Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

ON THIS PAGE

Create a Tenant System

 

You can add tenant systems in bulk or add individual tenant system at a time.

Add Tenant Systems in Bulk

To add tenant systems in bulk:

  1. Select Devices > Security Devices.

    The Security Devices page is displayed.

  2. Select a root device, right-click and select Create Tenant System.

    The Create Tenant System (TSYS) page is displayed.

  3. Click Add Bulk TSYS.

    The Add Bulk Tenant System (TSYS) page is displayed.

  4. Complete the configuration according to the guidelines given in Table 1.
  5. Click Add.

    The Create Tenant System (TSYS) page is displayed. Review the tenant system details.

  6. Select the tenant system and click the pencil icon to modify the details, if required.

    You can also provide the user class and interface for tenant systems. Tenant System configuration parameters cannot be edited after you click Preview Configuration or Create.

  7. Click Create to create the tenant system.

    The Job Details page is displayed with update tenant system device job and its status.

  8. Click OK.

    If the job is successful, the tenant system is created and displayed in the Security Devices page. The root device name is displayed beside the tenant system device name. You can click on the tenant system device name link to see the device details.

Add Individual Tenant System at a Time

Alternatively, you can create individual tenant systems at a time. To create individual tenant system at a time:

  1. Select Devices > Security Devices.

    The Security Devices page is displayed.

  2. Select a root device, right-click and select Create Tenant System.

    The Create Tenant System (TSYS) page is displayed.

  3. Click the + icon.

    The Create Tenant System (TSYS) page is displayed.

  4. Complete the configuration according to the guidelines given in Table 1.
  5. Click Add.

    The Create Tenant System (TSYS) page is displayed. Review the tenant system details.

  6. Select the tenant system and click the pencil icon to modify the details, if required.

    Tenant System configuration parameters cannot be edited after you click Preview Configuration or Create.

  7. Click Create to create the tenant system.

    The Job Details page is displayed with update tenant system device job and its status.

  8. Click OK.

    If the job is successful, the created tenant system is displayed in the Security Devices page. The name of the root device is displayed beside the tenant system device name. You can click on the root device name to see the root device details.

Table 1: Add Bulk Tenant System

Parameters

Description

General Details

Tenant System Name

A tenant system name can be a maximum of 63 characters and can include alphanumeric characters, dashes, and underscores.

Number of TSYS(s)

Select the number of tenant systems that you want to create.

You can create a maximum of 499 tenant systems.

Note: The tenant system name uses the number as prefix for the selected count. You can review the details of the tenant system and modify the name, if required.

Routing Instance Name

Enter the routing instance name. A routing instance system name can be a maximum of 63 characters and can include alphanumeric characters and dashes.

Routing Instance Type

Select the routing instance type from the list.

Security Profiles
 

To distribute security resources across tenant systems, you can create security profiles that specify the type and amount of resources to be allocated. You can create security profile and bind it to more than one tenant system, if you want to allocate the same type and amount of resources to them.

When a device is discovered in Security Director for the first time, you can see the list of security profiles, if any, while creating a tenant system. Alternatively, you can create security profiles in Security Director.

A security profile is mandatory to create a tenant system. Each security profile contains resources with a range based on the devices. You can manage the resources by allocating reserved and maximum values.

Select a security profile, which will be bound to the tenant system.

To create a security profile:

  1. Click the + icon.

    The Create Security Profile page is displayed.

  2. Complete the configuration according to the guidelines given in Table 2.
  3. Click Save.

    The Job Details page is displayed with the status of update security profile job. If the job is successful, the security profile is created.

To edit the security profile, select a security profile and click the pencil icon.

User Class Details

Select a user class. Each user is assigned to a class, which defines the user permissions.

Note: User class details section is available only when you create individual tenant system at a time. When you create a tenant system in bulk, you can provide the user class when you edit the tenant system as mentioned in 6 in Add Tenant Systems in Bulk.

Assign Interfaces

Select an interface.

To add logical interface:

  1. Click Add Logical Interface.

    The corresponding logical interfaces page is displayed.

  2. Click the + icon.

    The Add Logical Interface page is displayed.

  3. Enter the following details:

    • Logical Interface Unit—Enter the name of the logical interface, which must be a number from 0 through 2147483647.

    • Description—Enter a valid description for logical interface. The maximum limit is 255 characters.

    • VLAN ID—Select the VLAN ID. If the VLAN tagging is enabled, then the VLAN ID is mandatory.

    • IPv4 address—Enter the IPv4 address and the subnet mask.

    • IPv6 address—Enter the IPv6 address and the subnet mask.

Note: User class details section is available only when you create individual tenant system at a time. When you create tenant systems in bulk, you can provide the user class when you edit the tenant system as mentioned in 6 in Add Tenant Systems in Bulk.

Table 2: Security Profile

Parameters

Description

General Settings

Security Profile Name

Enter a valid unique name. The name must contain only letters and numbers. Note that the security profile name must be unique for the selected root device.

Resource Allocation

Select the type of resource and allocate the reserved and maximum value for the selected resource.

Each security profile contains resources with a range based on the devices. You can manage the resources by allocating reserved and maximum values.

Reserved

It guarantees that the specified resource amount is always available to the logical system. If a reserved quota is not configured for a resource, the default value is 0.

Maximum

If a logical system requires more resource than its reserved amount allows, it can utilize resources configured for the global maximum amount if they are available—if they are not allocated to other logical systems. The maximum allowed quota specifies the portion of the free global resources that the logical system can use. The maximum allowed quota does not guarantee that the amount specified for the resource in the security profile is available.

If a maximum allowed quota is not configured for a resource, the global system quota for the resource is used as a default value. Global system quotas are platform-dependent.

Related Documentation