System
161
Users
User accounts on a CyberGuard SG appliance allow administrative duties to be spread
amongst a number of different people according to their level of competence and trust.
Each user on the CyberGuard SG appliance has a password that they use to
authenticate themselves to the unit's web pages. They also have a number of access
controls that modify what they can and cannot do via the web interface, and whether they
can access the Internet via the CyberGuard SG appliance’s web proxy.
There is one special user, root, who has the role of the final administrative user. This
user has extra capabilities beyond any other user.
Note
The root user is the only user permitted to telnet to a CyberGuard SG appliance.
Web administration access controls are grouped into four broad categories:
Administration, Diagnostic, Encrypted save/restore all and User settings. The root
administrative user by default has permission to perform any action on the CyberGuard
SG appliance. Other users default to no permission. All users can have their access
controls modified (including root). To fully utilize access controls, the root user should
have their access controls turned off and other users create to handle the day to day
administrative duties.
There is a fifth access control, Internet Access (via. Access Controls), that permits
users web access through the CyberGuard SG appliance’s web proxy.
Figure 10-2