Device Access

Device Configuration > System > Profiles > Device Access

Role-based administration capabilities are provided to offer greater granular access control and flexibility.

It allows an organization to separate super administrator's capabilities and assign through Profiles. Profiles are a function of an organization's security needs and can be set up for special-purpose administrators in areas such as policy administration, network administration, and logs administration. Profiles allow granting permissions to individual administrators depending on their role or job need in the organization.

The profile separates device features into access control categories for which you can enable none, read only, or read-write access.

The Profiles list shows the default and custom profiles you have created and enables you to add, edit, and delete the profiles.

For ease of use, by default the device provides 5 profiles:

  • Administrator – super administrator with full privileges
  • Audit Admin – read-write privileges for Logs & Reports only
  • Crypto Admin – read-write privileges for Certificate configuration only
  • HA Profile – read-only privileges. If HA is configured, any user accessing Web Admin Console of Auxiliary device will have privileges as defined in HA Profile.
  • Security Admin – read-write privileges for all features except Profiles and Log & Reports

An Administrator with full privileges can create other custom administrators and assign them restricted/full privileges. A custom administrator so created, if has restricted privileges, can only update their Email Address and password.

  • You cannot delete the default profiles.
  • You cannot delete the profile which is already assigned to administrator.

Access Denied page

Device provides role-based administration capabilities and privileges are assigned to the Administrator through Profiles. Administrator can have read only, read-write or no access privilege for the pages of Web Admin Console.

Access denied page is displayed when the Administrator tries to access a page or perform the operation, which is not allowed to him/her.