Administration activity helps you to view your account details, manage security options, administrators, users and user profiles, partnerships and connection to external accounts used for subscription management and SMS sending.
The activity is organized into sections designed to help you configure and manage your account:
The Administration functionality is part of the My Account section, consolidating similar functionalities in one location. As such, it can be accessed from ALMS by clicking on the User Menu and selecting My Account:
The account details section displays the following items:
The Support section contains all of the information on how to get support for ALMS, including:
The address book contains contacts in your account who you may ship your orders to.
You can create as many contacts as required, and these users will be listed as options when you create a new order. These contacts do not have an AirVantage user account for access to your account – they are only used for orders delivery. If you need to create users for access to your AirVantage account, see the Users section below.
The Users section displays the list of users in the account and the user profile associated with each user. It provides the following features:
Note: Only administrators or users with the associated permission can take these actions.
Account administrators are managed in the Security section.
Profiles define which system entities and features are accessible/available to a given user.
Pre-defined profiles are available in the account and administrators can create additional profiles.
Profiles are listed in the Administration > Profiles section and can be reviewed and edited from the Profile Details page.
From the Profiles section you can:
For additional information see Managing Profiles.
Partners are other companies that are connected to you in some way. When a partner is added to your network, you select a profile to restrict access to all their users when they access to your company. It is possible to define a profile with No rights to a partner.
The Partners section displays your list of partners and provides the following features:
The security options described hereafter are based on user or device connection restrictions. Those options are configurable per company. These restrictions help protect your data from unauthorized access and phishing attacks. The security section also covers the management of company administrators.
To access the security section, from My Account click on Administration > Security:
The User IP filtering option enables you to restrict a user’s login based on the IP addresses they are logging in from. You can configure this option with your organization’s trusted IP range.
As input, you can provide:
Once this option is activated, a user trying to log in from an IP address not in the authorized list will be denied access to AirVantage.
The Device IP filtering option enables you to filter devices access based on the IP addresses they communicate from. You can configure this option with your organization’s trusted IP range.
As input, you can provide:
If your devices are communicating through a VPN to ALMS, you should use the range “10.191.0.0” to “10.191.255.255” for NA and “10.193.0.0” to “10.193.255.255” for EU to ensure every device communication comes from within the VPN.
If you are not using a VPN to AirVantage, you can still use this option. As the IP address allocated to devices depend on your operator, to help you with the configuration of the option, you can find the external IP address detected by ALMS for each system in the timeline of this specific system.
Once this option is activated, a device trying to communicate from an IP address not in the authorized list will be denied access to AirVantage.
The two-factor authentication (2FA) option enables two-stage verification to double check the identity of a user trying to login to ALMS. It combines the standard login based on a username and password (“something the user knows”) with an additional factor “something the user has”.
When this option is activated, after entering credentials on the login page, the user will have to provide the six-character code (a one-time password) the user will receive in a SMS on their phone. The SMS is sent by ALMS to the phone number configured in the user’s detail form. This 2FA will be required at every log in for every user of the company.
For the 2FA feature to operate correctly, all users in the company MUST have a phone number in their user profile. In addition, once 2FA is activated in the company, all new users will require a phone number.
To enable two-factor authentication in your company, please contact your reseller or our support team.
Single sign-on (SSO) refers to the ability for AirVantage users to log in with their enterprise credentials and access AirVantage as seamlessly as they do for most applications that they use in their day to day work. SSO solves key problems for the business by providing:
The SSO option requires your identity provider to support OpenID Connect (OIDC) as authentication protocol. To enable single sign on in your account, please contact your reseller or your Sierra sales representative.
Once the SSO option is enabled for your account, you can refer to the How to configure SSO for my account? to finalize the setup.
Company administrators are the only ones who can edit the security configuration, create new users, or create new profiles.
An administrator can promote any user from the company, and also add users from partner companies to the role of company administrator: choose the partner and click in the Administrators field to select users from the partner.
AirVantage requires the user to authenticate with the system to provide access. As part of the standard security options AirVantage prevents users from making multiple erroneous login attempts. The system requires a user to wait a random amount of time between two login attempts. This prevents automated systems from attempting to brute force user passwords.
The External Accounts section is where you can configure connectors to operator and SMS accounts.
Operator accounts are used for third-party subscription management. It holds the company configuration and credentials to access third-party subscription management platforms. Depending on the integration implemented with the given operator, you’ll be able to do the following actions on the declared third-party subscription:
An operator account can be associated with SMS accounts that can be used when AirVantage sends an SMS to a subscription of this account.
When using Sierra SIMs, the operator accounts are automatically added and configured in this section.
The Operator Accounts section provides the following features:
The SMS Accounts section provides the following features:
This section provides you with helpful procedures for common tasks.