Click the User Management > Users link to create and manage the different users who are allowed to access the Firewall Analyzer server.
The different types of users and their respective privileges are described in the table below:
User | Description |
---|---|
Administrator | This user can do all operations including configuring Syslog servers, setting up file archiving, adding additional users, and more |
Operator | This user can do all operations except configuring the Intranet settings, and user management |
By default, an Administrator user with username as admin and password as admin.
If you have logged in as an Administrator user, the User Management page lists all the users created so far.
If you have logged in as an Administrator user, click the User Audit View link against a user to view the corresponding user audits. The User Audit page shows the remote host IP address from which the user logged on, the timestamp of the login, and the duration of the session.
The description the user details available in the user list table are explained below:
Select all users check box if you want to delete all the users and individual user(s) check boxes to delete the selected users. There is a check box against each user below the all user check box. Click Delete button to delete all the or selected user(s) from the list of users accessing Firewall Analyzer.
If you have logged in as an Administrator user, the User Management page lists all the users created so far.
OR
If you have logged in as an Operator or Guest user, click on the Account Settings link to change your password and default e-mail address.
Once you are done, click OK to save the new changes. Click Cancel to cancel editing the user operation.
Types of User Privileges in Firewall Analyzer
Comparison of Feature Access to the Users
Sl No
|
Feature Name
|
||
1 |
User Management Create/Modify/Delete users |
Yes | No |
2 |
Predefined Reports and ReportProfiles | The user can view all predefined reports of all the firewalls. The user can perform Add/Edit/Delete operation of Report profiles created by all users. |
The user can view all predefined reports of Firewalls assigned to him. The user can perform Add/Edit/Delete operation of Report profiles created by himself. |
3 |
Alert Profiles and Alert Administration | The user can perform Add/Edit/Delete operation of Alert profiles created by all users. Administration of Alerts created by All Alert Profiles |
The user can perform Add/Edit/Delete operation of Alert profiles created by himself. Administration of Alerts created by his own Alert Profiles |
4 |
Edit/Delete Device | All Firewalls | Only for Firewalls assigned to him. |
5 |
Dashboard View Customization | For all Firewalls | Only for Firewalls assigned to him. |
6 |
Advanced Search | Yes | Yes |
7 |
Intranet Settings Configuring Firewall based LAN settings |
Yes | No |
8 |
Bookmark | The user can view only his bookmarks. | The user can view only his bookmarks. |
9 |
Configuration Settings listed in the Settings tab.
|
Yes |
Yes |
10 |
Configuration views present in the Settings Tab.
|
Yes |
Yes |
11 |
User Assistance
|
Yes |
Yes |
Firewall Analyzer provides one more external authentication apart from the local authentication. It is Remote Authentication Dial-in User Service (RADIUS) authentication. If you you add a RADIUS server details, you will find the Log on to field below the Password field in the Firewall Analyzer Client UI Login screen. The Log on to field will list the following options:
Enter the User Name and Password. Select one of the two options in Log on to (Local Authentication or Radius Authentication). Click Login button to log in to Firewall Analyzer Client UI.
You can also leverage the RADIUS authentication for user access bypassing the local authentication provided by Firewall Analyzer. In the RADIUS server authentication the users credentials are sent to the RADIUS server. The server checks for the user credentials and sends the authentication successful message to Firewall Analyzer server.
Note: |
If the user has only RADIUS server authentication, create the user in Firewall Analyzer with dummy password. On user logging in with RADIUS server authentication, the dummy password in the local server is ignored and the user credentials are sent to RADIUS server for authentication. Refer the procedure given in the Adding Users document to add a new user with dummy password. |
You can make Firewall Analyzer work with RADIUS server in your environment. This section explains the configurations involved in integrating RADIUS server with Firewall Analyzer.
Procedure to configure RADIUS server settings
To configure RADIUS server in Firewall Analyzer, provide the following basic details about RADIUS server and credentials to establish connection:
Click the RADIUS Server Settings link under the Settings > User Management tab to configure the RADIUS server configuration. On clicking the RADIUS Server Settings tab, the configuration fields are displayed. In that page, you will find the following fields:
RADIUS Server Settings |
Description |
Server IP |
The IP Address of the machine in which the RADIUS server is running. Enter the IP address of the host where RADIUS server is running |
Authentication Port | The port used by the RADIUS server for authenticating users. Enter the port used for RADIUS server authentication. By default, RADIUS has been assigned the UDP port 1812 for RADIUS Authentication. |
Server Secret | The secret string used for connecting RADIUS client (Firewall Analyzer) with the server. Enter the RADIUS secret used by the server for authentication |
Protocol |
The protocol used by the RADIUS server for authenticating users. Select the protocol that is used to authenticate users. Choose from four protocols:
|
Authentication Retries | The number of retries the RADIUS server to permit for authenticating users. Select the number of times you wish to retry authentication in the event of an authentication failure |