Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
33-8
User Guide for AsyncOS 9.8 for Cisco Email Security Appliances
Chapter 33 Distributing Administrative Tasks
Managing Custom User Roles for Delegated Administration
•
The Trace debugging tool.
•
Spam, policy, virus, and outbreak quarantines.
•
Cisco Email Encryption profiles.
After defining the access levels for a custom user role, you need to assign the specific mail policies,
content filters, DLP policies, quarantines, or encryption profiles for which the delegated administrators
will be responsible.
content filters, DLP policies, quarantines, or encryption profiles for which the delegated administrators
will be responsible.
For example, you can create two different DLP policy administrator roles that are responsible for
different RSA Email DLP policies. One role is only responsible for DLP violations related to company
confidentiality and acceptable use, while the other is responsible for DLP violations related to privacy
protection. In addition to DLP policies access, these custom user roles can also be assigned privileges
for tracking message data and viewing quarantines and reports. They can search for DLP violations
related to the policies that they are responsible for in using Message Tracking.
different RSA Email DLP policies. One role is only responsible for DLP violations related to company
confidentiality and acceptable use, while the other is responsible for DLP violations related to privacy
protection. In addition to DLP policies access, these custom user roles can also be assigned privileges
for tracking message data and viewing quarantines and reports. They can search for DLP violations
related to the policies that they are responsible for in using Message Tracking.
You can view which responsibilities are available to assign to a custom user role by clicking on the links
for the assigned privileges in the Custom User Roles for Delegated Administration table on the User
Roles page. See
for the assigned privileges in the Custom User Roles for Delegated Administration table on the User
Roles page. See
Related Topics
•
•
•
•
•
•
•
Mail Policies and Content Filters
The Mail Policies and Content Filters access privileges define a delegated administrator’s level of access
to the incoming and outgoing mail policies and content filters on the Email Security appliance. You can
assign specific mail policies and content filters to a custom user role, allowing only the delegated
administrators belonging to this role, along with operators and administrators, to manage the mail
policies and content filters.
to the incoming and outgoing mail policies and content filters on the Email Security appliance. You can
assign specific mail policies and content filters to a custom user role, allowing only the delegated
administrators belonging to this role, along with operators and administrators, to manage the mail
policies and content filters.
All delegated administrators with this access privilege can view the default incoming and outgoing mail
policies but they can only edit these policies if they have full access.
policies but they can only edit these policies if they have full access.
All delegated administrators with access privileges can create new content filters to use with their mail
policies. A content filter created by a delegated administrator is available to the other delegated
administrators assigned to the custom user role. Content filters that are not assigned to any custom user
role are public and can be viewed by all delegated administrators with the mail policy access privilege.
Content filters created by operators and administrators are public by default. Delegated administrators
can enable or disable any existing content filters on mail policies assigned to their custom user role, but
they cannot modify or delete public content filters.
policies. A content filter created by a delegated administrator is available to the other delegated
administrators assigned to the custom user role. Content filters that are not assigned to any custom user
role are public and can be viewed by all delegated administrators with the mail policy access privilege.
Content filters created by operators and administrators are public by default. Delegated administrators
can enable or disable any existing content filters on mail policies assigned to their custom user role, but
they cannot modify or delete public content filters.
If a delegated administrator deletes a content filter used by mail policies other than their own, or if the
content filter is assigned to other custom user roles, AsyncOS does not delete the content filter from the
system. AsyncOS instead unlinks the content filter from the custom user role and removes it from the
delegated administrator’s mail policies. The content filter remains available to other custom user roles
and mail policies.
content filter is assigned to other custom user roles, AsyncOS does not delete the content filter from the
system. AsyncOS instead unlinks the content filter from the custom user role and removes it from the
delegated administrator’s mail policies. The content filter remains available to other custom user roles
and mail policies.