Field
Description
VLAN policy
Permitted VLANs
Interface policy
Permitted interfaces
VPN instance policy
Permitted VPN instances
Security zone policy
Permitted security zones
Rule
Perm
Type
Scope
Description
•
network-operator.
•
level-n (where n represents an integer in the range of 0 to 15).
•
security-audit.
•
guest-manager.
User role description.
VLAN policy of the user role:
•
Deny—Denies access to all VLANs except for permitted
VLANs.
•
Permit (default)—Default VLAN policy, which enables the user
role to access all VLANs.
VLANs accessible to the user role.
Interface policy of the user role:
•
Deny—Denies access to all interfaces except for permitted
interfaces.
•
Permit (default)—Default interface policy, which enables the
user role to access all interfaces.
Interfaces accessible to the user role.
VPN instance policy of the user role:
•
Deny—Denies access to all VPN instances except for permitted
VPNs.
•
Permit (default)—Default VPN instance policy, which enables
the user role to access all VPN instances.
VPN instances accessible to the user role.
Security zone policy of the user role:
•
Deny—Denies access to all security zones except for permitted
security zones.
•
Permit (default)—Default security zone policy, which enables
the user role to access all security zones.
Security zones accessible to the user role.
User role rule number.
A user role rule specifies access permissions for items, including
commands,
feature-specific
elements, and MIB nodes.
Predefined user role rules are identified by sys-n, where n represents
an integer.
Access control type:
•
permit—User role has access to the specified items.
•
deny—User role does not have access to the specified items.
Controlled type:
•
R—Read-only.
•
W—Write.
•
X—Execute.
Rule control scope:
•
command—Controls access to the command or commands, as
specified in the Entity field.
•
feature—Controls access to the commands of the feature, as
specified in the Entity field.
•
feature-group—Controls access to the commands of the
21
commands,
Web
menus,
XML