47
FIPS compliance
The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for
features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more
information about FIPS mode, see Security Configuration Guide.
Configuration task list
(Required.) Creating user roles
(Required.) Configuring user role rules
(Optional.) Configuring feature groups
(Optional.) Configuring resource access policies
(Optional.) Assigning user roles
(Optional.) Configuring temporary user role authorization
Creating user roles
In addition to the predefined user roles, you can create a maximum of 64 custom user roles for
granular access control.
To create a user role:
1. Enter system view.
system-view
N/A
2.
enter user role view.
role name
role-name
By default, the system has the following
predefined user roles:
• network-admin.
• network-operator.
• level-n (where n equals an integer
in the range 0 to 15).
• security-audit.
Among these user roles, only the
permissions and description
level-0 to level-
configurable.
3. (Optional.)
Configure a
description for the user
role.
description
text
By default, a user role does not have a
description.
Configuring user role rules
You can configure command, feature, feature group, XML element, and OID rules to permit or deny
the access of a user role to specific commands, XML elements, and MIB nodes.
To Next Page
Loading...
Need help?
General