SD-WAN

In a 128T document on security, I found this passage - 128T router provides three default accounts in STRICT mode: cryptoadmin, admin, and user. In MODERATE mode, 128T provides two default accounts: admin and user. 128T allows the network administrator to define new user roles. Additional the newly created roles can be attached to set of predefined rules to limit access to the 128T platform. For example, in the above picture, the newly created role Eng User is allowed to configure Load Balancer but denied to configure firewall.  Question: Does anyone have an example config for creating new roles with specific access rights?

#RoleBasedAccessControl #RBAC​

Hi Jim - Erik Thoen can speak more to the STRICT and MODERATE modes that you've mentioned above. I believe you pulled this information from a white paper, correct?

James Process, Maxim Igolnikov or John P LaFleur should have config for creating the user and admin roles, which are currently the two access control roles that can be configured in the GUI or PCLI.

Here is a minute video on LDAP that may also help a bit.

 

Hi Victoria. Thank you for the quick answers. The excerpt is from a 128T Security Whitepaper. I am able to set up user and admin by CLI and GUI, and LDAP is not an issue. I am specifically interested in the statement from the whitepaper that indicates you can have a user allowed to configure one thing (load balancer in the example) but not another (FW in the example). This indicates to me that I can have a scaled down admin or a user account that can view some screens but not others. This granular control of roles is what I am looking for more info on.

Yes, Erik from product management is best suited to answer your question.

 

This marketing white paper is not available in the community, however, Erik can give you timelines on when new product features will be available.