System Roles
Table of Contents
Expand all | Collapse all
-
-
- Add a Branch
- Add a Data Center
- Add a Branch Gateway
- Configure Circuits
- Configure Internet Circuit Underlay Link Aggregation
- Configure Private WAN Underlay Link Quality Aggregation
- Configure Circuit Categories
- Configure Device Initiated Connections for Circuits
- Add Public IP LAN Address to Enterprise Prefixes
- Manage Data Center Clusters
- Configure a Site Prefix
- Configure a DHCP Server
- Configure NTP for Prisma SD-WAN
- Configure the ION Device at a Branch Site
- Configure the ION Device at a Data Center
- Switch a Site to Control Mode
- Allow IP Addresses in Firewall Configuration
-
- Configure a Controller Port
- Configure Internet Ports
- Configure WAN/LAN Ports
- Configure a Loopback Interface
- Configure a PoE Port
- Configure and Monitor LLDP Activity and Status
- Configure a PPPoE Interface
- Configure a Layer 3 LAN Interface
- Configure Application Reachability Probes
- Configure a Secondary IP Address
- Configure a Static ARP
- Configure a DHCP Relay
- Configure IP Directed Broadcast
- VPN Keep-Alives
-
- Configure Prisma SD-WAN IPFIX
- Configure IPFIX Profiles and Templates
- Configure and Attach a Collector Context to a Device Interface in IPFIX
- Configure and Attach a Filter Context to a Device Interface in IPFIX
- Configure Global and Local IPFIX Prefixes
- Flow Information Elements
- Options Information Elements
- Configure the DNS Service on the Prisma SD-WAN Interface
- Configure SNMP
-
-
- Prisma SD-WAN Branch Routing
- Prisma SD-WAN Data Center Routing
-
- Configure Multicast
- Create a WAN Multicast Configuration Profile
- Assign WAN Multicast Configuration Profiles to Branch Sites
- Configure a Multicast Source at a Branch Site
- Configure Global Multicast Parameters
- Configure a Multicast Static Rendezvous Point (RP)
- Learn Rendezvous Points (RPs) Dynamically
- View LAN Statistics for Multicast
- View WAN Statistics for Multicast
- View IGMP Membership
- View the Multicast Route Table
- View Multicast Flow Statistics
- View Routing Statistics
- Prisma SD-WAN Incident Policies
-
- Prisma SD-WAN Branch HA Key Concepts
- Configure Branch HA
- Configure HA Groups
- Add ION Devices to HA Groups
- View Device Configuration of HA Groups
- Edit HA Groups and Group Membership
-
- Configure Branch HA with Gen-1 Platforms (2000, 3000, 7000, and 9000)
- Configure Branch HA with Gen-2 Platforms (3200, 5200, and 9200)
- Configure Branch HA with Gen-2 Embedded Switch Platforms (1200-S or 3200-L2)
- Configure Branch HA for Devices with Software Cellular Bypass (1200-S-C-5G)
- Configure Branch HA for Platforms without Bypass Pairs
- Prisma SD-WAN Incidents and Alerts
System Roles
Learn about the pre-defined system roles in Prisma SD-WAN.
Where Can I Use This? | What Do I Need? |
---|---|
|
|
Prisma SD-WAN provides system roles with
a pre-defined set of permissions. The table below describes Prisma
SD-WAN system roles and responsibilities.
Prisma SD-WAN Roles | Prisma SD-WAN Groups defined in a Customer IdP System | Responsibilities |
---|---|---|
Root (tenant_root) | cloudgenix_tenant_root | Role assigned to a single user who has complete
control over all aspects of a customer account. A root user is a
fall back user account and not used for regular day-to-day access, administration,
or management. |
Super Administrator (tenant_super_admin) | cloudgenix_tenant_super | A user with super administrator privileges to
manage other user accounts and all aspects of the network. A Super
administrator performs all the configuration tasks allowed by the
IAM Administrator, Network Administrator, and Security Administrator
roles. |
IAM Administrator (tenant_iam_admin) | cloudgenix_tenant_iam_admin | A user with IAM privileges to manage other
user accounts. An IAM Administrator creates, deletes, edits users
and/or roles. |
Network Administrator (tenant_network_admin) | cloudgenix_tenant_network_admin | A user with network administrator privileges
to manage all aspects of the network. A network administrator does
not have permissions to manage security features or functions. A
network administrator performs the following configuration and monitoring functions:
|
Security Administrator (tenant_security_admin) | cloudgenix_tenant_security_admin | A user with security administrator privileges
to manage security aspects of the network. A security administrator
does not have permissions to manage a network.A security administrator
performs the following configuration and monitoring functions:
|
View-only User (tenant_viewonly) | cloudgenix_tenant_viewonly | One or more user accounts with read-only
privilege to view network configuration and analytics. This user
cannot edit or create any features and functions in the network.
A view-only user may view the following:
|