The following terms describe the various levels of network security and access controls inherent to the campus SIC® SaaS solution.

Domain - the secure virtual (not limited by physical) area and perimeter of the campus network that is private to your tenancy. In commercial installations, this is specific to your company network assets. In residential installations, this is specific to your home network assets.

Domain User - account role which has no Manager Functions. Note that when a user with Domain privilege logs into the portal, they are advised who their Domain Admin and Domain Manager(s) are:

Domain Manager - account role which can perform all Manager Functions. Note that when a user with Domain Manager privilege logs into the portal, they can see all of the user accounts in their Domain, also showing the role of each individual user.

Domain Admin - account role which is responsible for the full administrative management of your Domain, including all Manager Functions. Can grant Domain Manager role to Domain Users, and can revoke Domain Manager role from existing Domain Managers. This role has irrevocable administrative permissions (it cannot be modified by others in the Domain). As such, re-assignment of the Domain Admin account requires OpticWise Support. Every Domain must have exactly one Domain Admin account. Note that when a user with Domain Admin privilege logs into the portal, they can see all of the user accounts in their Domain, also showing the role of each individual user.

Hint: Consider associating the account to an email address that is not specific to a particular user, used only for granting or revoking Domain Manager privilege to others, and ideally an email address that is secured with multi-factor authentication.

IoT Device - any WiFi device which is not capable of WiFi-connecting to a network using both a username and a password. IoT devices include printers, thermostats, music and streaming devices (like Apple TVs, Amazon Echos, Rokus, etc). The easiest way to confirm if your device is an "IoT Device" is to attempt to join it to the tenant-only WiFi network. If you are prompted for a username first, then your device is capable of enterprise authentication, is not considered an IoT Device in this case, does not need to be specifically onboarded in the portal, and can be joined to the WiFi network using your username and password. However, if you are first prompted for a password (not a username), then your device is considered an IoT device, and a Domain Manager or the Domain Admin will need to Add the Device in the user portal.

Manager Functions - privilege-elevated functions within the Domain which include viewing/adding/deleting Domain Users, Domain Managers, and IoT Devices, and downloading SSL certificates relevant to authentication services on the campus network.