Overview

Role based access control (RBAC) controls user access to items and system resources based on user role. Items include commands, XML elements, and MIB nodes. System resources include interfaces, VLANs, and VPN instances.

On devices that support multiple users, RBAC is used to assign access permissions to user roles that are created for different job functions. Users are given permission to access a set of items and resources based on the users' user roles. Because user roles are static in contrast to users, separating permissions from users enables simple permission authorization management. When the job responsibilities of a user changes, new users are added, or old users are removed, you only need to change the user roles or assign new user roles.