Cisco Cisco FirePOWER Appliance 7030
48-5
FireSIGHT System User Guide
Chapter 48 Managing Users
Managing Authentication Objects
•
Maintenance Users can access monitoring functions (including health monitoring, host statistics,
performance data, and system logs) and maintenance functions (including task scheduling and
backing up the system).
performance data, and system logs) and maintenance functions (including task scheduling and
backing up the system).
Note that maintenance users do not have access to the functions in the Policies menu and can only
access the dashboard from the Analysis menu.
access the dashboard from the Analysis menu.
•
Network Admins can review, modify, and apply device configurations as well as review and modify
access control policies (but not file policies).
access control policies (but not file policies).
•
Security Approvers can view and apply, but not create, configuration and policy changes.
•
Security Analysts can review, analyze, and delete intrusion, discovery, user activity, connection,
correlation, and network change events. They can review, analyze, and (when applicable) delete
hosts, host attributes, services, vulnerabilities, and client applications. Security Analysts can also
generate reports and view (but not delete or modify) health events.
correlation, and network change events. They can review, analyze, and (when applicable) delete
hosts, host attributes, services, vulnerabilities, and client applications. Security Analysts can also
generate reports and view (but not delete or modify) health events.
•
Security Analysts (Read Only) have all the same rights as Security Analysts, except that they cannot
delete events.
delete events.
In addition to the above predefined roles, you can also configure custom user roles with specialized
access privileges. Any role can be the default access role for externally authenticated users.
access privileges. Any role can be the default access role for externally authenticated users.
You can grant user role escalation privileges to externally authenticated user accounts; you can also use
an externally authenticated user’s password as the escalation password. For more information, see
an externally authenticated user’s password as the escalation password. For more information, see
Managing Authentication Objects
License:
Any
Authentication objects are server profiles for external authentication servers, containing connection
settings and authentication filter settings for those servers. You can create, manage, and delete
authentication objects on the Defense Center. See the following sections for details on these tasks:
settings and authentication filter settings for those servers. You can create, manage, and delete
authentication objects on the Defense Center. See the following sections for details on these tasks:
•
•
•
•
•
•
•
•
•
•
•
Understanding LDAP Authentication
License:
Any