Admin Profiles

Admin Profiles

Use administrator profiles to control administrator access privileges to system features. When you create an administrator account, you assign a profile to the account.

You cannot modify or delete the following predefined administrator profiles:

Read Write has access to all functionality. This includes creating, editing, and deleting administrator profiles
Read only has read-only access.

The Menu Access section has the following settings:

None	User cannot view or make changes to that page.
Read Only	User can view but not make any change to that page, except session-related user settings such as Table Customization, Dashboard, or Attack Map filter.
Read Write	User can view and make changes to that page.
Super Admin	User cannot view or make changes to that page.
Regular Admin	User cannot view or make changes to that page.

The CLI Commands section has the following settings:

None	User cannot execute CLI commands.
Execute	User can execute CLI commands.

To create an Administrator Profile:

Go to System > Admin Profiles.
Select the Profile Name.
Click Create New.
Specify the Profile Name.
If you wish, add a Comment.

Specify the privileges for Menu Access:

Dashboard	Dashboard
Central Management	Appliances
Deception	Custom Decoy Image Deception OS Deployment Network Deployment Wizard Decoy Status Deployment Map Asset Discovery Safe List Lure Resources Deception Token
Incident	Analysis Campaign Attack Map
Fabric	Integration Devices Quarantine Status IOC Export Detection Devices
Network	Interfaces System DNS System Routing
System	Administrators Admin Profiles Certificates LDAP Servers RADIUS Servers Mail Server SNMP Login Disclaimer FortiGuard FDC License System Settings Table Customization
Log	All Events Log Servers
REST API	Decoy Attack

Specify the privileges for CLI Commands:

Configuration	Set Unset
System	Reboot Shutdown Reset Configuration Factory Reset Firmware Upgrade Reset Widgets IP Tables test-network usg-license Set Confirm ID for Windows VM List VM License Show VM Status VM reset DC Image Status Set Maintainer Set Timeout for Remote Auth Data Purge Log Purge DMZ Mode FDN Package Information Fabric Binding Central Management Settings
Utilities	TCP Dump Trace Route
Diagnostics	Diagnose

Click Save.

Admin Profiles

Use administrator profiles to control administrator access privileges to system features. When you create an administrator account, you assign a profile to the account.

You cannot modify or delete the following predefined administrator profiles:

Read Write has access to all functionality. This includes creating, editing, and deleting administrator profiles
Read only has read-only access.

The Menu Access section has the following settings:

None	User cannot view or make changes to that page.
Read Only	User can view but not make any change to that page, except session-related user settings such as Table Customization, Dashboard, or Attack Map filter.
Read Write	User can view and make changes to that page.
Super Admin	User cannot view or make changes to that page.
Regular Admin	User cannot view or make changes to that page.

The CLI Commands section has the following settings:

None	User cannot execute CLI commands.
Execute	User can execute CLI commands.

To create an Administrator Profile:

Go to System > Admin Profiles.
Select the Profile Name.
Click Create New.
Specify the Profile Name.
If you wish, add a Comment.

Specify the privileges for Menu Access:

Dashboard	Dashboard
Central Management	Appliances
Deception	Custom Decoy Image Deception OS Deployment Network Deployment Wizard Decoy Status Deployment Map Asset Discovery Safe List Lure Resources Deception Token
Incident	Analysis Campaign Attack Map
Fabric	Integration Devices Quarantine Status IOC Export Detection Devices
Network	Interfaces System DNS System Routing
System	Administrators Admin Profiles Certificates LDAP Servers RADIUS Servers Mail Server SNMP Login Disclaimer FortiGuard FDC License System Settings Table Customization
Log	All Events Log Servers
REST API	Decoy Attack

Specify the privileges for CLI Commands:

Configuration	Set Unset
System	Reboot Shutdown Reset Configuration Factory Reset Firmware Upgrade Reset Widgets IP Tables test-network usg-license Set Confirm ID for Windows VM List VM License Show VM Status VM reset DC Image Status Set Maintainer Set Timeout for Remote Auth Data Purge Log Purge DMZ Mode FDN Package Information Fabric Binding Central Management Settings
Utilities	TCP Dump Trace Route
Diagnostics	Diagnose

Click Save.

Secure Networking

Hybrid Mesh Firewall

NOC Management

LAN

WAN

Unified SASE

Single Vendor SASE

Cloud Network Security

Secure Endpoint Connectivity

Web Application / API Protection

Security Operations

Security Operations Automation

Identity

Early Detection & Prevention

Secure Networking

Hybrid Mesh Firewall

NOC Management

LAN

WAN

Communication & Surveillance

Unified SASE

Single Vendor SASE

Secure Endpoint Connectivity

Cloud Network Security

Cloud-Native Security

Web Application / API Protection

Security Operations

Security Operations Automation

Endpoint

Data Protection

Identity

Email

Early Detection & Prevention

Expert Services

Edge Firewall

Orchestration & management

SD Branch

Application Delivery

Single Vendor SASE

Secure Endpoint Connectivity

Secure Private Access

Thin Edge

Identity

Application Gateway

Enterprise Asset Management

Endpoint Agent

Agentless Security Posture

Identity

Wireless

Switching

Identity

Privilege Acccess Management

Next Generation Firewall

Orchestration & management

Expert Services

All

All

Account Management

SAAS Management

SAAS Application Security

Managed Services

Platform as a service (PAAS)

Other SAAS Services

4D Pillars

Cloud

Popular Solutions

Administration Guide

Admin Profiles

To create an Administrator Profile:

Admin Profiles

Admin Profiles

To create an Administrator Profile: