Web Interface Access Privileges

If you want to prevent a role-based administrator from accessing specific tabs on the web interface, you can disable the tab and the administrator will not even see it when logging in using the associated role-based administrative account. For example, you could create an Admin Role Profile for your operations staff that provides access to the
Device
and
Network
tabs only and a separate profile for your security administrators that provides access to the
Object
,
Policy
, and
Monitor
tabs.
An admin role can apply at the
Device
level or
Virtual System
level as defined by the
Device
or
Virtual System
radio button. If you select
Virtual System
, the admin assigned this profile is restricted to the virtual system(s) he or she is assigned to. Furthermore, only the
Device
Setup
Services
Virtual Systems
tab is available to that admin, not the
Global
tab.
The following topics describe how to set admin role privileges to the different parts of the web interface:

Related Documentation