Product specifications
Chapter 5: System Security Efficient Networks
®
Router family
Technical Reference Guide
Page 5-4 Efficient Networks
®
Access to system operation can be further administered by granting read or write
privileges to a user. These privileges are summarized in Table 5-2.
Access Privileges
The access privilege defines the authorized methods in which the user can access
the router; WAN, LAN, or console.
Templates
When creating a user account, multiple commands are required to define a user’s
management class(es) and access method(s). To ease the configuration, pre-defined
user templates are available that group multiple management class privileges to a
logically defined user type. The template Access privileges for WAN, LAN and
Console are granted by default for each
The template characteristics are shown in Table 5-3. The templates characteristics
can also be displayed via the command line using the user list template command or
via the WMI, “User Management” on page 8-17.
Table 5-2: Read / Write Privileges
Interface Read-Only
a
a
Users with read-only privilege can still change their password.
Write / Both
Command
Line
Allowed execution of com-
mands that generate a re-
sponse only, (e.g. list
commands). All write com-
mands are disabled.
Allowed to execute both read
and write commands within
specified management
class(es).
Web May view informational pag-
es. No configuration changes
are allowed.
Can view and execute chang-
es to all WMI pages within
specified management
class(es).
b
b
Command execution through the WMI command line page will be limited to the specified
management class privileges of the user.
Table 5-3: User Templates
Privilege Type Authorization
Super User
Mgmt Class
(read):
Network, System, Admin, Voice, Security, Debug
Mgmt Class
(write):
Network, System, Admin, Voice, Security, Debug