Role-based access control (RBAC) is the process of restricting user access to network configurations and resources. In RBAC, users are assigned roles depending on the resources they need access to. All other parts of the network are rendered inaccessible to them, ensuring no unauthorized accesses or changes are made to network resources.
Network Configuration Manager comes with two predefined access levels and a scope of access that restricts users from accessing certain devices or device groups.
|Access level (role)||Definition|
|Administrator||These users have privileges to access, edit, and push configurations to any device. Only administrators can add devices to the inventory, add users, assign roles, and assign devices. In addition, administrators can approve or reject requests pertaining to configuration uploads (pushing configurations) by operators.|
|Operator||These users have privileges to access and edit configurations of specified devices. They can also send requests for configuration uploads (pushing configurations) to administrators.|
Since Network Configuration Manager runs on a multi-user network environment, it's vital to restrict user access to network devices. A faulty change to the network can lead to network issues, which can cause either a network disaster or a full-blown network outage. Reversing such outages can be time-consuming, which is why all changes should be checked and approved by network admins.
RBAC helps you define the scope of access for users so you can control what changes they can make to the network. Let's say a user is assigned to the Cisco device group as an operator in Network Configuration Manager. The operator can view the status of all devices in the device group, schedule backups, and request changes.
When the operator requests a configuration upload, the admin receives a notification. The admin can compare configuration drafts with the baseline configuration of the devices. The admin can choose to accept or reject configuration uploads with appropriate comments. Once the changes have been processed, operators receive notifications with the admin's comments.The entire process of configuration change approval mechanism helps maintain control over what goes on in your network devices.
Network Configuration Manager offers advanced configuration change management functionalities like Diff View, real-time change detection and notifications. Get started with securing your network from configuration change mishaps and outages with your free trial of Network Configuration Manager.