Cisco Cisco Email Security Appliance C170 Guia Do Utilizador
32-10
Cisco AsyncOS 9.1 for Email User Guide
Chapter 32 Distributing Administrative Tasks
Managing Custom User Roles for Delegated Administration
Related Topics
•
•
•
•
•
•
•
Mail Policies and Content Filters
The Mail Policies and Content Filters access privileges define a delegated administrator’s level of access
to the incoming and outgoing mail policies and content filters on the Email Security appliance. You can
assign specific mail policies and content filters to a custom user role, allowing only the delegated
administrators belonging to this role, along with operators and administrators, to manage the mail
policies and content filters.
to the incoming and outgoing mail policies and content filters on the Email Security appliance. You can
assign specific mail policies and content filters to a custom user role, allowing only the delegated
administrators belonging to this role, along with operators and administrators, to manage the mail
policies and content filters.
All delegated administrators with this access privilege can view the default incoming and outgoing mail
policies but they can only edit these policies if they have full access.
policies but they can only edit these policies if they have full access.
All delegated administrators with access privileges can create new content filters to use with their mail
policies. A content filter created by a delegated administrator is available to the other delegated
administrators assigned to the custom user role. Content filters that are not assigned to any custom user
role are public and can be viewed by all delegated administrators with the mail policy access privilege.
Content filters created by operators and administrators are public by default. Delegated administrators
can enable or disable any existing content filters on mail policies assigned to their custom user role, but
they cannot modify or delete public content filters.
policies. A content filter created by a delegated administrator is available to the other delegated
administrators assigned to the custom user role. Content filters that are not assigned to any custom user
role are public and can be viewed by all delegated administrators with the mail policy access privilege.
Content filters created by operators and administrators are public by default. Delegated administrators
can enable or disable any existing content filters on mail policies assigned to their custom user role, but
they cannot modify or delete public content filters.
If a delegated administrator deletes a content filter used by mail policies other than their own, or if the
content filter is assigned to other custom user roles, AsyncOS does not delete the content filter from the
system. AsyncOS instead unlinks the content filter from the custom user role and removes it from the
delegated administrator’s mail policies. The content filter remains available to other custom user roles
and mail policies.
content filter is assigned to other custom user roles, AsyncOS does not delete the content filter from the
system. AsyncOS instead unlinks the content filter from the custom user role and removes it from the
delegated administrator’s mail policies. The content filter remains available to other custom user roles
and mail policies.
Delegated administrators can use any text resource or dictionary in their content filters, but they cannot
access the Text Resources or Dictionaries pages in the GUI to view or modify them. Delegated
administrators also cannot create new text resources or dictionaries.
access the Text Resources or Dictionaries pages in the GUI to view or modify them. Delegated
administrators also cannot create new text resources or dictionaries.
For outgoing mail policies, delegated administrators can enable or disable DLP policies but they cannot
customize the DLP settings unless they also have DLP policy privileges.
customize the DLP settings unless they also have DLP policy privileges.
You can assign one of the following access levels for mail policies and content filters to a custom user
role:
role:
•
No access: Delegated administrators cannot view or edit mail policies and content filters on the
Email Security appliance.
Email Security appliance.
•
View assigned, edit assigned: Delegated administrators can view and edit the mail policies and
content filters assigned to the custom user role and create new content filters. Delegated
administrators can edit a policy’s Anti-Spam, Anti-Virus, and Outbreak Filters settings. They can
enable their content filters for the policy, as well as disable any existing content filter assigned to
the policy, regardless of whether they are responsible for it. Delegated administrators cannot modify
a mail policy’s name or its senders, recipients, or groups. Delegated administrators can modify the
order of the content filters for mail policies assigned to their custom user role.
content filters assigned to the custom user role and create new content filters. Delegated
administrators can edit a policy’s Anti-Spam, Anti-Virus, and Outbreak Filters settings. They can
enable their content filters for the policy, as well as disable any existing content filter assigned to
the policy, regardless of whether they are responsible for it. Delegated administrators cannot modify
a mail policy’s name or its senders, recipients, or groups. Delegated administrators can modify the
order of the content filters for mail policies assigned to their custom user role.