Руководство Пользователя для Cisco Cisco Email Security Appliance C160
31-9
Cisco AsyncOS 8.5.5 for Email Security User Guide
Chapter 31 Distributing Administrative Tasks
Managing Custom User Roles for Delegated Administration
Figure 31-2
Account Privileges Page for a Delegated Administrator
Assigning Access Privileges
When creating a custom user role, you define the levels of access to the security features for which
delegated administrators are responsible.
delegated administrators are responsible.
The security features available for delegated administrators to manage are:
•
Incoming and outgoing mail policies and content filters.
•
Data Loss Prevention (DLP) policies.
•
Email reporting.
•
Message Tracking.
•
The Trace debugging tool.
•
Spam, policy, virus, and outbreak quarantines.
•
Cisco Email Encryption profiles.
After defining the access levels for a custom user role, you need to assign the specific mail policies,
content filters, DLP policies, quarantines, or encryption profiles for which the delegated administrators
will be responsible.
content filters, DLP policies, quarantines, or encryption profiles for which the delegated administrators
will be responsible.
For example, you can create two different DLP policy administrator roles that are responsible for
different RSA Email DLP policies. One role is only responsible for DLP violations related to company
confidentiality and acceptable use, while the other is responsible for DLP violations related to privacy
protection. In addition to DLP policies access, these custom user roles can also be assigned privileges
for tracking message data and viewing quarantines and reports. They can search for DLP violations
related to the policies that they are responsible for in using Message Tracking.
different RSA Email DLP policies. One role is only responsible for DLP violations related to company
confidentiality and acceptable use, while the other is responsible for DLP violations related to privacy
protection. In addition to DLP policies access, these custom user roles can also be assigned privileges
for tracking message data and viewing quarantines and reports. They can search for DLP violations
related to the policies that they are responsible for in using Message Tracking.
You can view which responsibilities are available to assign to a custom user role by clicking on the links
for the assigned privileges in the Custom User Roles for Delegated Administration table on the User
Roles page. See
for the assigned privileges in the Custom User Roles for Delegated Administration table on the User
Roles page. See