Professional Documents
Culture Documents
User Roles Defense Center Interface Traffic Widget Intrusion Events Widget Network Correlation Widget Product Licensing Widget Product Updates Widget RSS Feed Widget System Load Widget System Time Widget White List Events Widget Reporting Manage Report Templates Summary Intrusion Event Statistics Intrusion Event Performance Intrusion Event Graphs Discovery Statistics Discovery Performance Connection Summary Analysis Application Statistics Geolocation Statistics User Statistics URL Category Statistics URL Reputation Statistics Intrusion Event Statistics by Application Intrusion Event Statistics by User Security Intelligence Category Statistics Context Explorer Connection Events Modify Connection Events Restrictive Search Connection Summary Events Modify Connection Summary Events Restrictive Search Intrusion Events Modify Intrusion Events Restrictive Search View Local Rules Reviewed Events
Descripcin
User Roles Defense Center Clipboard Incidents Malware Events Modify Malware Events Restrictive Search File Events Modify File Events Restrictive Search Hosts Network Map Hosts Modify Hosts Servers Modify Servers Vulnerabilities Host Attributes Modify Host Attributes Hosts Modify Hosts Restrictive Search Applications Restrictive Search Application Details Modify Application Details Restrictive Search Servers Modify Servers Restrictive Search Host Attributes Modify Host Attributes Restrictive Search Host Attribute Management Discovery Events Modify Discovery Events Restrictive Search Users User Activity Modify User Activity Events Restrictive Search Users
Descripcin
User Roles Defense Center Modify Users Restrictive Search Vulnerabilities Vulnerabilities Modify Vulnerabilities Restrictive Search Third-party Vulnerabilities Modify Third-party Vulnerabilities Restrictive Search Correlation Correlation Events Modify Correlation Events Restrictive Search White List Events Modify White List Events Restrictive Search White List Violations Restrictive Search Remediation Status Modify Remediation Status Restrictive Search Custom Custom Workflows Manage Custom Workflows Custom Tables Manage Custom Tables Search Manage Search Bookmarks Manage Bookmarks Policies Access Control Access Control List Modify Access Control Policy Modify Administrator Rules Modify Root Rules Apply Intrusion Policies Apply Access Control Policies Intrusion Intrusion Policy
Descripcin
User Roles Defense Center Modify Intrusion Policy Rule Editor Email File Policy Modify File Policy Network Discovery Modify Network Discovery Apply Network Discovery Custom Fingerprinting Custom Topology Application Detectors User 3rd Party Mappings Custom Product Mappings Users Correlation Policy Management Rule Management White List Traffic Profiles Actions Alerts Impact Flag Alerts Discovery Event Alerts Scanners Scan Results Modify Scan Results Restrictive Search Groups Modules Instances Devices Device Management Modify Devices Apply Device Changes NAT NAT List Modify NAT Policy Apply NAT Rules VPN Modify VPN
Descripcin
User Roles Defense Center Apply VPN Changes Object Manager FireAMP Health Health Policy Modify Health Policy Apply Health Policy Health Events Modify Health Events Restrictive Search System Local Configuration Registration High Availability eStreamer Host Input Client User Management Login Authentication System Policy Modify System Policy Apply System Policy Updates Rule Updates Rule Update Import Log Restrictive Search Licenses Monitoring Audit Modify Audit Log Restrictive Search Syslog Task Status View Other Users' Tasks Statistics Tools Backup Management Restore Backup Scheduling Delete Other Users' Scheduled Tasks
Descripcin
Descripcin
Access Conventions
The Access statement at the beginning of each procedure in this documentation indicates the predefined user role required to perform the procedure. A forward slash separating roles indicates that any of the listed roles can perform the procedure. The following table defines common terms that appear in the Access statement. Access Conventions
Access Term
Indicates
Access Admin
Admin
Any
Any/Admin
User can have any role, but only the Administrator role has unrestricted access (such as the ability to view other users data saved as private)
User can have either the Security Analyst or Security Analyst (Read Only) role
Database
Discovery Admin
Intrusion Admin
Maint
Network Admin
Security Analyst
Security Approver
Users with custom roles may have permission sets that differ from those of the predefined roles. When a predefined role is used to indicate access requirements for a procedure, a custom role with similar permissions also has access. For more information on custom user roles, see Managing Custom User Roles.
Analysis Menu Policies Menu Devices Menu Object Manager Health Menu System Menu Help Menu
The selectable options under System Permissions allow you to create a user role that can make queries to the external database or escalate to the permissions of a target user role. For more information, see Enabling Access to the Database and Managing User Role Escalation.
Optionally, instead of creating a new custom user role, you can export a custom user role from another appliance, then import it onto your appliance. You can then edit the imported role to suit your needs before you apply it. For more information, see Exporting Objects and Importing Objects.