Table of Contents
Advertisement
Service Providers
Copyright © 2010, Juniper Networks, Inc.
administrator might also have a role with an activity for managing the management
system.
Security group—Creates and manages security policies. This group has roles with
activities for defining custom services, address objects, and firewall rules on devices
for which they have responsibility.
Remote Connectivity group—Creates and manages VPNs and RAS user configuration.
This group has roles with activities for configuring VPNs and remote users.
Specific Tasks
Configuration Validation—An audit administrator approves all configuration changes
before those changes are made on the network. Only the auditor has a role with
activities for updating devices on the network.
Reporting—A reporting administrator views reports for one or more domains. A regional
reporting administrator has a role with activities for viewing reports for their regional
subdomain; a corporate reporting administrator has a role with activities for viewing
reports for the global domain and all subdomains.
Configuration Update—An update administrator updates firmware for devices. The
update administrator has a role with activities for updating firmware on the devices in
their assigned domain.
Administrative Management—A management administrator creates administrators
and manages their permissions. The super administrator creates a management
administrator to delegate administrator management. For example, a NOC Tier 2
administrator has a role that includes the activity to create new administrators, but
cannot assign them an activity that is not included in their own role. Typically, a
subdomain has only one management administrator to control the creation of
administrators.
Device Installation—A device install administrator creates new devices. The device
install administrator has a role with activities for adding, updating, and viewing device
configurations.
Service Providers can use NSM domain, subdomains, and roles to manage their internal
infrastructure and their customers' infrastructures.
Internal Network
Internally, a Service Provider network is similar to an enterprise network; both view their
networks as regions with dedicated NOC/SOC, and both use the same types of
administrators.
Managed Security Service Provider (MSSP)
Telcos and Service Providers use their networks to generate revenue. Customers pay the
MSSP to deploy devices and to manage the VPN or firewall infrastructure. MSSPs use
different role structures that best match their organizational structure:
Chapter 3: Configuring Role-Based Administration
65
Advertisement
Table of Contents
