57
FIPS compliance
The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for
features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more
information about FIPS mode, see Security Configuration Guide.
Configuration task list
Tasks at a glance
(Required.) Creating user roles
(Required.) Configuring user role rules
(Optional.) Configuring feature groups
(Optional.) Configuring resource access policies
(Optional.) Assigning user roles
(Optional.) Configuring temporary user role authorization
Creating user roles
In addition to the predefined user roles, you can create a maximum of 64 custom user roles for
granular access control.
To create a user role:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Create a user role and
enter user role view.
role name
role-name
By default, the system has the following
predefined user roles:
• network-admin.
• network-operator.
• level-n (where n equals an integer
in the range 0 to 15).
• security-audit.
Among these user roles, only the
permissions and description of the
level-0 to level-14 user roles are
configurable.
3. (Optional.) Configure a
description for the user
role.
description
text
By default, a user role does not have a
description.
Configuring user role rules
You can configure command, feature, feature group, XML element, and OID rules to permit or deny
the access of a user role to specific commands, XML elements, and MIB nodes.
To Next Page
Loading...
Need help?
General