https://community.qlik.com/t5/Management-Governance/Faster-app-level-security-rule/m-p/1824837#M19940 <P>Hi,&nbsp;<a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/48982">@thomaslg_wq</a>&nbsp;,<BR /><BR />Same issue on our side - we tried both (Groups and CP)&nbsp;<BR /><BR />From general Groups are evaluated faster - but we ran into second bottleneck - too many Active Directory attributes are import as User attribute. In some cases user has around 900 attributes which only 20 of them are related with Qlik security - however during Log in all of the groups are checked against security rules and we lose performance in HUB opening (around 40s in such cases).<BR /><BR />Maybe you found a way to workaround this? Or you have better results with CP evaluation?</P> Tue, 27 Jul 2021 12:44:36 GMT e_petrasevicius21 2021-07-27T12:44:36Z https://community.qlik.com/t5/Management-Governance/Faster-app-level-security-rule/m-p/1822722#M19883 <P>Hi everyone,</P><P>I would like to know your ideas on how to create an app level security with the fastest security rule evaluation.</P><P>Some points about the environment :&nbsp;</P><UL><LI>OEM client with :<UL><LI>&gt;100 end customers (groups of around 5 to 20 users)</LI><LI>&gt;100 streams : most of them specific for some customers, a few that can be shared across customers</LI><LI>&gt;1000 apps</LI><LI>&gt;1000 users&nbsp;</LI></UL></LI></UL><P>&nbsp;</P><UL><LI>If we were doing some app level security with custom properties, we would have &gt;1000 custom properties values<UL><LI>by user</LI><LI>or</LI><LI>by app<BR />which is totally out of the Qlik recommmandations<BR /><BR /></LI></UL></LI><LI>Is there another way ?</LI><LI>Are &gt;1000 Active Directory Groups faster to evaluate than &gt;1000 custom properties values ?</LI></UL><P>&nbsp;</P><P>In general, how do you deal with large volume of users/apps and still have a good performance of rules evaluation ?</P><UL><LI>I may have an idea of how I am going to implement this but I want your fresh ideas first <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></LI></UL><P>&nbsp;</P><P>Thanks for your ideas !</P><P>Regards,</P><P>Thomas</P> Fri, 16 Jul 2021 13:11:24 GMT https://community.qlik.com/t5/Management-Governance/Faster-app-level-security-rule/m-p/1822722#M19883 thomaslg_wq 2021-07-16T13:11:24Z https://community.qlik.com/t5/Management-Governance/Faster-app-level-security-rule/m-p/1824837#M19940 <P>Hi,&nbsp;<a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/48982">@thomaslg_wq</a>&nbsp;,<BR /><BR />Same issue on our side - we tried both (Groups and CP)&nbsp;<BR /><BR />From general Groups are evaluated faster - but we ran into second bottleneck - too many Active Directory attributes are import as User attribute. In some cases user has around 900 attributes which only 20 of them are related with Qlik security - however during Log in all of the groups are checked against security rules and we lose performance in HUB opening (around 40s in such cases).<BR /><BR />Maybe you found a way to workaround this? Or you have better results with CP evaluation?</P> Tue, 27 Jul 2021 12:44:36 GMT https://community.qlik.com/t5/Management-Governance/Faster-app-level-security-rule/m-p/1824837#M19940 e_petrasevicius21 2021-07-27T12:44:36Z https://community.qlik.com/t5/Management-Governance/Faster-app-level-security-rule/m-p/1828970#M20008 <P>Hi Edgaras,</P><P>Thanks for your input.&nbsp;</P><P>It has not been implemented yet, we are currently redesigning our whole Qlik platform, this question remains one of our main concerns.&nbsp;</P><P>How much faster would you say the groups are evaluated (how much % of improvement did you see with groups in app opening for instance ?)</P><P>I hear you on the second bottleneck... It seems there is no perfect way to do it..</P><P><SPAN>I was hoping to find some good workarounds but my post did not drag much reponse, I guess we'll have to test various workarounds ourselves <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></SPAN></P><P>Thanks again,</P> Tue, 17 Aug 2021 07:06:30 GMT https://community.qlik.com/t5/Management-Governance/Faster-app-level-security-rule/m-p/1828970#M20008 thomaslg_wq 2021-08-17T07:06:30Z https://community.qlik.com/t5/Management-Governance/Faster-app-level-security-rule/m-p/1866588#M20853 <P>Hi guys! How did this go for you?</P> <P>We are working on a similar project, so it would be interesting to hear about your findings&nbsp;<span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> Fri, 03 Dec 2021 15:03:24 GMT https://community.qlik.com/t5/Management-Governance/Faster-app-level-security-rule/m-p/1866588#M20853 gandalfgray 2021-12-03T15:03:24Z https://community.qlik.com/t5/Management-Governance/Faster-app-level-security-rule/m-p/1867510#M20873 <P><a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/22807">@gandalfgray</a></P><P><a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/48982">@thomaslg_wq</a></P><P>&nbsp;</P><P>There is some information in the Help about this subject.</P><P>&nbsp;</P><P>So that's a good place to start.</P><P><A href="https://help.qlik.com/en-US/sense-admin/November2021/Subsystems/DeployAdministerQSE/Content/Sense_DeployAdminister/QSEoW/Administer_QSEoW/Managing_QSEoW/QMC-performance-best-practices.htm" target="_blank">https://help.qlik.com/en-US/sense-admin/November2021/Subsystems/DeployAdministerQSE/Content/Sense_DeployAdminister/QSEoW/Administer_QSEoW/Managing_QSEoW/QMC-performance-best-practices.htm</A></P> Tue, 07 Dec 2021 10:52:01 GMT https://community.qlik.com/t5/Management-Governance/Faster-app-level-security-rule/m-p/1867510#M20873 Maria_Halley 2021-12-07T10:52:01Z