A partition is a type of entity that defines a set of entities that are only visible to a specific group of users. For example, a partition could include all areas, doors, cameras, and zones in one building.
Partitions eliminate the tedious task of creating one-to-one relationships between users and the entities they are allowed to see in the system. If a user has no rights to a partition, that partition and everything it contains are hidden from that user.
Each partition is defined by the following:
- List of members:Entities that belong to the partition (areas, doors, cameras, cardholders, users, and so on).
- List of authorized users:Users and user groups that have the right to access the entities in the partition. The type of access each user has (view, add, modify, delete) is determined by the privileges of each individual user. Exceptions to the basic privileges of a user can be configured for each partition the user has access to.NOTE: An authorized user of a partition is not necessarily a member of that partition, nor is a user who is a member of a partition necessarily an authorized user.
Benefits of partitions
Dividing your system into smaller parts has the following benefits:
- It reduces the scope of what a user can access for security reasons. For example, in a multi-site system, it might be undesirable for the security team of one site to be able to see or interfere with the activities of the security team of another site.
- It reduces the scope of a user’s work to make it more manageable. If a user is only responsible for one part of the system (one site in a multi-site system), it is better not to distract the user with the entities the user is not responsible for.
System-created partitions
By default, two partitions are created in Security
Center. They are invisible unless you explicitly
created other partitions in your system. The idea is that if you do not need to divide your
system into partitions, you do not need to see any partition at all.
- Root partition:The root partition (
) is the
partition that contains everything your create in your system. It is named after your
main server. When there are no user-created partitions in
the system, all created entities belong to the root partition, and all users are
authorized users of the root partition. - System partition:The System partition (
) is a
partition that is exclusively managed by the system for the purpose of always keeping
certain system entities accessible to all users, such as the Always schedule,
the Default network entity, the main server entity, the Health Monitor role,
the Report Manager role, and so on. No one can alter the System partition, not even
the system administrators.
NOTE: The root partition and the System partition are the only two top level partitions in the
system. All partitions you create are subordinate to the root partition.
