Device access

You can create role-based access to the firewall for administrators.

The default set of profiles specifies privileges for a super administrator and for some common administrator roles. The default administration user account (admin) uses the Administrator profile.

You can create custom profiles and specify their access to the web admin console on a granular basis.

To edit or view the privileges of a profile, click Edit Edit button.

Table 1. Default profiles




Super administrator with full privileges. Profile of the default admin. Can create administrators with restricted or full privileges.

Audit admin

Has read-write privileges to logs and reports.

Crypto admin

Has read-write privileges to configure security certificates.


Has read-only privileges to the auxiliary device, if high availability is configured.

Security admin

Has read-write privileges to all features, except profiles, logs, and reports.

Tip To delete a profile, make sure that it isn't assigned to an administrator.