We are planned to Implement command restrictions for different users in our Cisco Routers, Switches and ASA. For testing purpose, we have already hardened one of our router using privilege level commands. Its working fine, but for that we have to take all the EXEC, Configuration mode commands from that router and segregated it based on user needs. Just now, we got some glance about RBAC which was different from privilege levels. So our Questions are,
What is the difference between Privilege level and RBAC?
Comparing RBAC with Privilege levels, which is best one with respect to security?
Is RBAC supported in Cisco ASA devices?
For RBAC also, we should take note of all the commands and segregate it?
In Configuration Point of view, which is better one?
to partially answer your question, role based cli access is a lot more granular than privilege levels, that is, you can define specific commands you want your users to be able to execute, as opposed to privilege levels, which have a subset of commands that you cannot customize.
It is (obviously) a lot more tedious to set up role based access, but if you really want to control what your users are allowed and have access to, I would prefer that over privilege levels...
The following documents are reviewed on the Ask The Experts Session titled: Use Case Overview and Planning: Cisco DNA Center Project Planning.
Here you can find editable versions of the
Solution Requirements Document UCOP_CiscoDNACenterProjectPlann...
If so, we’d like to speak with you to understand you and your team’s process on how you monitor and troubleshoot network traffic.
We ask that you complete our brief survey: https://ciscoux.az1.qualtrics.com/jfe/form/SV_d4LYJ5oWqWj9CCy Based on your ...
Listen: https://smarturl.it/CCRS8E38 Follow us: twitter.com/CiscoChampionAdding learning capabilities to the internet will increase the overall network SLO and application experience. Real data driven experiments have shown that such an approach...
Listen: https://smarturl.it/CCRS8E37Follow us: twitter.com/ciscochampionSometimes, situations require temporary fixes. Sometimes, the network becomes an afterthought in overall office design and planning. In either situation, it may require netw...
In this special edition of the Insider Series, we hear from Cisco partners who have taken steps to be more eco-friendly and sustainable. We hear what inspires ASHRAE, Southwire, Igor, and NTT to create a workplace that is centered around people and how th...