Applies To: Wi-Fi Cloud-managed Access Points (AP120, AP125, AP225W, AP320, AP322, AP325, AP327X, AP420)
To configure the Manage service privileges for a user account:
- Open Launchpad.
- Select Admin and select the Users tab.
- Select the user account and click Service Privileges.
Or, in the row of the user account to edit, click
and select Service Privileges.
- From the Select Profile drop-down list, select the Custom profile.
- Click Manage.
- From the User Role drop-down list, select a role. See Roles and Privileges for Manage for a description of roles and privileges in Manage.
- From the Allowed Locations list, select the locations for the role.
- To enable Wi-Fi access management for the user account, select the Wi-Fi access management check box.
- To enable WIPS management for the user account, select the WIPS management check box.
- Click Save.
Roles and Privileges for Manage
The Manage service includes these user roles:
- Superuser/Poweruser — All available privileges
- Administrator
- Operator
- Viewer— Limited privileges
This list includes information about the functions available for each user role:
|
User Privileges Functionality |
|||||
|---|---|---|---|---|---|
|
Functionality |
Operation |
Poweruser |
Administrator |
Operator |
Viewer |
|
System Settings and Operating Policies |
Options in Configuration > System Settings |
Yes |
No |
No |
No |
|
AP auto-classification |
Yes |
Yes |
No |
No |
|
|
Client auto-classification |
Yes |
Yes |
No |
No |
|
|
Intrusion Prevention |
Yes |
Yes |
No |
No |
|
|
Events, devices, and location |
View generated events |
Yes |
Yes |
Yes |
Yes |
|
Modify generated events |
Yes |
Yes |
Yes |
No |
|
|
Delete generated events |
Yes |
Yes |
Yes |
No |
|
|
View devices |
Yes |
Yes |
Yes |
Yes |
|
|
Add devices (APs, clients, devices) |
Yes |
Yes |
Yes |
No |
|
|
Modify devices (APs, clients, devices) |
Yes |
Yes |
Yes |
No |
|
|
Delete devices (APs, clients, devices) |
Yes |
Yes |
Yes |
No |
|
|
View location |
Yes |
Yes |
Yes |
Yes |
|
|
Add location |
Yes |
Yes |
Yes |
No |
|
|
Modify location |
Yes |
Yes |
Yes |
No |
|
|
Delete location |
Yes |
Yes |
Yes |
No |
|
|
Calibrate location tracking |
Yes |
Yes |
Yes |
No |
|
|
Reports |
Add shared report |
Yes (all reports) |
Yes (only self-created reports) |
Yes (only self-created reports) |
No |
|
Modify shared report |
Yes (all reports) |
Yes (only self-created reports) |
Yes (only self-created reports) |
No |
|
|
Delete shared report |
Yes (all reports) |
Yes (only self-created reports) |
Yes (only self-created reports) |
No |
|
|
Generate shared report |
Yes |
Yes |
Yes |
Yes |
|
|
Schedule shared report |
Yes |
Yes |
Yes |
No |
|
|
Add custom report |
Yes (only self-created reports) |
Yes (only self-created reports) |
Yes (only self-created reports) |
No |
|
|
Modify custom report |
Yes (only self-created reports) |
Yes (only self-created reports) |
Yes (only self-created reports) |
No |
|
|
Delete custom report |
Yes (only self-created reports) |
Yes (only self-created reports) |
Yes (only self-created reports) |
No |
|
|
Generate custom report |
Yes (only self-created reports) |
Yes (only self-created reports) |
Yes (only self-created reports) |
No |
|
You can enable Wi-Fi access management or WIPS management features, or a combination of Wi-Fi access and WIPS management features. for a selected location to the user.
This list includes the privileges for Wi-Fi access management that are available to user accounts with the Administrator and Operator roles:
|
User Privileges Functionality |
|||
|---|---|---|---|
|
Functionality |
Operation |
Administrator |
Operator |
|
WIPS |
Authorized WLAN Policy |
No |
No |
|
AP Auto-classification |
No |
No |
|
|
Client Auto-classification |
No |
No |
|
|
Manage Banned Device List |
No |
No |
|
|
Intrusion Prevention |
No |
No |
|
|
Intrusion Prevention Activation |
No |
No |
|
|
Import Devices |
No |
No |
|
|
Manage WLAN Integration-HP, Aruba, WLC Integration |
No |
No |
|
|
Manage Device List Locking |
No |
No |
|
|
Manage Banned Device List |
No |
No |
|
|
Manage Smart Device Types |
No |
No |
|
|
Manage Vulnerable SSIDs |
No |
No |
|
|
Manage Hotspot SSIDs |
No |
No |
|
|
Wi-Fi Access Management |
Manage Device Template |
Yes |
No |
|
Manage SSID Profile |
Yes |
No |
|
|
Manage Network Interfaces |
Yes |
No |
|
|
Custom Radio Settings through Device Details |
Yes |
No |
|
|
AP Actions |
Add/Remove from banned List |
No |
No |
|
Quarantine Device |
No |
No |
|
|
Change Category |
No |
No |
|
|
Change Quarantine Status |
No |
No |
|
|
Mark or Unmark as Known/External |
No |
No |
|
|
Client Actions |
Change Group |
No |
No |
|
Quarantine Device |
No |
No |
|
|
Add/Remove Device from Banned List |
No |
No |
|
|
Auto-quarantine |
No |
No |
|
|
Client Fingerprinting |
No |
No |
|
This list includes the privileges available to administrator and operator users for WIPS management:
|
User Privileges Functionality |
|||
|---|---|---|---|
|
Functionality |
Operation |
Administrator |
Operator |
|
WIPS |
Authorized WLAN Policy |
Yes |
No |
|
AP Auto-classification |
Yes |
No |
|
|
Client Auto-classification |
Yes |
No |
|
|
Manage Banned Device List |
Yes |
No |
|
|
Intrusion Prevention |
Yes |
No |
|
|
Intrusion Prevention Activation |
Yes |
No |
|
|
Import Devices |
Yes |
No |
|
|
Manage WLAN Integration-HP, Aruba, WLC Integration |
Yes |
No |
|
|
Manage Device List Locking |
Yes |
No |
|
|
Manage Banned Device List |
Yes |
No |
|
|
Manage Smart Device Types |
Yes |
No |
|
|
Manage Vulnerable SSIDs |
Yes |
No |
|
|
Manage Hotspot SSIDs |
Yes |
No |
|
|
Wi-Fi Access Management |
Manage Device Template |
No |
No |
|
Manage SSID Profile |
No |
No |
|
|
Manage Network Interfaces |
No |
No |
|
|
Custom Radio Settings through Device Details |
No |
No |
|
|
AP Actions |
Add/Remove from Banned List |
Yes |
Yes |
|
Quarantine Device |
Yes |
Yes |
|
|
Change Category |
Yes |
Yes |
|
|
Change Quarantine Status |
Yes |
Yes |
|
|
Mark or Unmark as Known/External |
Yes
|
Yes |
|
|
Client Actions |
Change Group |
Yes |
Yes |
|
Quarantine Device |
Yes |
Yes |
|
|
Add/Remove Device from Banned List |
Yes |
Yes |
|
|
Auto-quarantine |
Yes |
Yes |
|
|
Client Fingerprinting |
Yes |
Yes |
|