NMIS8 is a powerful Open Source Network Management System which can support multi-user and multi-tenant scenarios, this can be useful for a Managed Service Provider or for a large IT organisation who have devices which other users are not permitted to see. The following describes how to configure that.
What is Multi-Tenancy
- Multi-Tenancy is the ability to use the same software for multiple customers (tenants)
- This should work so that when the customer logs in, the customer only sees things relating to their business, and nothing from other customers.
- Another aspect of multi-tenancy for network management systems is how to handle managed elements (nodes) with the overlapping IP addresses and address ranges.
- There are several ways which multi-tenancy can be achieved with NMIS and all solutions involve some form of physical or logical data segmentation.
- This document will address one technique for NMIS to do simple multi-tenancy.
How Simple Multi-Tenancy Works
The following diagrams shows the relationships between Users, Groups, Nodes and Customers.
- A node belongs to a group of Nodes
- A user is permitted to see all groups, or selected groups
- A customer is made up of multiple groups of nodes.
Task List for Simple Multi-Tenancy
- Define the groups for the customers
- Add nodes for the customer, selecting the groups
- Create one or more users for the customer select the corresponding groups for the user
To manage groups in NMIS access the menu option “Setup -> Add/Edit Groups”.
This will launch a small widget, which you can see the existing groups and add or delete groups.
Assuming you already have nodes in NMIS and you just need to assign them to groups, you can edit the nodes, access the nodes, use the menu item "System -> System Configuration -> NMIS Nodes (devices)".
Then edit the node you want to change and change the group, save by clicking the "Edit" button at the bottom of the widget.
To manage Users in NMIS access the menu option “System -> System Configuration -> Users”.
This will display a list of users already being managed by NMIS. You can view, add, edit, delete users from this menu.
Once viewing a user, select the groups which apply to that user (those groups of devices they are permitted to see) and click on "add" or "edit" on the bottom
By creating groups of nodes and permitting users to view those groups, you are providing a level of security to the system so that people can not things which are they not supposed to see.