VBrick Systems ETV v3.1 Server User Manual


 
ETV Portal Server Administrator Guide 45
Chapter 3
Access Control
Overview
Adding the EtherneTV system to a network provides many benefits in the form of increasing
access to rich media. However, because of the sensitive nature of some video assets, many
customers want to limit access to different users or groups of users. VBrick's EtherneTV
Portal Server allows Administrators to setup the system in just this manner. The ETV Portal
Server makes it easy to provide different Users or User Groups access to different resources.
The ETV Portal Server Access Control system allows administrators to allow/deny access to
the portal server for Windows-based PCs, Macintoshes, and Set-Top Boxes:
Viewing of certain Live Channels
Viewing of stored content from specific VoD folders
Publishing content to specific VoD folders
Recording content to a specific VoD folder
Allow the viewing of content from only specific VoD servers on the network
The ability to place bandwidth restrictions for viewing content
The ability to limit certain users to only access Multicast or RTSP (unicast) content
The ability to group content resources (Live Channels and/or VoD content) into
Resource Groups, which allows the setup and modification of the Access Control
functionality to take place much more easily.
The ETV Portal Server is permissive by default, meaning, authentication is not enabled and
access to the entire functionality of the server is allowed. However, to follow good security
practices, once the Access Control functionality is enabled on the Portal Server, all resources
are by default not available to any users. Administrators need to provide access to resources to
different users or user groups.
Topics in this chapter
Overview
STB Authentication
Users
User Groups
Resource Groups
Definitions
The ability to provide different users different access to resources on a network is typically
referred to as access control, authentication and authorization, and/or access management.
VBrick refers to this functionality as Access Control. In order to fully understand the range of