Cisco Cisco FirePOWER Appliance 7020
48-64
FireSIGHT System User Guide
Chapter 48 Managing Users
Configuring Single Sign-on from Cisco Security Manager
•
If you want users with this role to use their own passwords when they escalate, select
Authenticate
with the assigned user’s password
.
•
If you want users with this role to use the password of another user, select
Authenticate with the
specified user’s password
and type that username.
Note
When authenticating with another user’s password, you can enter any username, even that of a
deactivated or nonexistent user. Deactivating the user whose password is used for escalation
makes escalation impossible for users with the role that requires it. You can use this feature to
quickly remove escalation powers if necessary.
deactivated or nonexistent user. Deactivating the user whose password is used for escalation
makes escalation impossible for users with the role that requires it. You can use this feature to
quickly remove escalation powers if necessary.
Step 7
Click
Save
.
Your changes are saved and the User Roles page appears again. Users with this role can now escalate to
the target user role. For more information on assigning roles to a user, see
the target user role. For more information on assigning roles to a user, see
Escalating Your User Role
License:
Any
When a user has an assigned custom user role with permission to escalate, that user may escalate to the
target role’s permissions at any time. Note that escalation has no effect on user preferences. The
target role’s permissions at any time. Note that escalation has no effect on user preferences. The
Escalate
Permissions
option in the User menu does not appear if your assigned user role is not configured for user
role escalation.
To escalate user permissions:
Access:
Any
Step 1
Select
Local > User > Escalate Permissions
.
The Escalate User Permissions dialog box appears.
Step 2
Enter the authentication password.
Step 3
Click
Escalate
.
You now have all permissions of the escalation target role in addition to your current role.
Note that escalation lasts for the remainder of your login session. To return to the privileges of your base
role only, you must log out, then begin a new session.
role only, you must log out, then begin a new session.
Configuring Single Sign-on from Cisco Security Manager
License:
Any
Supported Devices:
ASA FirePOWER
Single sign-on (SSO) enables integration between Cisco Security Manager (CSM) Version 4.7 or higher
and the Defense Center, which allows you to access the Defense Center from CSM without additional
authentication to log in. When managing the ASA module of an ASA FirePOWER device, you may want
and the Defense Center, which allows you to access the Defense Center from CSM without additional
authentication to log in. When managing the ASA module of an ASA FirePOWER device, you may want