It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

How to Create a New Administrators Account

  • Last updated on

Administrators accounts specify which configuration areas and tasks administrative users can access and change on a standalone Barracuda CloudGen Firewall or Barracuda Firewall Control Center on box level. Admin users can log into the system using the credentials specified in their profile and view or edit the services and settings defined in the administrative roles assigned to them.

Administrative Roles

Users can view or edit settings and services on the Barracuda CloudGen Firewall according to their assigned roles.

Box MenuSoftware ItemManager

Operator

MailSecurityAuditCleanup
Virus ScannerAccess to configuration tabYesNoNoYesNo No
Modify Configuration
YesNoNoYesNoNo
Update PatternYes NoNoYesNoNo
Disable/Enable Pattern UpdateYesNoNoYesNoNo
Box MenuSoftware ItemManagerOperatorMailSecurityAuditCleanup
Config






Access to configuration tabYesNoNoYesYesNo
Create a DHA boxYesNoNoNoNoNo
Create a PAR fileYesNoNoNoNoNo
Create a repositoryYesNoNoNoNoNo
Create a serverYesNoNoNoNoNo
Create a serviceYesNoNoNoNoNo
Kill configuration sessionsYesNoNoNoNoNo
HA synchronizationYesNoNoYesNoNo
Box MenuSoftware ItemManager

Operator

MailSecurityAuditCleanup
Control













Access to configuration tabYesYesNoYesNoNo
Activate new network configuration YesYesNoNoNoNo
Block a server YesYesNoNoNoNo
Block a service YesYesNoNoNoNo
Time control YesNoNoNoNoNo
Delete Wild Route YesYesNoNoNoNo
Import license YesNoNoNoNoNo
Kill sessions YesYesNoNoNoNo
Firmware Restart YesYesNoNoNoNo
Reboot/Shutdown Box YesYesNoNoNoNo
Remove license YesNoNoNoNoNo
Restart network configuration YesYesNoNoNoNo
Show license YesYesNoNoNoNo
Start a server YesYesNoNoNoNo
Stop a server YesYesNoNoNoNo
Box MenuSoftware ItemManager

Operator

MailSecurityAuditCleanup
DHCPAccess to configuration tabYesYesNoNoNoNo
Modify ConfigurationYesNoNoYesNoNo
GUI commandsYesYesNoNoNoNo
Box MenuSoftware ItemManager

Operator

MailSecurityAuditCleanup
Events




Access to configuration tabYesYesNoYesYesYes
Confirm events YesYesNoNoNoYes
Delete events YesNoNoNoNoYes
Mark events as read  YesYesNoNoNoYes
Set events to silent YesYesNoNoNoYes
Stop alarm YesYesNoNoNoYes
Box MenuSoftware ItemManager

Operator

MailSecurityAuditCleanup
Firewall 








Access to configuration tabYesYesNoYesYesNo
Modify ConfigurationYesNoNoYesNoNo
Access to trace tab  YesNoNoYesNoNo
Remove entries from cache YesNoNoYesNoNo
Terminate connections YesYesNoYesNoNo
Create dynamic rules YesYesNoYesNoNo
Kill a process  YesYesNoYesNoNo
Modify connections YesYesNoYesNoNo
Modify traces YesNoNoYesNoNo
Toggle traces YesNoNoYesNoNo
View rules  YesNoNoYesNoNo
Box MenuSoftware ItemManager

Operator

MailSecurityAuditCleanup
Logs



Access to configuration tabYesNoNoYesYesYes
Delete resource logs (box_) YesNoNoNoNoYes
Delete service logs  YesNoNoNoNoYes
Read resource logs (box_)  YesNoNoYesYesYes
Read service logs  YesNoNoYesYesYes
Box MenuSoftware ItemManager

Operator

MailSecurityAuditCleanup
Mail 



Access to configuration tabYesNoYesNoYesNo
Modify ConfigurationYesNoNoYesNoNo
GUI commands  YesNoYesNoNoNo
View Stripped Attachments YesNoYesNoYesNo
Retrieve Stripped Attachments YesNoYesNoNoNo
Delete Stripped Attachments YesNoYesNoNoNo
Box MenuSoftware ItemManager

Operator

MailSecurityAuditCleanup
Access Control Service

Access to configuration tabYesNoNoYesNoNo
Modify ConfigurationYesNoNoYesNoNo
Enable Commands   YesNoNoYesNoNo
Block Sync YesNoNoYesNoNo

Create an Administrator Profile

  1. Go to CONFIGURATION > Configuration Tree > Box > Administrators.
  2. Click Lock.
  3. In the Administrators section, click + to add an administrator account.
  4. Enter a unique Name for the account and click OK. The Administrators window opens. This account name is ued to log into the firewall.

    Do NOT use the following names because they are reserved by the system: master, ha, root, bin, adm, daemon, lp, system, sync, shutdown, halt, mail, operator, nobody, support, uucp.

  5. Enter the Full Name of the administrator or a description for the account.
  6. In the Assigned Roles table, add the appropriate administrative roles for the user. For a description of roles, see the Administrative Roles section.
  7. If you wish to grant permission for shell level access, select an option from the System Level Access list. You can select:
    • No OS Login – Shell access is denied.
    • Standard OS Login – Allows access on the OS layer via a default user account (home directory: user/phion/home/username).
    • Restricted OS Login – Permits access via a restricted shell (rbash) with limitations (e.g., specifying commands containing slashes, changing directories by entering cd, …). A restricted login confines any saving action to the user's home directory.
  8. Select the Authentication Level that is required to access a system.
  9. If external authentication is required, select the corresponding method from the External Authentication field.

  10. When using a password, select the corresponding scheme from the Password Validation list.
  11. Enter the External Login Name for the authentication scheme if it is different than the admin account name.
  12. Enter the password for the Barracuda Firewall Admin login. When creating an account, the new password must be entered in both the Current and New fields, even though the password has not yet been created. The password must be confirmed by re-entering it in the Confirm field.
  13. Import the Public RSA Key if required.
  14. If required, use the Peer IP Restriction table to set an access restriction on IP address and/or subnet level on which Barracuda Firewall Admin runs.
  15. From the Login Event list, select how a login is recorded. You can select.
    • Service Default (default) – refers to the settings made within the Barracuda Firewall Control Center Access Notification (see How to Configure Access Notifications).
    • Silent – suppresses any event notification.
  16. Click Send Changes and Activate.

Your admin user can now log into the Barracuda CloudGen Firewall or Barracuda Firewall Control Center box and view or edit the services according to their assigned roles.