marcus.png


Hello Qlik Community, in this post I have the pleasure of introducing Marcus Spitzmiller. Marcus is a member of the Qlik Enterprise Architecture team focusing on enterprise deployments and best practices.  His areas of expertise include scalability and performance, deployment best practices, integration, and security.  Marcus has been with Qlik for 6.5 years. In this post he will introduce you to Qlik Sense Stream management, covering security rules and exception management.

 

Managing Qlik Sense Streams

 

At the center of Qlik Sense’s security is an attribute based access control component called the Security Rules Engine.  Qlk’s Product Manager for security, Fredrik Lautrup, ( flp )  does a great job of explaining just what that means here (https://community.qlik.com/blogs/qlikviewdesignblog/2015/03/10/why-security-rules-in-qlik-sense).

 

Administrators of Qlik Sense can leverage attributes about users, applications, streams, data connections and much more to govern user authorization (that is, who can do what) via the Security Rules Engine.

 

Qlik’s Michael Tarallo (@mto) has produced a number of great videos that describe the Qlik Management Console and the functions available within it here (https://community.qlik.com/docs/DOC-7144), and I would encourage you to review those videos in the “Management Console (QMC) Series” if you don’t yet have an understanding of concepts like Streams, Custom Properties, and User Directory Connectors.

In this video I show how you can effectively use the power of the Security Rules Engine to manage multiple groups of users, multiple streams, and do so with as little administrative maintenance as possible. 

Be on the lookout for the following best practices leveraged within this video:

  • - Build “Many to Many” Security rules to enable one stream security rule to govern many streams and many users at once.
  • - Use Custom Properties to avoid hard coding of values into Security Rules.
  • - Avoid changing the out of the box rules.  If you need to change a rule’s default behavior, disable the rule and make a copy of it.
  • - Finally, manage collections of things before you manage the thing itself.  With the concepts I detail in this video, you can manage many streams, many groups, (and by extension many data connections, and more) with little administrative overhead, and manage individual things (like applications) as an exception.

The Security Rules Engine is a tremendously powerful component of the Qlik Sense architecture, and your deployment requires planning.  As a general guideline, if you find yourself thinking “there has got to be a better way”, there probably is!  That is your cue to reach out to the many Qlik resources you have available to you through QlikCommunity, Qlik Education, Qlik Partners, Qlik Consulting, and Qlik Sales teams.

 

Enjoy the video!

 

Marcus