Search
Generic filters
Exact matches only
  1. Home
  2. Knowledge Base
  3. Security
  4. Quickstart: Enable Security for Visual KPI

Quickstart: Enable Security for Visual KPI

To make your Visual KPI websites, data and the Visual KPI Designer secure, you first need to enable security. Visual KPI supports any security model that uses IIS, such as VPN, RSA, other two-factor authentication methods, and more.

Using the Visual KPI Server Manager, you can save hours of time setting up authentication to websites. Visual KPI Server Manager integrates with IIS.

Use IIS and the Visual KPI Server Manager to enable security. Follow the general steps below to set up security. Use the links to get more detailed instructions.

1. Decouple parent inheritance in IIS

Because you may need to enable security differently at all three levels, you must first decouple the parent directory of a Visual KPI website from the children, so that the child elements do not inherit from the parent element. Learn more

Note: After enabling security in the Visual KPI website, make sure the Interface and WebService are not propagated with the same security as the website unless you’ve chosen to set up security the same at all three levels.

2. Enable security in IIS Manager

For every Visual KPI website, use IIS Manager to turn OFF anonymous access on the Visual KPI website and WebServices (hosts Visual KPI Designer). Learn more

In IIS Manager, change the following settings for Sites, Interfaces, and Webservices. Click the top-level in the parent directory to set authentication.

Enable Security for Visual KPI Sites

You’ll likely want to lock down security on the website, allowing access only to authenticated users.

Click Site>Authentication:

  • Anonymous Authentication: Disabled
  • Windows Authentication: Enabled

enable security in IIS

Enable Security for Interfaces 

Generally, the public will not have access to the Interface. You can set permissions to Anonymous using Windows authentication.

Click Interfaces>Authentication:

  • Anonymous Authentication: Enabled
  • Windows Authentication: Enabled

Enable Security for Visual KPI Designer

There are two ways to manage security for the Visual KPI Designer:

  • Leave access open (Anonymous) and only give the Visual KPI Designer software to those who need access.
  • Lock security only enabling access to approved users.

To secure access, click Webservices>Authentication:

  • Anonymous Authentication: Disabled
  • Windows Authentication: Enabled

3. Determine who gets access to websites

Once you set security in IIS, you must determine who gets access. You’ll need to set authentication for the entire website, for example. This doesn’t refer to rights assignment-who gets to see what-but rather who gets access at all. Learn more

  1. Create users and local groups with Visual KPI Server Manager.
  2. Add Active Directory Groups in IIS.
  3. Map user permissions.

4. Set up rights assignment

Once users get access to the website, what can they see? This is where you’ll set up rights assignment or object-level inheritance for users or user groups in the Visual KPI Designer. Learn more

Access Denial Messages

Any user without granted access to Visual KPI sites or virtual directories will see the following messages.

  • Visual KPI sites: a simple 403 error page
  • Visual KPI Designer: a modal dialog box telling the user they are forbidden to access the necessary Web services

Learn more about Visual KPI Security, and see the security Quickstart with an overview of all steps.

See the complete guide from Microsoft for configuring security in IIS Manager.

Was this article helpful?

Related Articles