webadmin accounts

Question

Hi - I am new to UTM, so can I ask, is access to the webadmin area of UTM intergrated with active directory accounts, or if its a unique login, where are the user details/permissions stored, is this in some sort of SQL database? 
 Also - is it possible to export the firewall rules out to a file for security analysis, i.e. to a spreadsheet? I wasnt sure if per rule there would be any clues as to when the rule was created/last modified, i.e. a date stamp and which user made the change?

pkmarquis · Accepted Answer

1) Access to the WebAdmin is controlled through roles defined under [Management]>>[WebAdmin Settings]>>[Access Control]. You can drop in users or groups to these roles. The only exception to this is Full Admin which is defined in the [General] tab and there is a default group called SuperAdmins, membership in this group gives you access to everything (because it is listed in [General] as an Admin). 
 
2) I think what you are looking for is located under [Support]>>[Printable Configuration]>>[Generate Report Now...]>>[Firewall Configuration]>>[Firewall Rule Object Table] 
 
3) Under [Network Protection]>>[Firewall]>>[Rules] each rule has a blue (i) to the right. This will tell you who last edited the rule and when.

Scott_Klassen · Answer

To add, KEEP the built-in admin account. I know of several new users who added AD accounts, but then disabled the built-in local admin account. They had AD or network issues and then couldn't get into WebAdmin. You'll want the local admin account as a backup, just in case. 
 
 "where are the user details/permissions stored, is this in some sort of SQL database" This information is stored in a configuration database that end users shouldn't be in. 
 
 If you log into the shell, you'll see the following: 
 NOTE: If not explicitly approved by Sophos support, any modifications done by root will void your support. 
 
 If you are a paid license user, take this warning seriously.