User manual
C
HAPTER
4
| Configuring the Switch
Configuring Security
– 60 –
CONFIGURING USER
PRIVILEGE LEVELS
Use the Privilege Levels page to set the privilege level required to read or
configure specific software modules or system settings.
PATH
Advanced Configuration, Security, Switch, Privilege Levels
PARAMETERS
These parameters are displayed:
◆ Group Name – The name identifying a privilege group. In most cases,
a privilege group consists of a single module (e.g., LACP, RSTP or QoS),
but a few groups contains more than one module. The following
describes the groups which contain multiple modules or access to
various system settings:
■
System: Contact, Name, Location, Timezone, Log.
■
Security: Authentication, System Access Management, Port
(contains Dot1x port, MAC based and the MAC Address Limit), ACL,
HTTPS, SSH, ARP Inspection, and IP source guard.
■
IP: Everything except for ping.
■
Port: Everything except for VeriPHY.
■
Diagnostics: ping and VeriPHY.
■
Maintenance: CLI - System Reboot, System Restore Default,
System Password, Configuration Save, Configuration Load and
Firmware Load. Web - Users, Privilege Levels and everything in
Maintenance.
■
Debug: Only present in CLI.
◆ Privilege levels – Every privilege level group can be configured to
access the following modules or system settings: Configuration Read-
only, Configuration/Execute Read-write, Status/Statistics Read-only,
and Status/Statistics Read-write (e.g., clearing statistics).
The default settings provide four access levels:
■
1 – Read access of port status and statistics.
■
5 – Read access of all system functions except for maintenance and
debugging
■
10 – read and write access of all system functions except for
maintenance and debugging
■
15 – read and write access of all system functions including
maintenance and debugging.
WEB INTERFACE
To configure privilege levels:
1. Click Advanced Configuration, Security, Switch, Privilege Levels.
2. Set the required privilege level for any software module or functional
group.