Understand People Roles and Permissions
When you add a person to the Conductor, the person's role, and whether the person is a manager or member of an overlay, controls whether they have access to create, edit, or view overlay networks and their Airwall Edge Services and devices.
- System Administrator - Designed for administrators who may need to perform all Conductor functions. By default, a system administrator can edit all Airwall Edge Services in the system and is a de facto editor of all Airwall Edge Services and overlay networks. Depending on granular user permissions, a system administrator can modify other users' permissions, edit system-level configuration (such as SMTP, Conductor HA pairing, remote syslog), create cloud Airwall Gateways, and upgrade the Conductor firmware.
- Network Administrator - Designed for administrators who need to manage and potentially modify existing overlay networks, Airwall Gateways and devices. Depending on granular user permissions, a network administrator can view and edit unassigned (not part of an overlay network) Airwall Edge Services, revoke and delete Airwall Edge Services, and provision and manage Airwall Edge Services. A network administrator cannot create new users or overlay networks or edit system configuration.
- Read-only System Administrator - Designed for administrators who need to monitor overlay networks, Airwall Gateways, and device information, but who do not have a need to modify configurations. A read-only system administrator can view all Airwall Edge Services in the system and is a de facto viewer of all overlay networks. A read-only system administrator can also run reports and perform diagnostic functions on the Conductor and Airwall Edge Services.
- Remote Access User - This role is for people who need access to an Airwall secure network through an Airwall Agent. This user can only modify their account email and password. Remote access users can also view the remote access portal where they can see any activation codes assigned to them, a list of remote devices they have access to, and a list of the Airwall Edge Services assigned to them.
Task | System Administrator | Network Administrator | Read-only System Administrator | Remote Access User |
---|---|---|---|---|
Manage users |
Create |
Modify own email and password | View all users. Modify own email and password |
Modify own email and password |
Manage Conductor settings | Configure (with permissions) | Not available | View | Not available |
Manage overlay networks |
Create |
View |
View | Not available |
Manage Airwall Edge Services |
Add |
Add (with permissions) |
View | Not available |
Manage devices |
Add |
Add |
View | Not available |
Manage firmware updates |
Download |
Update | Not available | Not available |
- To customize permissions, see Customize Permissions for System and Network Administrators
- For pre-3.0 roles, see Understand People Roles (v2.2.13 and earlier)