User Management
Configuring Users and User Groups
Cisco ISA500 Series Integrated Security Appliances Administration Guide 389
9
This section describes how to maintain the users and user groups in local
datab ase. Re fer to the followi ng topic s:
•Default User and User Group, page 389
•Available Services for User Groups, page 389
•Preempt Administrators, page 390
•Configuring Local Users, page 390
•Configuring Local User Groups, page 391
Default User and User Group
The security appliance maintains user and user group information in the local
database. The local database supports up to 100 users and 50 user groups. A
user group can include up to 100 users. Any user must be a member of a user
group.
The default administrator account (“cisco”) has full privilege to set the
configuration and read the system status. The default administrator account
cannot be deleted. For security purposes, you must change the default
administrator password at the first login. See Changing the Default Administrator
Password, pa ge 32.
The default user group (“admin”) has the administrative web login access ability
and enables the SSL VPN, IPsec Remote Access, and Captive Portal service s. The
default user group cannot be deleted, but its service policy can be modified.
Available Services for User Groups
A user can only belong to one user group. The users in the same user group share
the same service policy. A user group has only one service policy. The services
available for a user group include:
•Web Login: Allows the members of the user group to log into the
Configuration Utility through the web browser to view the configuration only
or to set the configuration.
•SSL VPN: Allows the members of the user group at remote sites to
establish the SSL VPN tunnels based on the selected SSL VPN group