Securing user accounts

Applies To: Forefront Client Security

User access to Client Security can be divided into the following areas:

  • Client Security console access

  • MOM Operator console access

  • MOM Administrator console access

  • Report Manager access

It is recommended that you carefully control which users have access to these areas and assign each user to the role that provides the minimum permissions necessary for the user to perform required tasks.

User roles

Client Security administrative tasks can be assigned to a small set of roles. Based on each user's responsibilities, these roles divide access to the areas listed previously.

For a detailed discussion of Client Security user roles and minimum permissions required to fulfill each role, see Working with user roles (

For information about user access for prerequisite software, see the following topics:


To protect any user account, it is recommended that you use strong authentication credentials. If you use passwords to authenticate users accessing either console on the management server, be sure to follow best practices for creating strong passwords. For more information about creating strong passwords, see Strong Passwords (