Methods and devices are provided for role-based access control of network
devices. The network devices may constitute the fabric of a storage area
network ("SAN") that has been logically partitioned into virtual storage
area networks ("VSANs") that are allocated to various administrators.
Roles assigned according to preferred aspects of the invention do not
need to be hierarchical, but are customized according to administrators'
needs.