Centralizing Access Controls and Simplifying Life for Your Users
Consider this scenario: It's 2 AM and your phone buzzes: a critical router has been misconfigured, and half your data center is offline. As you scramble to identify the cause, one question looms: who made that change? In organizations with loose access controls and few or non-existent auditing capabilities, that question can be painfully difficult to answer.
LogicVein's Net LineDancer (netLD) change tracking and config auditing features can help you answer the "who made that change?" question, and the "what was changed?" question too.
But... netLD itself also gives teams tremendous power—the ability to view, modify, and automate configurations across your entire network infrastructure. That power demands robust controls over who can do what to which assets. With strong controls in place, you'll be less likely to be woken up at night due to an unapproved or accidental change. The good news: setting up those controls doesn't need to be complicated.
RBAC's Got Your Back
Role-Based Access Control (RBAC) assigns permissions to roles rather than individual users. A "network engineer" role might have full configuration access, while a "help desk" role can only view device status. When someone joins your team, you add them to the appropriate role—no need to configure dozens of individual permissions.
You can create roles and users directly within netLD, and for small teams or lab environments, this works fine. But most organizations already have an identity management system in place. Why not use it?
LogicVein integrates with the most widely used identity platforms: Active Directory, LDAP, RADIUS, and SAML. The integration follows a consistent pattern regardless of which protocol you use: your identity system manages users and groups, netLD manages granular permissions, and a simple mapping connects the two.
Network Level Access Controls? We Do That.
For environments with distinct network segments, such as multi-tenant service provider environments, or enterprises that have implemented a distinct separation of duties per network segment, LogicVein offers an additional layer of control. When LogicVein's Smart Bridges are deployed, each connected to a different managed network, you can map external roles not just to permission sets, but also to specific networks.
This means that the network engineering team assigned to "Network A" (or "Customer A", for a service provider), can be granted full visibility and control into this network, while seeing nothing from "Network B". Role boundaries are extended to include network boundaries, enforced automatically at login.
Single Sign-On for the Win
While any external authentication method simplifies credential management, SAML (Security Assertion Markup Language) takes it a step further by enabling true Single Sign-On (SSO).
With SAML, your organization's Identity Provider (IdP), services like Okta, Microsoft Entra ID, CyberArk, or Amazon Cognito, handles all authentication. When a user navigates to netLD, they're redirected to your IdP's login page. Once authenticated there, they're seamlessly returned to netLD with appropriate access. If they've already signed into another application using the same IdP, they skip the login entirely.
Setting up SAML integration in netLD requires just a few steps:
- Export metadata from netLD: Download the SAML Metadata XML and certificate from your netLD instance.
- Register netLD with your IdP: Your IdP administrator uses the exported metadata to configure netLD as a Service Provider and provides you with the IdP's metadata in return.
- Import IdP metadata into netLD: Upload the XML document you received from your IdP administrator.
- Map roles. Connect your IdP's user groups to netLD roles and, if applicable, to specific managed networks.
That's it. Your users can now access netLD using the same credentials they use for everything else, and they'll likely thank you for it.
Choosing Your Approach
Think of authentication maturity as a progression:
- Level 1: Local users and roles
- Level 2: Directory integration
- Level 3: SAML & Single Sign-On
Local authentication gets you started quickly with no external dependencies. Directory integration centralizes credentials, so users have one less password to remember. SAML SSO delivers the best solution: centralized management and a seamless user experience across your entire application portfolio.
The effort to move up each level is modest, and the security and usability benefits compound. Start where you are, and progress when it makes sense for your organization.
Ready to Get Started?
Whichever approach fits your environment, LogicVein supports it. Watch our series of videos here or see all our features here to see how LogicVein can simplify your network operations while keeping access tightly controlled.
Ready to see LogicVein in action? Request a Demo and discover how you can simplify operations, improve reliability, and gain full network visibility.
