Customize Permissions for System and Network Administrators
You can fine-tune the permissions for System and Network administrators in your Airwall secure network.
System and Network administrators have a set of permissions by default in the Conductor. You can customize what these permissions are by default, and you can customize the permissions for individual system and network administrators.
- Supported Roles
- System Administrators with Can edit user permissions enabled.
Customize Default Role Permissions
Note: Default user permissions apply only to people currently being added to a
role (both new users and users who are changing roles). It does not change the
permissions of people already assigned that role. The defaults can be modified
as a user is created if the person making the change has "Can edit user
permissions" permission.
- Go to .
- Under Default user permissions, select Edit Settings.
-
Check the permissions you want new people to have by default when they are
assigned these roles.
- Select Update to save.
Customize Permissions for individual System and Network Administrators
- Go to People, select a person to open their page, and then select Edit Settings.
-
Under User permissions, check or clear the
permissions you want this person to have.
System Administrator customizable permissionsNetwork Administrator customizable permissions
For more information about these permissions, see Customizable Permissions Descriptions.
- Select Update Settings.
Customizable Permissions Descriptions
These are the permissions that can be customized for people assigned the System or Network Administrator roles.
| Permission | Description |
|---|---|
| For System Administrators: | |
| Can edit user permissions | Can edit Conductor default permissions and permissions for individual users, including assigning user roles and customizing their permissions. Can also create new overlay networks and assign them to a network admin to manage trust. |
| Can edit system configuration | Administrator can edit Conductor Settings, including High Availability (HA), email server, remote logging, authentication, or any other settings in . |
| Can create and configure cloud features | Can create and configure cloud Airwall Gateways, and create an HA-paired Conductor in the cloud. |
| Can update Conductor firmware | This option is available if you have checked Can edit system configuration. Can update the Conductor software and Airwall Edge Service firmware from |
| For Network Administrators: | |
| Can view full user interface | When clear, the user sees a simplified, easier-to-use view in the Conductor. For a description of the simplified view, see Set a Streamlined View for a Network Administrator. |
| Can view and edit unassigned Airwalls | Can view or edit any Airwall Edge Services that are not assigned to any overlay networks, including adding the devices in these Airwall Edge Services to any overlay networks they have permission to. |
| Can revoke and delete or re-activate Airwalls | Requires that Can view and edit unassigned Airwall is checked. Can revoke, delete, and re-activate Airwall Edge Services in their overlay networks, and can view and reactivate any revoked Airwall Edge Services . |
| Can provision and manage Airwalls | Requires that Can view and edit unassigned Airwall is checked. Can view and provision provisioning requests, and can manage unmanaged Airwall Edge Services. |
| Can view and edit bypass destinations | Can view and edit any bypass destinations. |
| Can view and edit Airwall groups and relay rules | Can view and edit Airwall groups and relay rules for Airwall Edge Services in their overlay networks. |
| Can send Airwall Invitations | Can send Airwall Invitations to invite users to connect to the Airwall secure network and gain access to the devices in their overlay networks. |