Configure Role Based Access Control

Foxpass provides role based access control  (RBAC), which allows you to grant access permissions based on the roles of individual users within your organization.

In Foxpass, all users are added to Foxpass Cloud. As the first user in your organization, you must first create an account in Foxpass Cloud and then log in to the Foxpass Cloud credentials. You have the super administrator role, and by default, you have full access permissions in Foxpass. Later, you can create other users in your organization in Foxpass Cloud.

Users who are created later and who log in to Foxpass as regular users are called delegated administrators. These users, by default, have all permissions except user administration permissions. However, you can grant specific user administration permissions to these delegated admin users. You can do this by creating appropriate policies and assigning them to these delegated users. User administration permissions can be found in Account > User administration.



For more information on creating policies, roles, groups, and how to link users to groups, see the following sections.

Example :

  • The following example illustrates how RBAC can be achieved in Foxpass.

  • The super administrator of Foxpass in his organization. It creates three administrator roles: security administrator, application administrator, and network administrator.

  • The super administrator, the security administrator, must have full access for managing and monitoring SSL certificates but must have read-only access for system administration operations.

  • Steve, an application administrator, needs access only to specific applications and only to specific configuration templates.

  •  The super administrator, network administrator, needs access to the system and network administration.

  • Foxpass must also provide RBAC to all users, regardless of whether they are local or external.

To provide role based access control  to his users, The super administrator must first add users in Foxpass Cloud, and only after that, he can see the users in Foxpass. The super administrator needs to create access policies for each of the users based on their role. Access strategies are closely linked to roles. So the super administrator needs to create roles as well and then he needs to create groups because roles can be assigned to groups only and not to individual users.

Access is the ability to perform a specific task, such as viewing, creating, modifying, or deleting a file. Roles are defined according to the authority and responsibility of the users within the company. For example, one user may be allowed to perform all network operations, while another user may observe the flow of traffic in applications and help create configuration templates.

Roles are determined by strategies. After you create policies, you can create roles, link each role to one or more policies, and assign roles to users. You can also assign roles to user groups. A group is a collection of users who have common permissions. For example, users who manage a particular data center can be assigned to a group.

A role is an identity granted to users by adding them to specific groups based on specific conditions. In Foxpass, the creation of roles and policies is specific to the RBAC functionality in Foxpass. Roles and policies can be easily created, changed or dropped as business needs change.

Roles can be entity-based or resource-based. For example, consider an SSL/Security administrator and an application administrator. An SSL / Security administrator must have full access to SSL certificate management and monitoring features but must have read-only access for system administration operations. Application administrators are able to access only those resources within their scope.

Therefore, in Role based access control , the super administrator performs tasks in Foxpass to configure access policies, roles, and the security administrator for your organization.



Comments

Popular posts from this blog

Secure Your Data From Hacker With RBAC System

Security of Zero Trust Model in Business Infrastructure

Zero Trust vs. Traditional Security: The Power of Automation and AI in Modern Cybersecurity