cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Ivo_Hrbacek
Nickel

Permission profile just for one inline layer

Jump to solution

Hi,

playing with profiles and have a question, I have few people who should have read only just to ONE inline layer. I can create profile, see below, and I am using this profile just in this layer. Anyway my user assigned to this profile can see other policies in read only because this way just limit write access. Is there a way how to change this behavior? and allow users to have read only just to one layer?

thx!

layer settings:

profile:

else policy settings:

1 Solution

Accepted Solutions

Re: Permission profile just for one inline layer

Jump to solution

Hi,

With Permissions Per Layer, you can either have:

- Show all policies and edit specific layers

- Show and edit all policies and layers

- Not see any security policy

You cannot limit users from seeing just some of the layers with R80.10 unfortunately.

One workaround that I can offer would be a self service portal which uses the API commands and limits specific users through that portal, but it won't be as part of SmartConsole.

Hope this helps.

7 Replies
Admin
Admin

Re: Permission profile just for one inline layer

Jump to solution

Just to clarify your question: you only want to allow a specific user to read a specific layer, and not other layers that might be in use, correct?

As far as I know (and https://community.checkpoint.com/people/tomera5b2e7f3-09aa-32f8-96c2-f0f5bfa2988b‌ should be able to confirm), this is not possible at the moment.

0 Kudos

Re: Permission profile just for one inline layer

Jump to solution

Hi,

With Permissions Per Layer, you can either have:

- Show all policies and edit specific layers

- Show and edit all policies and layers

- Not see any security policy

You cannot limit users from seeing just some of the layers with R80.10 unfortunately.

One workaround that I can offer would be a self service portal which uses the API commands and limits specific users through that portal, but it won't be as part of SmartConsole.

Hope this helps.

Ivo_Hrbacek
Nickel

Re: Permission profile just for one inline layer

Jump to solution

Hello Tomer,

back to this question.. do you have some self service portal code which can be shared and used as a template? I do not want to start from scratch you know

thx

ivo

Admin
Admin

Re: Permission profile just for one inline layer

Jump to solution
Ivo_Hrbacek
Nickel

Re: Permission profile just for one inline layer

Jump to solution

thx

Re: Permission profile just for one inline layer

Jump to solution

Is there any chance that this will be possible in future versions ?

Admin
Admin

Re: Permission profile just for one inline layer

Jump to solution

Possibly, but can't commit Smiley Happy

0 Kudos