System Admin Access profiles
FortiGate Version 3.0 MR4 Administration Guide
01-30004-0203-20070102 149
Read access enables the administrator to view the web-based manager page.
The administrator needs write access to change the settings on the page.
You can now expand the firewall configuration access control to enable more
granular control of access to the firewall functionality. You can control
administrator access to policy, address, service, schedule, profile, and other (VIP)
configurations.
The access profile has a similar effect on administrator access to CLI commands.
The following table shows which command types are available in each access
control category. You can access “get” and “show” commands with read access.
Access to “config” commands requires write access.
Table 29: Access profile control of access to Web-based manager pages
Access control Affected web-based manager pages
Admin Users System > Admin
System > Admin > FortiManager
System > Admin > Settings
Antivirus Configuration AntiVirus
Auth Users User
Firewall Configuration Firewall
FortiGuard Update System > Maintenance > FortiGuard Center
IPS Configuration Intrusion Protection
Log & Report Log & Report
Maintenance System > Maintenance
Network Configuration System > Network > Interface
System > Network > Zone
System > DHCP
Router Configuration Router
Spamfilter Configuration AntiSpam
System Configuration System > Status, including Session info
System > Config
System > Hostname
System > Network > Options
System > Admin > FortiManager
System > Admin > Settings
System > Status > System Time
VPN Configuration VPN
Webfilter Configuration Web Filter
Note: When Virtual Domain Configuration is enabled (see “Settings” on page 153), only the
administrators with the access profile super_admin have access to global settings. When
Virtual Domain Configuration is enabled, other administrator accounts are assigned to one
VDOM and cannot access global configuration options or the configuration for any other
VDOM.
For information about which settings are global, see “VDOM configuration settings” on
page 62.
To Next Page
Loading...
