Cisco Cisco Content Security Management Appliance M160 Guía Del Usuario
13-4
AsyncOS 10.0 for Cisco Content Security Management Appliances User Guide
Chapter 13 Distributing Administrative Tasks
Assigning User Roles
Custom User Roles
The Security Management appliance allows users with Administration privileges to delegate
administration capabilities to custom roles. Custom roles provide more flexible control over your users’
access than the predefined user roles do.
administration capabilities to custom roles. Custom roles provide more flexible control over your users’
access than the predefined user roles do.
Users to whom you assign custom user roles can manage policies or access reports for a subset of
appliances, features, or end users. For example, you might allow a delegated administrator for web
services to manage policies for an organization’s branch office in a different country, where the
acceptable use policies might be different from those at the organization’s headquarters. You delegate
administration by creating custom user roles and assigning access permissions to those roles. You
determine which policies, features, reports, custom URL categories, etc. that the delegated
administrators can view and edit.
appliances, features, or end users. For example, you might allow a delegated administrator for web
services to manage policies for an organization’s branch office in a different country, where the
acceptable use policies might be different from those at the organization’s headquarters. You delegate
administration by creating custom user roles and assigning access permissions to those roles. You
determine which policies, features, reports, custom URL categories, etc. that the delegated
administrators can view and edit.
For more information, see:
•
•
•
About Custom Email User Roles
You can assign custom roles to allow delegated administrators to access the following on the Security
Management appliance:
Management appliance:
•
All reports (optionally restricted by Reporting Group)
•
Mail Policy reports (optionally restricted by Reporting Group)
•
DLP reports (optionally restricted by Reporting Group)
•
Message Tracking
•
Quarantines
Detailed information about each of these items follows this section. In addition, all users granted any of
these privileges can see the System Status, available under the Management Appliance tab > Centralized
Services menu. Users assigned to custom email user roles cannot access the CLI.
these privileges can see the System Status, available under the Management Appliance tab > Centralized
Services menu. Users assigned to custom email user roles cannot access the CLI.
Note
Custom user roles on the Email Security appliance offer more granular access than do user roles on the
Security Management appliance. For example, you can delegate access to mail and DLP policies and
content filters. For details, see the “Managing Custom User Roles for Delegated Administration” section
in the “Common Administration” chapter of the documentation or online help for your Email Security
appliance.
Security Management appliance. For example, you can delegate access to mail and DLP policies and
content filters. For details, see the “Managing Custom User Roles for Delegated Administration” section
in the “Common Administration” chapter of the documentation or online help for your Email Security
appliance.
Access to Email Reporting
You can grant custom user roles access to Email reports as described in the following sections.
For complete information about the Email Security Monitor pages on the Security Management
appliance, see the chapter on
appliance, see the chapter on
.