cancel
Showing results for 
Search instead for 
Did you mean: 

How to restrict access to particular NAC gateway/switches/End systems ?

How to restrict access to particular NAC gateway/switches/End systems ?

Piotr_Owczarek
New Contributor III
We have NMS installed in HQ and NAC Gateways across the network in different locations. There are some local administrators and we want them to have access to NAC Manager to see and manage local users(from local switches). Is there any possibility to differentiate NAC Administrators to have access only to particular switches and end users authenticated on that switches?
5 REPLIES 5

Rainer_Adam
New Contributor III
We have also restricted the "oneView" settings for each user, these users are not able to login to the Netsight Server directly, the only have access via OneView. And there it is restricted what End-System-Groups they can see and manage.

Rainer_Adam
New Contributor III
I am sorry, but for sure this IS possible. It depends what you really need to do on the switches. You can create "Zones", that Zones you have to assign to end-system-groups and with the webview you can handle that each local admin is only able to see and manage the MAC addresses he should be able. We have done this concept with my biggest customer. But we did not give them access to the switches, they don't need this. You only have to create a end-system-group / rule you can put on specific ports when they have to install new (unknown) clients/mac addresses. With this they are able to see the new mac addresses and so they can move it to there own managed zones/ end-system-groups.

aeea84df3fa840c395b5fbb169e74872_RackMultipart20160304-97654-9uqv35-zones_inline.jpg


Ronald_Dvorak
Honored Contributor
No, I don't see any functions that restrict access to certain resources (switches, NAC,...).

Piotr_Owczarek
New Contributor III
That is something that we are already using. So there is no way to achieve goals that we need?
GTM-P2G8KFN