Alignment of RBAC models of Security Cloud Control Firewall Management and Catalyst SD-WAN Manager
User roles in Catalyst SD-WAN Manager and Security Cloud Control Firewall Management operate independently, with each role defined by its specific responsibilities. However, the Role-Based Access Control (RBAC) models across these platforms are aligned to ensure consistent and seamless user actions.
A user with elevated permissions in Security Cloud Control Firewall Management may still encounter restrictions if their role in Catalyst SD-WAN Manager has lower permissions, and vice versa.
Attempting to save changes in Security Cloud Control Firewall Management without appropriate permissions in Catalyst SD-WAN Manager results in an error. For example, users assigned the 'Super Admin' role in Security Cloud Control Firewall Management cannot save NGFW security policies changes to Catalyst SD-WAN Manager if they have the 'Operator' role in that platform.
This table outlines the access permissions for various combinations of user roles in Catalyst SD-WAN Manager and Security Cloud Control Firewall Management.
|
Security Cloud Control Firewall Management Role Name |
Catalyst SD-WAN Manager Role Name |
Allowed Actions |
|---|---|---|
|
Read Only |
Operator |
Allowed read-only access in Security Cloud Control Firewall Management Allowed read-only access in Catalyst SD-WAN Manager |
|
VPN Sessions Manager |
Operator |
Allowed read-only access in Catalyst SD-WAN Manager |
|
Administrator |
security_operations |
Allowed to create/edit security policies in Security Cloud Control Firewall Management Allocated SecOps user role in Catalyst SD-WAN Manager |
|
Super Administrator |
security_operations |
Unrestricted access to all functions in Security Cloud Control Firewall Management Allocated SecOps user role in Catalyst SD-WAN Manager |
|
Deploy Only |
Operator |
Not allowed to create/edit security policies in Security Cloud Control Firewall Management Allowed read-only access in Catalyst SD-WAN Manager |
|
Edit Only |
security_operations |
Not allowed to onboard or deboard Catalyst SD-WAN Manager Unrestricted access to all functions in Security Cloud Control Firewall Management Allocated SecOps user role in Catalyst SD-WAN Manager |