• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Rowell Dionicio

Get Techie With It

  • Home
  • About
  • Newsletter
  • Resources
    • Archives
    • Book List
    • YouTube
  • Learn
    • Wi-Fi 6E
    • CCNP Enterprise Core
    • DevNet Associate
    • PCNSA Certified
  • Blog
  • Contact
  • Show Search
Hide Search

Admins and Role-Based Access Control – PCNSA

January 11, 2022 By Rowell Leave a Comment

This is published as part of a series on obtaining the PCNSA certification.

Firewall administrators are defined via Panorama (central management) or locally on the firewall. But not everyone should have cart-blanche access.

Role-based access control can limit the type of changes a firewall administrator can perform.

Authentication Methods

The most common method is to define an administrator using local authentication.

To add a firewall administrative account, navigate to Device > Administrators and click on Add.

Firewall Administrators

Specify a name for the account and password.

There are a few optional items such as the Authentication Profile and the Administrator Type, either Dynamic or Role Based.

Defining an administrator

An Authentication Profile is used with other authentication services.

The Administrator Type specifies a role. Dynamic includes built-in roles which include:

Dynamic RolePrivileges
SuperuserFull access to the firewall
Superuser (read-only)Read-only access
Device AdministratorFull access to the firewall except creating new accounts and virtual systems
Device Administrator (read-only)Read-only access to all firewall settings except password profiles and administrator accounts.

Role Based will include custom roles that you configure. This allows you to create more granular control over certain settings. This would be configured under Device > Admin Roles

Admin Roles

For example, I can create an Admin Role called analyst which will have access to the Monitor Logs only.

Share this:

  • Facebook
  • LinkedIn
  • Twitter

Related

Filed Under: Certifications Tagged With: firewall, palo alto networks, pcnsa

About Rowell

Wi-Fi expert. Coffee addict ☕️. Tech nerd. Business owner.

Reader Interactions

Leave a Reply Cancel reply

Primary Sidebar

Recent Posts

  • 6 GHz Frame Captures with EtherScope nXG
  • Manage Cisco Catalyst in the (Meraki) Cloud
  • Q1 2022 Income Report
  • First Look at Ekahau AI Pro – Network Simulator
  • PAN-OS Configuration Management – PCNSA

Categories

  • bschool
  • Certifications
  • Coding
  • DevNet Associate
  • Events
  • Lab
  • Networking
  • Personal
  • Podcasting
  • Professional
  • Reviews
  • Security
  • Short Stories
  • Uncategorized
  • Wireless

Archives

  • June 2022
  • May 2022
  • January 2022
  • December 2021
  • November 2021
  • August 2021
  • July 2021
  • April 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • August 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • November 2018
  • September 2018
  • August 2018

Copyright © 2022 · Written by Rowell Dionicio · You're awesome.

 

Loading Comments...