NFA User privledged users can see devices or interfaces not assigned to their group
Article ID: 425486
Updated On:
Products
Issue/Introduction
While using NetOps Network Flow Analysis, you may run into an issue where user privledged users with specifically assigned interface groups can see interfaces not currently assigned to them.
For example a user is logged in and can search for this interface above. They should not be permitted to see this interface.
Environment
NetOps Network Flow Analysis
Cause
This is due to how the Interface Groups are established in the NetOps Portal. If older non-present Data Aggregator interfaces on a device have their ifindex reused by new interfaces and these interfaces are elected to be synced to the Portal, it could cause conflicts for the Portal group rules sync.
Resolution
The best option is to simply go to the NetOps Portal and navigate and select the Administration > Data Sources > Data Sources page.
Edit the Data Aggregator data source and de-select the, "Synchronize component items that are not currently present on the monitored device", option.
Save the changes. You could wait for the incrimental syncs to remove any non present interfaces or you could do a full sync with Data Aggegator and then Network Flow Analysis to make the changes occur faster.
In the end, this should resolve any conflicts and user level users should not have issues with seeing interfaces not assigned to their groups.
Feedback
