Users and Roles

In this session we will look at the user roles and how we set up notifications for both admins and analysts. The user name identifies each user accessing the appliance or appliances. Each user name must be unique to the network server. By default the user name has the following characteristics. Must be 1 to 16 characters in length. Characters are case sensitive. May only use letters numbers and underscores. Passwords must meet a minimum requirement of 8 to 32 characters and using password validation policies you can configure rules for stricter password control. Users have the ability to change their own passwords once logged into the appliance. Each account will have a current status which specifies whether the user is currently authorized to log into the system and for how long. This can be seen by highlighting the user from the list and reading the information from the status window in the top half of the screen. Roles give system administrators finer control over what users can do and see on the appliance. Each user account is associated with a single role which is a collection of capabilities that allow the user to perform certain operations. Current roles include; the Admin. Users assigned with the Admin role are administrators. They are super users who can perform all appliance product functions and have full access to all Web UI views, all CLI commands and the API. The primary function of this role is to configure and control the system.

Monitor. Users assigned the Monitor roll have ‘read only’ access to the ‘Appliance Setting’ screens, the ‘Health Check’ page and the ‘Appliance Update’ page. They cannot request data or take actions on the system. Monitors do not have access to the appliance product features or the API and can only run CLI show commands. Operator. Users assigned the operator roll have a subset of the capabilities associated with the Admin role. These users have read only access to the dashboard. They can perform operational function on the appliances. They have no access to the API and can only run CLI show commands. Analyst. The system analyst focuses on the detection of malware and taking appropriate actions including setting up alerts and reports. Auditor. This role is for system logs only. For every role there’s a corresponding system account to the same name that has the role. System accounts cannot be deleted or modified with the exception of being locked out so they can not be used to log-in. By default, each user is granted a Monitor role. An administrator can change the role or give a user ‘no role’. User with ‘no role’ cannot log into the appliance. If a role is changed while the affected user is logged in, the user will be forcibly logged out. When the user logs in again the capabilities provided by the new role are available to the user.

Scroll to Top