Multi-User Access

Comments

8 comments

  • Avatar
    Firewalla

    Ack, let me put this in with our developers. So you pretty much want two levels of access, one is super, and the other is view only. Will you want even more fine-grain controls? 

    0
    Comment actions Permalink
  • Avatar
    TR

    Ideally I could see all boxes for all my customers as SU but I could also restrict the customer's dashboard or user account to only the boxes they own.

    All of these requests are landing somewhere between the customer facing dashboard I described in another post and account access controls. There may be a hybrid solution between the two.

    0
    Comment actions Permalink
  • Avatar
    LoRdNeX

    I would say at least a 3 tier setup. Manager, admin, user or something the similar. That way you can always have someone at the top to override a disgruntled employee or something

    0
    Comment actions Permalink
  • Avatar
    TR

    Adding to this, I have come across use cases where I want to turn off visibility of flow data for specific users.  Management and system monitoring tools only, no flow monitoring.

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    @TR, is the knob to be turned off done on the user side? (they don't want to see) or it is your side, you don't want to see?

    0
    Comment actions Permalink
  • Avatar
    TR

    My side, I don’t want employees to see when they are monitoring the networks in shifts. I’d like to be able to give each employee a unique login and remove flows for certain user roles. Then I can tell our customers we only look at flows when alerted by troubleshooting tickets, alarms, or suspicious activity.

    I’ve noticed users will turn off monitoring on their devices in order to avoid oversight. Not good security practice.

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Thank you TR, make sense. Will see if we can do 

    0
    Comment actions Permalink
  • Avatar
    Dustin Wynn

    Here is my suggestion:

    Global Admin

    Device Admin or Site Admin (per Firewalla)

    Global Read Only

    Device Read Only

    Custom Roles

    1
    Comment actions Permalink

Please sign in to leave a comment.