Policy Pages Reference : Security Policy Settings : User Permissions
  
User Permissions
You can change the administrator or monitor passwords and define role-based users for the selected security policy in the User Permissions page.
For details about user permissions, see Managing User Permissions.
The User Permissions page contains the following groups of settings:
•  Capability-Based Accounts
•  Adding a New User
Capability-Based Accounts
The system has two accounts based on what actions the user can take:
•  Admin - The administrator user has full privileges. For example, as an administrator you can set and modify configuration settings, add and delete users, restart the SteelHead service, reboot the appliance, and create and view performance and system reports.
•  Monitor - A monitor user can view reports, user logs, and change their password. A monitor user cannot make configuration changes, modify private keys, view logs, or manage cryptographic modules in the system.
Complete the configuration as described in this table.
Control
Description
admin/monitor
Click the magnifying glass to change the administrator or monitor password.
Enable Account - Click to enable or clear to disable the administrator or monitor account.
Use a Password - Enables password protection.
Password - Type a password in the text box.
Password Confirm - Confirms the new administrator password.
Apply
Applies your settings.
Adding a New User
A role-based account cannot modify another role-based or capability-based account.
Complete the configuration as described in this table.
Control
Description
Add a New User
Click to display the controls for creating a new role-based account.
Account Name
Specify a name for the role-based account.
Enable Account
Select the check box to enable the new role-based account.
Use a Password
Select the check box to enable password protection and specify the following:
•  Password - Specify a password in the text box.
•  Password Confirm - Specify the new password again for confirmation.
Roles and Permissions
Grant the user one of the following privileges:
•  Deny - With deny privileges the user cannot view settings or make configuration changes for a feature. This is the default.
•  Read-Only - With read privileges the user can view current configuration settings for the feature but cannot change them.
•  Read/Write - With write privileges the user can view settings and make configuration changes for a feature.
Roles are comprised of groups of settings. With write access permission the user can change the configuration for these roles.
For details about available roles and permissions, see Managing User Permissions.