Security considerations

Control‑M/Server includes security features that protect Control‑M against unauthorized usage or modification. These features enhance the standard UNIX and Windows security, and provides an additional application-level security layer. Using Control‑M security, you can specify actions that each Control‑M/EM user or Control‑M/Server user is authorized to perform. These authorizations are used to perform security checks each time one of the following actions is attempted:

• Accessing a Folder (to add, delete, or modify a job definition)
• Ordering, selecting and submitting a job.
• Commands affecting jobs in Active Jobs database (for example, Hold, Confirm, Rerun).
• Maintenance of Control‑M entities (for example, calendars, prerequisite conditions).

Security verifications for the above actions are implemented according to the specifications in a database of authorizations. This database can be modified by the security officer or systems manager to meet the needs of the enterprise. For more information, see Security maintenance utility (Interactive mode)

Control‑M provides the following levels of application security for users not explicitly defined in the Control‑M Security database:

• Restricted: A user not defined in the Control‑M Security database is regarded as having no authorizations and cannot perform any function requiring security authorization.
• Unrestricted: A user not defined in the Control‑M Security database is regarded as having all Control‑M application authorizations.

The security level is determined by the value of the Control‑M system parameter Full Security. If SSL is installed, Secure Sockets Layer encryption and compression provide security for Control‑M/Server communication with Control-M/EM and Control‑M/Agents. For more information, see the SSL Management.

Regardless of which level is implemented, a user, for whom one or more authorizations have been assigned in the Security database, can only perform those actions. The user of each job processing definition must be defined as a user on the agent computer, otherwise, Control‑M/Agent will not execute the job.

When working with the Control‑M/Server Security facility, wildcard characters are available for all options. Wildcard characters * and $ are translated during runtime security checking. (For example, if User1 is granted full Folder authorization for folder ACC*, Control‑M allows User1 to update or order any folder whose name starts with ACC).

Valid wildcard characters:
    *  represents any number of characters (including none).
    $  represents a single character.
Wildcard character authorizations do not override full name authorizations. (For example, if User1 from the example above is also defined to have only Read privileges for ACC999, Control‑M will not allow User1 to update or order folder ACC999).