To create a new administrator profile, you must be logged in to an account with sufficient privileges, or as a super user administrator.
- Go to System Settings > Admin > Profile.
- Click Create New in the toolbar. The New Profile pane is displayed.
- Configure the following settings:
Enter a name for this profile.
Optionally, enter a description for this profile. While not a requirement, a description can help to know what the profiles is for, or the levels it is set to.
Select the type of profile, either System Admin or Restricted Admin.
Select which permissions to enable from Web Filter , Application Control, and Intrusion Prevention.
This option is only available when Type is Restricted Admin. See Restricted administrators for information.
Allow to Install
Allows restricted administrators to install Web Filters, Intrusion Prevention, and Application Control profiles. See Installing profiles as a restricted administrator.
Select None, Read Only, or Read-Write access for the categories as required.
This option is only available when Type is System Admin.
Enable/disable privacy masking.
This option is only available when FortiAnalyzer features are enabled.
Masked Data Fields
Select the fields to mask: Destination Name, Source IP, Destination IP, User, Source Name, Email, Message, and/or Source MAC.
Data Mask Key
Enter the data masking encryption key. You need the Data Mask Key to see the original data.
Data Unmasked Time(0-365 Days)
Enter the number of days the user assigned to this profile can see all logs without masking.
The logs are masked if the time period in the Log View toolbar is greater than the number of days in the Data Masked Time field.
- Only integers between 0-365 are supported.
- Time frame masking does not apply to real time logs.
- Time frame masking applies to custom view and drill-down data.
- Click OK to create the new administrator profile.
- Go to System Settings > Administrators.
- Create a new administrator or edit an existing administrator. The Edit Administrator pane is displayed.
- From the Admin Profile list, select a profile.