Manualshelf

Specifications

ManualsBrandsBarracuda Networks ManualsComputer equipmentSSL VPN
61626364656667686970
61
Creating Access Rights
The final piece in the policy chain is the resource. Once a policy has been created and principals
attached then these principals will require something to access – in this case a resource. Resources are
defined in the system as two types. This chapter explains both types, detailing what they are and how
to create these resources.
What is a Resource?
Within the Barracuda SSL VPN, a ‘resource’ is defined as an application, utility, data source, or any
other privileged ability that when assigned will allow the user to conduct certain tasks. This could be
something as simple as a user accessing their email client to read their mail. In this case, the resource
would be the email.
What are Access Rights?
Access rights are essential in creating a well organized system. As mention earlier the super user
should only be used to perform configuration of the system from then on the super user should create
management users who are responsible for the daily uptake of the management and running of the
system.
An access right allows the super user to delegate an area of responsibilities to a policy.
Nearly all areas of the system can be delegated to different policies thus allowing the super user to be
disabled and not used other than for re-installation tasks or important configuration tasks.
All areas that can be managed are divided into their respective areas:
Resource Rights: Items that can be managed in this area are all resources such as Web
forwards, profiles and network places can all have their create, edit and delete actions
delegated out to a policy.
System Rights: Items that can be managed in this area that can be delegated are all system
resources such as policies, SSL certificates, authentication schemes, accounts and auditing.
Personal Rights: Items that can be managed here are all personal resources such as profiles,
passwords, personal details, favorites and attributes.
Access Rights Interface
The access rights interface summarizes the currently available permissions.
The main page provides information on the resource permissions currently available.
Action Icons
The action icon performs a particular function on the associated resource permission; available actions
are:
Delete resource permission