Adding or Editing a Management Access Policy

About this task

To add a new Management Access policy, or edit an existing configuration:

Procedure

  1. Select Configuration → Management →Management Policy to display the main Management Policy screen and the Management Browser.
    • To modify an existing policy, select Management BrowserEdit.
    • To add a new policy, click Add on the bottom right-hand side of the Management screen.
  2. Name the new policy to enable the Access Control, SNMP, SNMP Traps and Administrators tabs and define the policy configuration.
    The name cannot exceed 32 characters.
  3. Click OK to commit the new policy name.
    Once the new name is defined, the screen's tabs become enabled, with the contents of the Administrators tab displayed by default. Refer to the following to define the configuration of the new Management Access policy:
    Creating an Administrator Configuration Use the Administrators tab to create specific users, assign them permissions to specific protocols and set specific administrative roles for the network.
    Setting an Allowed Location Configuration Use the Allowed Locations tab as means to control a user's access to locations (RF Domains/sites/tree-node paths) within your managed network. Use this option to configure an allowed-locations tag and associate one or more locations with the tag.
    Setting the Access Control Configuration Use the Access Control tab to enable/disable specific protocols and interfaces. Again, this kind of access control is not meant to function as an ACL, but rather as a means to enable/disable specific protocols (HTTP, HTTPS, Telnet etc.) for each Management Access policy.
    Setting the Authentication Configuration Refer to the Authentication tab to set the authentication scheme used to validate user credentials with this policy.
    Setting the SNMP Configuration Refer to the SNMP tab to enable SNMPv2, SNMPv3 or both and define specific community strings for this policy.
    Setting SNMP Trap Configuration Use the SNMP Traps tab to enable trap generation for the policy and define trap receiver configurations.
    Setting T5 PowerBroadband SNMP Use the T5 PowerBroadband tab set a unique SNMP configuration for T5 controller models.

What to do next

For deployment considerations and recommendations impacting a controller or service platform‘s Management Access policy configuration, refer to Management Access Deployment Considerations.
9036512-00 Rev AA