Customizing Access Levels per Web Page
The Customize Access Level table lets you configure up to 100 Customize Access Level rules. These rules assign read-write (view and configure) and read-only (view) privileges to Web interface pages based on management user levels (Monitor, Administrator, and Security Administrator).
The user level you assign for a page applies to that level and all higher levels. For example, if you grant read-write access for the RADIUS Servers page to the Administrator user level, the Security Administrator user level also inherits read-write access. You can restrict (block) access for a page by specifying a high user level for read-only access. For example, if you grant read-only access to the RADIUS Servers page to the Administrator user level, it means that Monitor users won't be able to access this page.
If you try to open a page for which you don't have access privileges because of your user level, the page displays the following message: "Your access level doesn't allow you to view this page".
| ● | Customized Access Level rules override the default read-write and read-only privileges assigned to the user levels (see Configuring Local Management User Accounts). |
| ● | The highest user level is Security Administrator and the lowest is the Monitor user level. |
| ● | Read-only access level must be the same or lower than the read-write access level. For example: |
| ✔ | Read-Write Access Level = Security Administrator |
| ✔ | Read-Only Access Level = Administrator |
| ● | For parent-child tables, the access level of the child table must be the same or higher than the parent table. For example: |
| ✔ | Parent table: Read-Write Access Level = Administrator Read-Only Access Level = Administrator |
| ✔ | Child table: Read-Write Access Level = Security Administrator Read-Only Access Level = Administrator |
The following table provides configuration examples to facilitate your understanding of assigning read-write and read-only privileges to user levels per Web page.
|
Index |
Page Name |
Read-Write |
Read-Only |
Description |
|---|---|---|---|---|
|
0 |
RADIUS Servers |
Monitor |
Monitor |
Assigns read-write (and read-only) privileges for the RADIUS Servers page to Monitor users. As this is the lowest user level, it means that all higher user levels (i.e., Administrator and Security Administrator) also have read-write access. |
|
1 |
Firewall |
Security Administrator |
Monitor |
Assigns read-write privileges for the Firewall page to Security Administrator users. As this is the highest user level, only Security Administrator users have write privileges for this page. This rule also assigns read-only privileges to Monitor users, which means that all higher user levels (i.e., Administrator) also have read-only privileges. |
|
2 |
SNMP Community Strings |
Security Administrator |
Administrator |
Assigns read-write privileges for the SNMP Community Strings page to Security Administrator users. As this is the highest user level, only Security Administrator users have write privileges for this page. This rule also assigns read-only privileges to Administrator users, which means that Monitor users can't access this page. |
|
3 |
TLS Contexts |
Security Administrator |
Security Administrator |
Assigns read-write (and read-only) privileges for the TLS Contexts page to Security Administrator users. As this is the highest user level, no other user level can access (read) or configure (write) this page. |
The following procedure describes how to configure customized access level rules through the Web interface. You can also configure it through ini file [WebPagesAccessLevel].
| ➢ | To customize access levels: |
| 1. | Open the Customize Access Level table (Setup menu > Administration tab > Web & CLI folder > Customize Access Level). |
| 2. | Click New; the following dialog box is displayed: |
| 3. | Configure the rule according to the parameters described in the table below. |
| 4. | Click Apply, and then save your settings to flash memory. |
Customize Access Level Table Parameter Descriptions
|
Parameter |
Description |
|||||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
'Index' [Index] |
Defines an index number for the new table row. Note: Each row must be configured with a unique index. |
|||||||||
|
'Page Name' [PageNameFromTree] |
Defines the Web page whose access level you want to customize. Note: For security reasons, some pages are not listed under this parameter and therefore, cannot be customized. |
|||||||||
|
'Read-Write Access Level' [RWAccessLevel] |
Defines the minimum user level to which you want to assign read-write access privileges for the selected Web page.
|
|||||||||
|
'Read-Only Access Level' [ROAccessLevel] |
Defines the minimum user level to which you want to assign read-only access privileges for the selected Web page.
Note: The user level must be the same or lower than the user level you configured in the 'Read-Write Access Level' parameter. For example, you can't assign read-only privileges to the Security Administrator if you assigned read-write privileges to the Administrator. |