APIC-EM Controller
|
Apic Controller Read Access
|
Allows user to read APIC-EM controller details.
|
Apic Controller Write Access
|
Allows user to create or update APIC-EM controller details.
|
Apic Global PnP Read Access
|
Allows user to read the Apic Global PnP/Ztd settings.
|
Apic Global PnP Write Access
|
Allows user to create or update the Apic Global PnP/Ztd settings.
|
Active Sessions
|
Force Logout Access
|
Allows user to force logout other user active sessions.
|
Administrative Operations
|
Appliance
|
Gives the user access to the Administration > Settings > Appliance menu.
|
Application Server Management Access
|
Allows user to manage NAM server lists.
|
Application and Services Access
|
Allows user to create, modify, and delete custom applications and services.
|
Data Migration
|
|
Design Endpoint Site Association Access
|
Allows user to create Assurance site classification rules.
|
Device Detail UDF
|
Allows user to access Device details UDF.
|
Export Audit Logs Access
|
Allows user to access Import Policy Update through Admin Mega menu.
|
Health Monitor Details
|
Allows user to modify Site Health Score definitions.
|
High Availability Configuration
|
Allows user to configure High Availability for pairing primary and secondary servers.
|
Import Policy Update
|
Allow user to manually download and import the policy updates into the compliance and Audit manager engine.
|
License Center/Smart License
|
Allows user to access license center/smart license..
|
Logging
|
Gives access to the menu item which allows user to configure the logging levels for the product.
|
Scheduled Tasks and Data Collection
|
Controls access to the screen to view the background tasks.
|
System Settings
|
Controls access to the Administration > System Settings menu.
|
Tools
|
Allows user to access the Administration > System Settings menu.
|
User Preferences
|
Controls access to the Administration > User Preference menu.
|
View Audit Logs Access
|
Allows user to view Network and System audits.
|
Alerts and Events
|
Ack and Unack Alerts
|
Allows user to acknowledge or unacknowledge existing alarms.
|
Alarm Policies
|
Allows user to access alarm policies.
|
Alarm Policies Edit Access
|
Allows user to edit alarm policies.
|
Delete and Clear Alerts
|
Allows user to clear and delete active alarms.
|
Notification Policies Read Access
|
Allows user to view alarm notification policy.
|
Notification Policies Read-Write Access
|
Allows user to configure alarm notification policy.
|
Pick and Unpick Alerts
|
Allows user to pick and unpick alerts.
|
Syslog Policies
|
Grants access to the Syslog Policies page.
|
Syslog Policies Edit Access
|
Allows creating, modifying and deleting syslog policies.
|
Troubleshoot
|
Allows user to do basic troubleshooting, such as traceroute and ping, on alarms.
|
View Alert Condition
|
Allows user to view alert condition. |
View Alerts and Events
|
Allows user to view a list of events and alarms.
|
Configuration Archive
|
Configuration Archive Read-Only Task
|
Allows user to view the archived configurations and schedule configuration archive collection jobs.
|
Configuration Archive Read-Write Task
|
Allows user to perform all configuration archive jobs.
|
Diagnostic Tasks
|
Diagnostic Information
|
Controls access to diagnostic page.
|
Feedback and Support Tasks
|
Automated Feedback
|
Allows acess to automatic feedback.
|
TAC Case Management Tool
|
Allows user to open a TAC case.
|
Global Variable Configuration
|
Global Variable Access
|
Allows user to access global variables.
|
Groups Management
|
Add Group Members
|
Allows user to add an entity, such as a device or port, to groups.
|
Add Groups
|
Allows user to create groups.
|
Delete Group Members
|
Allows user to remove members from groups.
|
Delete Groups
|
Allows user to delete groups.
|
Export Groups
|
Allows user to export groups.
|
Import Groups
|
Allows user to export groups.
|
Modify Groups
|
Allows user to edit group attributes such as name, parent, and rules.
|
Job Management
|
Approve Job
|
Allows user to submit a job for approval by another user.
|
Cancel Job
|
Allows user to cancel the running jobs.
|
Delete Job
|
Allows user to delete jobs from job dashboard.
|
Edit Job
|
Allows user to edit jobs from job dashboard.
|
Pause Job
|
Allows user to pause running and system jobs.
|
Schedule Job
|
Allows user to schedule jobs.
|
View Job
|
Allows user to schedule jobs.
|
Config Deploy Edit Job
|
Allows user to edit config delployed jobs.
|
Device Config Backup Job Edit Access
|
Allows user to change the external backup settings such as repository and file encrytion password.
|
Job Notification Mail
|
Allows user to configure notification mails for various job types.
|
Run Job
|
Allows user to run paused and scheduled jobs.
|
System Jobs Tab Access
|
Allows user to view the system jobs.
|
Maps
|
Client Location
|
Allows user to view client locations on Map.
|
Maps Read Only
|
Allows user to view the map in a read-only mode.
|
Maps Read Write
|
Allows user to view and also manipulate elements within the maps such as AP placement.
|
Planning Mode
|
Allows user to launch the planning mode tool.
|
Rogue Location
|
Allows user to view rogue AP locations on Map
|
Mobility Services
|
Mobility Service Management
|
Allows user to edit properties and parameters, view session and Trap destinations,manage user and group accoounts,and monitor
status information for mobility services engine.
|
View CAS Notifications Only
|
Allows user to view the CAS notifications
|
Network Configuration
|
Add Device Access
|
Allows user to add devices to Prime Infrastructure.
|
Admin Templates Write Access
|
Check thois check-box for enabling admin templates write access for user defind role.
|
Auto Provisioning
|
Allows access to auto provisioning.
|
Compliance Audit Fix Access
|
Allows user to view, schedule and export compliance fix job/ report.
|
Compliance Audit PAS Access
|
Allows user to view, schedule and export "PSIRT" and "EOX" job/ report
|
Compliance Audit Policy Access
|
Allows user to create, modify, delete, import and export compliance policy.
|
Compliance Audit Profile Access
|
Allows user to view, schedule and export compliance audit job or report view and download violations summary.
|
Compliance Audit Profile Edit Access
|
Allows user to create, modify and delete compliance profiles view and schedule export compliance audit job or report view
and download violations summary.
|
Configuration Templates Read Access
|
Allows to access configuration templates in read only mode.
|
Configure ACS View Servers
|
Allows acess to manage ACS View Servers.
|
Configure Access Points
|
Allows users to configure access points.
|
Configure Autonomous Access Point Templates
|
Allows access to configure Autonomous AP Templates on Prime Infrastructure.
|
Configure Choke Points
|
Allows users to Configure Choke Points.
|
Configure Config Groups
|
Allows access to Config Groups.
|
Configure Controllers
|
Allows users to configure the Wireless Controller features.
|
Configure Ethernet Switch Ports
|
Controls access to the config ability when viewing ethernet details in DWC for any device.
|
Configure Ethernet Switches
|
Controls access to the config ability when viewing ethernet details in DWC for any device.
|
Configure ISE Servers
|
Allows users to manage ISE servers on Prime Infrastructure
|
Configure Lightweight Access Point Templates
|
Allows users to configure Lightweight Access Point Templates on Prime Infrastructure
|
Configure Mobility Devices
|
Allows user to configure the CAS,WIPS,Mobile concierge service, location analytics service, and provide the mobility procedures
|
Configure Spectrum Experts
|
Allows users to Configure Spectrum Experts.
|
Configure Switch Location Configuration Templates
|
Allow the user to modify Configuration templates
|
Configure Templates
|
Allow the user to do the CRUD operation of Feature Templates on DWC and configuration Template
|
Configure Third Party Controllers and Access Point
|
Allows users to configure Third Party Controllers and Access Points on Prime Infrastructure.
|
Configure WIPS Profiles
|
Allows users to access WIPS Profiles.
|
Configure WiFi TDOA Receivers
|
Allows users to configure WiFi TDOA Receivers.
|
Credential Profile Add_Edit Access
|
Allows user to Add and edit credential profile.
|
Credential Profile Delete Access
|
Allows user to delete credential profile.
|
Credential Profile View Access
|
Allows user to view credential profile.
|
Delete Device Access
|
Allows user to delete devices from Prime Infrastructure.
|
Deploy Configuring Access
|
Allows user to deploy Configuration and IWAN templates.
|
Design Configuration Template Access
|
Allows user to create Configuration > Shared Policy Object templates and Configuration Group templates.
|
Device Bulk Import Access
|
Allows user to perform bulk import of devices from CSV files.
|
Device View configuration Access
|
Allows user to configure devices in the Device Work Center.
|
Edit Device Access
|
Allows user to edit device credentials and other device details.
|
Export Device Access
|
Allows user to export the list of devices, including credentials, as a CSV file.
|
Global SSID Groups
|
Allows users to configure Global SSID Groups.
|
Migration Templates
|
Allows user to create autonomous AP migration templates
|
Network Devices
|
Allows user to access to the Network devices.
|
Network Topology Edit
|
Allows user to create devices, links and network in the topology map, edit the manually created link to assign the interfaces.
|
Scheduled Configuration Tasks
|
Allows user to create and schedule a configuration template,configuration group,software download task and template.
|
TrustSec Readiness Assessment
|
Access to the TrustSec menu which allows users to configure TrustSec in their network.
|
View Compute Devices
|
Access to Data Center compute servers and virtual elements such as Hosts and Virtual Machines managed in Prime Infrastructure.
|
WIPS Service
|
Allows users to configure WIPS Service.
|
Wireless Security
|
Allows user to configure Rogue Policy, Rogur Rule and wIPS profile using Wireless Security Configuration wizard.
|
Network Monitoring
|
Ack and Unack Security Index Issues
|
Allows users to Acknowledge or Unacknowledge Security Index Violations.
|
Admin Dashboard Access
|
Allows user to access the Admin Dashboard.
|
Config Audit Dashboard
|
Allows users to access Config Audit Dashboard.
|
Data Collection Management Access
|
Allow user to access the Assurance Data Sources page.
|
Details Dashboard Access
|
Allow user to access the Detail dashboards.
|
Disable Clients
|
Allows users to access Disabled Clients page.
|
Identify Unknown Users
|
Allows users to access Identify Unknown Users page.
|
Incidents Alarms Events Access
|
Allows user to access incidents alarms events.
|
Latest Config Audit Report
|
Allows user to view the latest config audit reports.
|
Lync Monitoring Access
|
Allows the user to access and view the Lync monitoring page
|
Monitor Access Points
|
Allows users to view Monitor Access Points page.
|
Monitor Chokepoints
|
Allows users to access Monitor Chokepoints page.
|
Monitor Clients
|
Allows users to access Monitor Clients page.
|
Monitor Ethernet Switches
|
Allows user to monitor ethernet interfaces,VLAN switch port,and VLAN trunk of ethernet switches.
|
Monitor Interferers
|
Allows users to access Monitor Interferers pages.
|
Monitor Media Streams
|
Allows user to monitor the media stream configuration information such as name, start and end address ,maximum bandwidth,operational
status,average packet size,RRC updates, priority and violation.
|
Monitor Mobility Devices
|
Allows user to monitor mobility group events such as mobility statistics,mobility responder statistics,mobility initiator
statistics.
|
Monitor Security
|
Allows user to monitor controller security information such as RADIUS authentication,RADIUS accounting,management frame protection,Rogue
AP rules and guest users.
|
Monitor Spectrum Experts
|
Allows users to monitor spectrum experts.
|
Monitor Tags
|
Allows user to monitor tags.
|
Monitor Third Party Controllers and Access Point
|
Allows users to access Monitor Third Party Controllers and Access Point pages.
|
Monitor WiFi TDOA Receivers
|
Allows users to access Monitor WiFi TDOA Receivers pages.
|
Monitoring Policies
|
Allows user to identify the most used rules, troubleshoot a specific rule, and verify hits for the selected rule.
|
Network Topology
|
Allows users to launch the Network Topology map and view the devices and links in the map.
|
Packet Capture Access
|
Allow user to initiate packet captures on NAM and supported routers.
|
Performance Dashboard Access
|
Allow user to access the Performance dashboard.
|
PfR Monitoring Access
|
Allows the user to access and view the PfR Monitoring page
|
RRM Dashboard
|
Allows users to access RRM Dashboard page.
|
Remove Clients
|
Allows users to access Remove Clients page.
|
Service Health Access
|
Allows the user to access and view the Service Health page.
|
Site Visibility Access
|
Allows user to access site visibility.
|
Track Clients
|
Allows users to access Track Clients page.
|
View Security Index Issues
|
Allows users to access Security Index Issues page.
|
Voice Diagnostics
|
Allows users to access Voice Diagnostics information.
|
Wireless Dashboard Access
|
Allows user to view the wireless dashboard.
|
Operations Center Tasks
|
Administrative privileges under Manage and Monitor Servers page
|
Allows for administrative tasks such as Add/Delete/Edit/Activate and deactivate of servers under M&M page.
|
Allow report/dashlet use for users with only NBI Read access
|
Enable this option for users with NBI Read access so they can generate reports and populate all dashlets.
|
Manage and Monitor Servers Page Access
|
Allows access to the Manage & Monitor Servers Page.
|
Plug n Play Configuration
|
PnP Deploy History Read Access
|
Allows user to read provisioned devices status.
|
PnP Deploy History Read-Write Access
|
Allows user to read and delete operations on provisioned devices.
|
PnP Preferences Read Access
|
Allows user to view Plug and Play preferences.
|
PnP Preferences Read-Write Access
|
Allows user to edit Plug and Play preferences.
|
PnP Profile Deploy Read Access
|
Allows user to view Plug and Play provisioning profiles.
|
PnP Profile Deploy Read-Write Access
|
Allow user to create, modify, and delete Plug and Play provisioning profiles.
|
PnP Profile Read Access
|
Allow user to view Plug and Play profiles.
|
PnP Profile Read-Write Access
|
Allow user to create, delete, and modify Plug and Play profiles.
|
WorkflowsReadWriteAccess
|
Allows user to set up configure the cisco IOS switches and access devices
|
Product Usage
|
Product Feedback
|
Allows the user to access the Help Us Improve page.
|
Reports
|
Autonomous AP Reports
|
Allows user to create new Autonomous AP Reports.
|
Autonomous AP Reports Read Only
|
Allows user to view Autonomous AP Reports
|
CleanAir Reports
|
Allows user to create new CleanAir Reports.
|
CleanAir Reports Read Only
|
Allows user to view CleanAir Reports
|
Client Reports
|
Allow user to create Client Reports
|
Client Reports Read Only
|
Allow user to view Client Reports.
|
Compliance Reports
|
Allows user to customize the configuration audit ,network discrepancy,PCI DSS detailed and PCI DSS summary reports,PSIRT detailed
and PSIRT summary reports.
|
Compliance Reports Read Only
|
Allows user to configuration audit,network discrepancy,PCI DSS detailed and PCI DSS summary reports,PSIRT detailed and PSIRT
summary reports.
|
Context Aware Reports
|
Allows user to run context aware/location-specific reports.
|
Context Aware Reports Read Only
|
Allows user to run context aware/location-specific reports.
|
Custom Composite Report
|
Allow user to create 'custom' report with two or more (upto 5 reports ) existing report templates into a single report.
|
Custom NetFlow Reports
|
Allow user to access custom NetFlow reports
|
Custom NetFlow Reports Read Only
|
Allow user to view custom NetFlow reports.
|
Device Reports
|
Allow user to run reports specific to monitoring specific report related to Devices.
|
Device Reports Read Only
|
Allows user to read generated device reports
|
Guest Reports
|
Allow user to create Guest Reports
|
Guest Reports Read Only
|
Allow user to view Guest Reports.
|
MSAP Reports
|
Allows user to run Mobile Concierge reports.
|
MSAP Reports Read Only
|
Allows user to run Mobile Concierge reports.
|
Mesh Reports
|
Allow user to create Mesh Reports.
|
Mesh Reports Read Only
|
Allow user to view Mesh Reports.
|
Network Summary Reports
|
Allows user to create and run network summary reports
|
Network Summary Reports Read Only
|
Allows user to view all Summary reports.
|
Performance Reports
|
Allows user to create performance reports.
|
Performance Reports Read Only
|
Allows user to view performance reports.
|
Raw NetFlow Reports
|
Allows user to view NetFlow reports.
|
Raw NetFlow Reports Read Only
|
Allows user to view Raw NetFlow reports.
|
Report Launch Pad
|
Allows user to access the Report page.
|
Report Run History
|
Allows user to view report history.
|
Run Reports List
|
Allows user to run reports.
|
Saved Reports List
|
Allows user to save reports.
|
Saved Reports List Read Only
|
Allows user to view saved reports.
|
Security Reports
|
Allows user to create Security Reports.
|
Security Reports Read Only
|
Allows users to view wireless security reports related to rogue APs, wIPS etc.
|
Virtual Domains List
|
Allows user to create the Virtual Domain related report.
|
Voice Audit Report
|
Allows user to create the Virtual Domain related report
|
Software Image Management
|
Add Software Image Management Servers
|
Allows user to add software imagemanagement servers.
|
Software Image Access Privilege
|
Allows user to access Inventory > Software Images.
|
Software Image Activation
|
Allows user to upgrade and downgrade software versionss to manage devices in their network.
|
Software Image Collection
|
Allows user to collect images from different locations such as from devics, Cisco.com or from URLs.
|
Software Image Delete
|
Allows user to delete an image from the Software Images page, except for images that are included in Plug and Play profiles.
|
Software Image Details View
|
Allows user to view the image details.
|
Software Image Distribution
|
Allows user to distribute software verisons to managed devices in the network.
|
Software Image Info Update
|
Allows the user to edit and save image properties such as minimum RAM, minimum FLASH and minimum boot ROM version.
|
Software Image Management Server-Manage Protocols
|
Allows user to manage protocol
|
Software Image Preference Save
|
Allows user to save preference options on Software Images page.
|
Software Image Recommendation
|
Allows user to recommend images from Cisco.com and from the local repository.
|
Software Image Upgrade Analysis
|
Allows user to analyze software images to determine if the hardware upgrades (boot ROM, flash memory, RAM, and boot flash,
if applicable) are required before performing a software upgrade.
|
User Administration
|
Audit Trails
|
Allows user to access the Audit trails on user login and logout.
|
RADIUS Servers
|
Allows user to access the RADIUS Servers menu.
|
SSO Server AAA Mode
|
Allows user to access the AAA menu
|
SSO Servers
|
Allows user to access the SSO menu
|
TACACS+ Servers
|
Allows user to access the TACACS+ Servers menu
|
Users and Groups
|
Allows user to access the Users and Groups menu.
|
Virtual Domain Management
|
Allows user to access the Virtual Domain Management menu.
|
Virtual Elements Tab Access
|
When creating virtual domain or adding members to a virtual domain, allows uses to access the virtual elements tab, so as
to allow user to add virtual elements (Datacenters, Clusters and Hosts) to virtual domain.
|
View Online Help
|
OnlineHelp
|
Allows user to access the Prime Infrastructure online help.
|