Scribd Logo
Upload

Welcome to Scribd!

  • Lab 4 User Roles RBAC PDF

    Uploaded by

    Pradeep Kumar
    19 views17 pages
    Lab_4___User_Roles___RBAC.pdf

    Original Title

    Lab_4___User_Roles___RBAC.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Lab_4___User_Roles___RBAC.pdf

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    19 views17 pages

    Lab 4 User Roles RBAC PDF

    Uploaded by

    Pradeep Kumar
    Lab_4___User_Roles___RBAC.pdf

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 17

    Security and Privacy Services

    ArcSight ITS Training


    Lab 4 – Working with Users (RBAC)
    8 August 2013
    Lab 9.1 – Working with Users

    Table of Content
    SECTION 1 – OBJECTIVE ...........................................................................................................................................3
    SECTION 2 – CONFIGURE USER .............................................................................................................................4
    SECTION 3 – CREATE RESOURCES........................................................................................................................7
    SECTION 4 – APPLY RBAC TO USER ....................................................................................................................9
    SECTION 5 – TEST RBAC .........................................................................................................................................17

    Legend

    Notation or important step or note. For example, the objective for each section.

    Observation for the preceding step.

    Deloitte Confidential and Proprietary Page 2 of 17


    Lab 9.1 – Working with Users

    Section 1 – Objective
    The objective for this lab is to work with Role Based Access Control.

    In this lab you will create a limited user and configure the user to only gain access to Check
    Point logs only. This is similar to real world conditions, whereby platform users request
    specific access to logs within ESM.

    Deloitte Confidential and Proprietary Page 3 of 17


    Lab 9.1 – Working with Users

    Section 2 – Configure User


    In the Navigator select Users (Ctrl + Alt + U)

    Deloitte Confidential and Proprietary Page 4 of 17


    Lab 9.1 – Working with Users

     Right click the “Custom User Groups” and select New Group
     Create a new group preceded by your initials, “<your initials> - FW Group”. For
    example, the following is a group created for the user MF:

     Right click on the new group and create your user

    Deloitte Confidential and Proprietary Page 5 of 17


    Lab 9.1 – Working with Users

     Name the user “<your initial> fw user”. For example, the following is a user created
    for the user MF:

    Deloitte Confidential and Proprietary Page 6 of 17


    Lab 9.1 – Working with Users

    Section 3 – Create Resources


    3.1 - Create RBAC Filter
    In this step you will create a filter that will restrict access to the user:

     Open the filter resource, in the navigator pane (Ctrl + Alt + F)


     Under the RBAC Filter Group create a new filter, with the name “<your initial> - FW
    Filter”
     Configure the filter for Check Point firewalls

    3.2 - Copy filter


     Copy (please ensure you select Copy and not Move nor Link) the filter in the
    above folder to the user’s folder

    3.3 - Create a default active channel for the user

     Open the Active Channel resource group (Ctrl + Alt + A)


     Expand the “Personal” group
     Right click on user’s (that was created in Section 2) Active Channel Group and select
    New Active Channel

    Deloitte Confidential and Proprietary Page 7 of 17


    Lab 9.1 – Working with Users

    Configure the Active Channel with the following parameter:

     Channel Name: Firewall events only


     Start Time: $Now – 30m
     End Time: $Now
     Use as Timestamp: End Time
     Time Parameter: Continuously evaluate
     Filter: <your initial> - FW Events (that was copied in Section 3.2)

    Deloitte Confidential and Proprietary Page 8 of 17


    Lab 9.1 – Working with Users

    Section 4 – Apply RBAC to User


     Navigate back to the Users resource (Ctrl + Alt + U)
     Right click on the FW group (that was created in Section 2) and select Edit Access
    Control
     Click on the Events tab

    Deloitte Confidential and Proprietary Page 9 of 17


    Lab 9.1 – Working with Users

    Click on the Add button to select the filter

    Deloitte Confidential and Proprietary Page 10 of 17


    Lab 9.1 – Working with Users

    Select the filter that was created, in Section 3:

    Deloitte Confidential and Proprietary Page 11 of 17


    Lab 9.1 – Working with Users

    Click on Resources

    Deloitte Confidential and Proprietary Page 12 of 17


    Lab 9.1 – Working with Users

    Ensure that the Resource option has Active Channel selected and select Add:

    Deloitte Confidential and Proprietary Page 13 of 17


    Lab 9.1 – Working with Users

    Select the firewall active channel that was just created:

    Deloitte Confidential and Proprietary Page 14 of 17


    Lab 9.1 – Working with Users

    Change the resource to Filter and click on Add

    Deloitte Confidential and Proprietary Page 15 of 17


    Lab 9.1 – Working with Users

    Select the filter set that was bound to the user:

    Add any other resources you want the user to have and click on Applyand OK.

    Deloitte Confidential and Proprietary Page 16 of 17


    Lab 9.1 – Working with Users

    Section 5 – Test RBAC

    Using another console instance, log in as the user you just created. Try to remove the
    filter on the Active Channel and see what happens.

    Deloitte Confidential and Proprietary Page 17 of 17

    You might also like