configure and manage your account:
The Administration functionality is now part of My Account section, consolidating similar functionalities in one location. As such, it can be accessed from ALMS by clicking on the User Menu and selecting My Account:
The account details section displays:
The Support section contains all of the information on how to get support for ALMS, including:
The Users section displays the list of users already created. It provides the following features:
Profiles apply to users and partners. It defines which entities and features are allowed to this user. A profile can be reviewed and set from its Profile Details page.
The Profiles section displays the list of profiles already created. It provides the following features:
Profile details are divided into four tabs:
The Account Network tab defines which entities (company, partners, users, labels, … ) can be administered.
Operator / SMS accounts
The Device tab defines whether or not you are allowed to do device management operations – namely, reboot, wakeup, synchronize, configure heartbeat – on systems.
Defines which operations can be performed on entities.
The User Interface tab defines which activities can be visible to the user.
Partners are other companies that are connected to you in some way. When a partner is added to your network, you select a profile to restrict access to all their users when they access to your company. It is possible to define a profile with No rights to a partner.
The Partners section displays your list of partners. It provides the following features:
The security options described hereafter are based on user or device connection restrictions. Those options are configurable per company. These restrictions help protect your data from unauthorized access and phishing attacks. The security section also covers the management of company administrators.
To access the security section, from My Account click on Administration > Security:
The two-factor authentication (2FA) option enables two-stage verification to double check the identity of a user trying to login to ALMS. It combines the standard login based on a user name and password (“something the user knows”) with an additional factor “something the user has”.
When this option is activated, after entering credentials on the login page, the user will have to provide the 6 character code (a one time password) the user will receive in a SMS on their phone. The SMS is sent by ALMS to the phone number configured in the user’s detail form. This 2FA will be required at every log in for every user of the company.
For the 2FA feature to operate correctly, all users in the company MUST have a phone number in their user profile. In additon, once 2FA is activated in the company, all new users will require a phone number.
To enable two-factor authentication in your company, please contact your reseller or our support team.
The User IP filtering option enables you to restrict users login based on the IP addresses they are logging from. You can therefore use this option and configure it with your organization trusted IP Range.
As input, you can provide:
Once option is activated, a user trying to log from an IP address not in the authorized list will be denied access to ALMS.
The Device IP filtering option enables you to filter devices access based on the IP addresses they communicate from. You can therefore use this option and configure it with your organization trusted IP Range.
As input, you can provide:
If your devices are communicating through a VPN to ALMS, you should use the range “10.191.0.0” to “10.191.255.255” for NA and “10.193.0.0” to “10.193.255.255” for EU to ensure every device communication comes from within the VPN.
If you are not using a VPN to ALMS, you can still use this option. As the IP address allocated to devices depend on your operator, to help you with the configuration of the option, you can find the external IP address detected by ALMS for each system in the timeline of this specific System.
Once option is activated, a device trying to communicate from an IP address not in the authorized list will be denied access to ALMS.
Company administrators are the only ones who can edit the security configuration, create new users or profiles.
An administrator can promote any user from the company, and also add users from partner companies to the role of company administrator: choose the partner click in the Administrators field to select users from the partner.
AirVantage requires the user to authenticate with the system to provide access. As part of the standard security options AirVantage prevents users from making multiple erroneous login attempts. The system requires a user to wait a random, exponentially increasing amount of time between unsuccessful login attempts. This prevents automated systems from attempting to brute force user passwords.
In addition to preventing this incorrect login attempts, the system also records all login attempts, both successful and failures. There is an API that users can call to access the log of these attempts
The External Accounts section is where you can configure connectors to operator and SMS accounts.
Operator accounts are used for subscription management, it gives access in ALMS to more features on the subscription: synchronize status from the operator network, suspend or resume the subscription, activate or terminate a subscription. An operator account can be associated with SMS accounts that can be used when ALMS send an SMS to a subscription of this account.
Both sections provide the following features to :
This section provides you with a number of helpful task-oriented procedures showing you how to.