Add new users

In PathView Cloud, organization admins can add new users from the manage users page. Non-admins don’t have this privilege and won’t see the manage users page in the menu.

Change email or password

Non-admin PathView Cloud users will need to contact their org admin to change any element of their user profile except for password, which can be changed using the ‘forgot password link’ on the login page. Org admins can change any user’s password, including their own from > manage users > > reset password. Org admins can change a user’s email from the > manage users > > configure.

User roles and privileges

In order for anyone to log in, they must have a user account in some organization. After logging in, user role determines what actions are allowed. If you are an organization admin, you can create and edit user accounts, including your own, from > manage users. If you don’t see this option, then you are not an organization admin.

Manage
Role View Configure Appliances Licenses Users Orgs
Org admin
The user has advanced privileges plus access to administrative actions, e.g., manage organizations, manage users, manage snmp, and view usage activity.
Custom
Choose view only, standard, or advanced on a per-module basis; advanced still includes manage appliances and manage licenses.
Advanced
The user has standard privileges plus access to non-administrative management pages, e.g., manage appliances and manage licenses.
Standard
The user has view privileges plus access to non-administrative actions, e.g.,add path, add web app, start/stop FlowView, etc.
View only
The user can access and view information in all licensed modules, but no configuration actions, e.g., add path, add web app, start/stop FlowView, etc., are available. In addition, the user may not access any management pages, e.g., manage appliances and manage saved lists, except for a manage licenses page but with no action menus.
Add-on privileges
Advanced diagnostics View inconsistent or uncertain diagnostic results that are otherwise marked as ‘indeterminate’ and suppressed.
User resolution Display host-to-username correlations based on domain controller logs.
System config Configure system options like email server.

Login using single sign-on (SSO)

Limited support: You must be using either Active Directory with the PingOne AD Connect plugin, or a SAML-enabled identity provider (e.g., PingFederate, ADFS, SalesForce, etc.).

Trust your SAML-enabled corporate identity provider to authenticate users so that they can experience single sign-on. Browser-based single sign-on is a well-established win-win for system admins and users: admins have fewer identity silos and authentication mechanisms to maintain, and users have to remember fewer passwords and are able to seamlessly transition from one web app to another. Browser-based single sign-on in the context of AppNeta means that as an admin, you don’t have to manage a separate user directory via the manage users page, and as a user, you don’t have to log in when you click on a deep-link.

Regardless of which identity provider you’re using, some setup is required on both side on your side and ours:

  1. In your identity provider, create the following custom attributes exactly as written:

    email
    the attribute value must correspond to user email address.
    groups
    the attribute value must correspond to one or more named collection of users, each of which will eventually be mapped to an AppNeta role.
  2. Add your identity provider to AppNeta:
    1. Contact customer care and ask them to add the identity provider to your AppNeta organization. They will ask you for the following:
      1. A SAML metadata file generated by your identity provider.
      2. A keyword to use for your new federated endpoint url, which will take the form <keyword>.pv.appneta.com.
      3. The organizations that should use single sign-on.
    2. Register AppNeta as a service provider on your identity provider; support will provide you the required SAML metadata.
    3. Navigate to > manage identity provider.
    4. Select the users that should have access to AppNeta by editing the identity provider and mapping your groups to an AppNeta role. All users that intend to log in via the custom url must belong to a group that is mapped to an AppNeta role; all mapped groups will have access to all identity provider enabled organizations.
  3. Once customer care enables single sign-on, users may log in via https://<keyword>.pv.appneta.com.

Upon enabling your identity provider

  • Users in a mapped security group may sign in via through your custom url.
  • Access via pathviewcloud.com will be disabled for affected users upon logging via the custom url for the first time.

Upon disabling your identity provider:

  • Single sign-on will be disabled for the listed organizations.
  • Users in the mapped security groups will have their federated profiles convert to local profiles, which must then be managed via the manage users page.
  • Affected users must revert to logging in via pathviewcloud.com.
  • Affected users must reset their passwords via pathviewcloud.com before they can log in.
  • Notifications will continue to be delivered to affected users.

AppNeta usage-based billing

You can see your usage for the current or any previous billing period at > view usage activity. Appliance usage summary counts the number of appliances in use by type. Module Usage Summary counts the number of appliances that have used each add-on module or LAN/WAN pack. Usage-based organizations are billed monthly based on the number of appliances in the org and the modules that were used during the billing period. The billing period is a calendar month, and the billing scheme is as follows:

Usage Billability
Appliance usage
  • Assigning a usage-based license to an appliance activates usage-based billing for that appliance. Activation itself has an associated charge, and AppNeta begins monitoring for further billable usage. The activation charges are tallied in the ‘activation’ column on the manage licenses page.
  • You are billed for every appliance in your organization, regardless of its operational status (e.g, or ).
Module and path usage
  • During the appliance-activation month, you may use any module and create an unlimited number of LAN/WAN paths without incurring a charge. On the manage license page, the modules and LAN/WAN packs that will become billable are tallied in the ‘activation-trial’ column.
  • After the appliance-activation month, you are billed for every module and LAN/WAN packs used during the billing period. For example, if 5 WAN paths are included in the base license, if at any time during the billing cycle you configure a 6th WAN path, usage is triggered. Modules and LAN/WAN packs used during the billing period are tallied in the ‘usage’ column on the manage appliances page.
  • All paths regardless of status count towards usage.
Add-on module usage
  • You are billed for any add-on module used during the billing period. Remember that basic voice assessments are included in the base license, so they will not trigger PathView Voice billing.
  • The snmp trap license is excluded from usage-based billing.