Cisco Cisco Email Security Appliance C690 Guida Utente

If a delegated administrator also has mail policy privileges, they can customize the 
RSA Email DLP policies. Delegated administrators can use any custom DLP 
dictionary for their RSA Email DLP policies, but they cannot view or modify the 
custom DLP dictionaries.

You can assign one of the following access levels for RSA Email DLP policies to 
a custom user role:

No access: Delegated administrators cannot view or edit RSA Email DLP 
policies on the Email Security appliance.

View assigned, edit assigned: Delegated administrators can use the DLP 
Policy Manager to view and edit the RSA Email DLP policies assigned to the 
custom user role. Delegated administrators cannot rename or reorder DLP 
policies in the DLP Policy Manager.

View all, edit assigned: Delegated administrators can view and edit the RSA 
Email DLP policies assigned to the custom user role. They can also view all 
RSA Email DLP policies that are not assigned to the custom user role but they 
cannot edit them. Delegated administrators cannot reorder DLP policies in 
the DLP Policy Manager or rename the policy.

View all, edit all (full access): Delegated administrators have full access to 
all of the RSA Email DLP policies on the appliance, including the ability to 
create new ones. Delegated administrators can reorder DLP policies in the 
DLP Policy Manager.

You can assign individual RSA Email DLP policies to the custom user role using 
either the DLP Policy Manager or the Custom User Roles for Delegated 
Administration table on the User Roles page.

See the “Data Loss Prevention” chapter in the Cisco IronPort AsyncOS for Email 
Advanced Configuration Guide for more information on RSA Email DLP policies 
and the DLP Policy Manager.

 for information 

on using the Custom User Roles for Delegated Administration list to assign RSA 
Email DLP policies.