Follow

Perspective System Architecture - Part 3: Security Layers

Please Refer to the Perspective System Requirements for the details on the supported versions of Windows Server and SQL Server for your version.

Connection A: Perspective Client to Perspective Web Service

There are two methods of authentication for the Perspective client. SSL Encryption is required.

  • Perspective Authentication: Requires each user have their own user ID and password within Perspective itself. A user will enter their password each time they logon to the application.
  • Active Directory® Authentication: Also known as Single Sign On. This requires setting up a Perspective group in Active Directory and adding of the user(s) to that group.

 

Connection B: Perspective Client to SQL Reporting Services

There are two methods for Perspective to connect to Microsoft® SQL Reporting Services. This is managed through the Perspective Web Service configuration.

  • Service Account: Create a local or domain account with access to SQL Reporting Services. The Perspective application will store and use these credentials to establish any connections to the reports.
  • Active Directory Authentication*: Uses the current user’s Active Directory token to make a connection to SQL Reporting Services. The Perspective group used in Connection A would require access to SQL Reporting Services.

Connections C & D: Perspective Web Service or SQL Reporting Services to SQL Server

  • SQL Authentication: Requires the setup of an SQL user account and password with access to the Perspective database and/or SQL Reporting Services databases. The Perspective Web Service will store and use these credentials to establish connections to the SQL Server®.
  • Network Service Account (Integrated Security) :The Perspective Web Service or SQL Reporting Services will use the credentials from the service account running or accessing the service to make a connection to the SQL Server.
  • Active Directory Authentication*: If using Active Directory in Connection A, the Perspective Web Service can pass through the user’s credentials to authenticate to SQL Server. This requires the Perspective group to be given access to the Perspective database.

Utilize IPSEC or Forced Encryption Protocol (FEP) for Greater Security (Optional)

*Note: Not recommended. This will also allow members of the Perspective user group direct access to SQL Reports and/or the SQL Database which will bypass Perspective’s internal security.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk