Pulse Security

This article explains how to secure your Pulse system. This article starts with the security definition concepts with Pulse. At the end of this article the reader should understand of how the security of Pulse works and how to configure it according to the security requirements in their organization.

About the Security Concepts Definitions

The security structure of the Pulse server is defined in an Instance -> Permission -> Group -> User order.  The following definitions are established for the following security components as:

Instance: Each TM1 instance runs as one process (Windows service), it is commonly called a TM1 Server. In version 5.1.x of Pulse the ability to restrict access by instance has been added. Access can be restricted either via exclusion (default) or inclusion, read the Configuring Pulse to Exclude or Include Instance Security article for more information.

Permission: Defines each activity that can be performed within Pulse, these are classified as general and are instance specific, the later defines access to instance specific features.

Group: Will establish a set of permissions for an specific group of users

User: Defines the credentials of a user, a user can be a member of one or many groups.

About the built in Permissions, Groups and Users

Admin Permission: The admin permission is created as part of the installation and gives access to the user all the instances, options and settings.

Public Group: The public group defines the common security for all users, including those who aren't logged into the system. This group can be modified permission wise but cannot deleted. If you want to restrict what the public (anyone who has the Pulse URL) can see you need to modify the Public group.

Admin User: The admin user will be created as part of the installation, and cannot be deleted or modified. The password for the admin user can be reset if it is forgotten, see this article.

Pulse Permissions

As stated in the last section the roles in Pulse define the access to features within the software, the following is a list of all the roles.

General Security Access

Permission Definition
View / Edit Users Define security access to groups and users
View /Edit Configuration Access to Pulse settings
Edit Validations Modify the validation rules for the Pulse documentation
View Workbook Reports Access To the Excel Workbook open and usage reports
View TM1Web Reports Access to the TM1 Web usage reports
Import Migration Package Import Migration Packages

TM1 Instance Security

Permission Access Definition
Edit Settings Edit the instance settings
Start & Stop Services Grant access to the start and stop buttons in the live monitor
View Documentation Grant access to the documentation reports like the model spotlight and flow diagram reports
Edit Documentation Grant access to edit the documentation
View Live Monitor Access to the live monitor
View System Verification Access to the system verification reports
Technical Documentation Access to generate the technical documentation reports
Relationship Diagrams Access to generate the relationship diagram reports
Validation Reports Access to the results of the Validations
View User Reports Access to the User Usage Reports
Performance Reports Access to the Performance Reports
View Source Control Access To the Source Control Change tracking history
Create Migration package Access to the Create a Migration Package
Execute Migration Package Access To the Execution of  Migration Packages

  

 

What to do next?