Administration activity helps you to view your account details, manage security options, administrators, users and user profiles, partnerships and connection to external accounts used for subscription management and SMS sending.
The activity is organized into sections designed to help you configure and manage your account:
The Administration functionality is now part of My Account section, consolidating similar functionalities in one location. As such, it can be accessed from the AirVantage portal by clicking on the User Menu and selecting My Account:
The account details section displays:
The Support section contains all of the information on resources you might need, including:
The Address book section contains all delivery contacts that you may ship an order to. Those contacts don’t have an AirVantage account, they are only used for orders reception
The Users section displays the list of users already created. It provides the following features (only administrators or users with the associated permission can take these actions):
Profiles apply to users and partners. It defines which entities and features are accessible/available to a given user.
Pre-defined profiles are available in the company, but an administrator can create additional profiles. Profiles are listed in the Administration > Profiles section and can be reviewed and edited from the Profile Details page.
From the Profiles section you can:
Profile details are divided into different sections:
The Account Network tab defines which entities (company, labels, partners, users, … ) can be administered.
Operator / SMS accounts
The Accounts tab defines account related activities (ordering, invoicing) that can be performed.
The Device tab defines whether or not you are allowed to do device management operations – namely, reboot, wakeup, synchronize, configure heartbeat – on systems.
Defines which operations can be performed on entities.
The User Interface tab defines which activities can be visible to the user.
The Server tab configures server events for pop-up notifications on the bottom-right of the screen for operations and reports completion, and alerts.
Partners are other companies that are connected to you in some way. When a partner is added to your network, you select a profile to restrict access to all their users when they access to your company. It is possible to define a profile with No rights to a partner.
The Partners section displays your list of partners. It provides the following features:
The security options described hereafter are based on user or device connection restrictions. Those options are configurable per company. These restrictions help protect your data from unauthorized access and phishing attacks. The security section also covers the management of company administrators.
To access the security section, from My Account click on Administration > Security:
The two-factor authentication (2FA) option enables two-stage verification to double check the identity of a user trying to login to ALMS. It combines the standard login based on a user name and password (“something the user knows”) with an additional factor “something the user has”.
When this option is activated, after entering credentials on the login page, the user will have to provide the 6 character code (a one time password) the user will receive in a SMS on their phone. The SMS is sent by ALMS to the phone number configured in the user’s detail form. This 2FA will be required at every log in for every user of the company.
For the 2FA feature to operate correctly, all users in the company MUST have a phone number in their user profile. In additon, once 2FA is activated in the company, all new users will require a phone number.
To enable two-factor authentication in your company, please contact your reseller or our support team.
The User IP filtering option enables you to restrict users login based on the IP addresses they are logging from. You can therefore use this option and configure it with your organization trusted IP Range.
As input, you can provide:
Once option is activated, a user trying to log from an IP address not in the authorized list will be denied access to AirVantage.
The Device IP filtering option enables you to filter devices access based on the IP addresses they communicate from. You can therefore use this option and configure it with your organization trusted IP Range.
As input, you can provide:
If your devices are communicating through a VPN to AirVantage, you should use the range “10.191.0.0” to “10.191.255.255” for NA and “10.193.0.0” to “10.193.255.255” for EU to ensure every device communication comes from within the VPN.
If you are not using a VPN to AirVantage, you can still use this option. As the IP address allocated to devices depend on your operator, to help you with the configuration of the option, you can find the external IP address detected by AirVantage for each system in the timeline of this specific System.
Once option is activated, a device trying to communicate from an IP address not in the authorized list will be denied access to AirVantage.
Single sign-on (SSO) refers to the ability for AirVantage users to log in with their enterprise credentials to get access to AirVantage seamlessly as they do for most applications they are using in their day to day work. SSO solves key problems for the business by providing:
The SSO option requires your identity provider to support OpenID Connect (OIDC) as authentication protocol. To enable single sign on in your account, please contact your reseller or your Sierra sales representative.
Once single sign on option will be enabled in your account, you can refer to the How to configure SSO for my account?
Company administrators are the only ones who can edit the security configuration, create new users or profiles.
An administrator can promote any user from the company, and also add users from partner companies to the role of company administrator: choose the partner click in the Administrators field to select users from the partner.
AirVantage requires the user to authenticate with the system to provide access. As part of the standard security options AirVantage prevents users from making multiple erroneous login attempts. The system requires a user to wait a random amount of time between two login attempts. This prevents automated systems from attempting to brute force user passwords.
The External Accounts section is where you can configure connectors to operator and SMS accounts.
Operator accounts are used for 3rd party subscription management. It holds the company configuration and credentials to access the 3rd party subscription management platform. Depending on the integration implemented with the given operator, you’ll be able to do the following actions on the declared 3rd party subscription: synchronize status from the operator network, suspend or resume the subscription, activate or terminate a subscription. An operator account can be associated with SMS accounts that can be used when AirVantage send an SMS to a subscription of this account.
When using Sierra SIMs, the operator accounts are automatically added and configured in this section.
Both sections provide the following features to :
This section provides you with helpful procedures for common tasks.