Customizing Access Levels per Web Page
The Customize Access Level table lets you configure up to 100 customized access rules. These rules assign read-write (view and configure) or read-only (view) privileges to management user levels (Monitor, Administrator, or Security Administrator) per page in the device's Web interface. These rules override the default read-write and read-only privileges of these user levels (as described in Configuring Management User Accounts). Whatever user level is specified, the rule applies to that level and all levels that are higher than that level (Security Administrator is the highest user level and Monitor is the lowest user level). If you attempt to open a page for which you don't have access privileges, the page displays the message "Your access level doesn't allow you to view this page".
For security reasons, some pages (e.g., the TLS Contexts page) cannot be customized in this table.
The following table provides a few configuration examples to facilitate your understanding of assigning read-write and read-only privileges to user levels per Web page.
|
Page Name |
Read-Write |
Read-Only |
Description |
|---|---|---|---|
|
CLI Settings |
Monitor |
Monitor |
Assigns read-write (and read-only) privileges to Monitor users for the CLI Settings page. As this is the lowest user level, it means that all higher user levels (i.e., Administrator and Security Administrator) are also assigned full read-write privileges. |
|
Firewall |
Security Administrator |
Monitor |
Assigns read-write privileges to Security Administrator users for the Firewall page. As this is the highest user level, only Security Administrator users have write privileges for this page. In addition, as this rule assigns read-only privileges to Monitor users, which is the lowest user level, all higher user levels (i.e., Administrator and Security Administrator) are also assigned read-only privileges. |
|
TLS Contexts |
Security Administrator |
Security Administrator |
Assigns read-write privileges to Security Administrator users for the TLS Contexts page. As this is the highest user level, no other user level can access (read) or configure (write) this page. |
The following procedure describes how to configure customized access level rules through the Web interface. You can also configure it through ini file [WebPagesAccessLevel].
| ➢ | To customize access levels: |
| 1. | Open the Customize Access Level table (Setup menu > Administration tab > Web & CLI folder > Customize Access Level). |
| 2. | Click New; the following dialog box is displayed: |
| 3. | Configure the rule according to the parameters described in the table below. |
| 4. | Click Apply, and then save your settings to flash memory. |
Customize Access Level Table Parameter Descriptions
|
Parameter |
Description |
|||||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
'Index' [Index] |
Defines an index number for the new table row. Note: Each row must be configured with a unique index. |
|||||||||
|
'Page Name' [PageNameFromTree] |
Defines the Web page whose access level you want to customize. Note: For security reasons, some pages are not listed under this parameter and therefore, cannot be customized. |
|||||||||
|
'Read-Write Access Level' [RWAccessLevel] |
Defines the minimum user level to which you want to assign read-write access privileges for the selected Web page.
|
|||||||||
|
'Read-Only Access Level' [ROAccessLevel] |
Defines the minimum user level to which you want to assign read-only access privileges for the selected Web page.
Note: The user level must be the same or lower than the user level you configured in the 'Read-Write Access Level' parameter. For example, you cannot assign read-only privileges to the Security Administrator if you have assigned read-write privileges to the Administrator. |