Руководство Пользователя для Cisco Cisco Content Security Management Appliance M160
13-6
AsyncOS 10.0 for Cisco Content Security Management Appliances User Guide
Chapter 13 Distributing Administrative Tasks
Assigning User Roles
Access to Message Tracking Data
If you grant a custom role access to Message Tracking, users to whom you assign this role can find the
status of all messages tracked by the Security Management appliance.
status of all messages tracked by the Security Management appliance.
To control access to sensitive information in messages that violate DLP policies, see
For more information about message tracking, including instructions for setting up your appliances to
enable access to message tracking on the Security Management appliance, see
enable access to message tracking on the Security Management appliance, see
.
Access to Quarantines for Custom User Role
If you grant a custom role access to quarantines, users to whom you assign this role can search for, view,
release, or delete messages in all quarantines on this Security Management appliance.
release, or delete messages in all quarantines on this Security Management appliance.
Before users can access quarantines, you must enable that access. See
Creating Custom Email User Roles
You can create custom email user roles for access to Email Reporting, Message Tracking, and
quarantines.
quarantines.
For descriptions of the access that each of these options permits, see
and its subsections.
Note
To grant more granular access or access to other features, reports, or policies, create custom user roles
directly on each Email Security appliance.
directly on each Email Security appliance.
Procedure
Step 1
Choose Management Appliance > System Administration > User Roles.
Step 2
Click Add Email User Role.
Tip
Alternatively, you can create a new role by duplicating an existing Email User Role: Click the
Duplicate icon in the applicable table row, then modify the resulting copy.
Duplicate icon in the applicable table row, then modify the resulting copy.
Step 3
Enter a unique name for the user role (for example, “dlp-auditor”) and a description.
•
Email and Web custom user role names must not be duplicated.
•
The name must contain only lowercase letters, numbers, and dashes. It cannot start with a dash or a
number.
number.
•
If you grant users with this role access to centralized policy quarantines, and you also want users
with this role to be able to specify those centralized quarantines in message and content filters and
DLP Message Actions on an Email Security appliance, the name of the custom role must be the same
on both appliances.
with this role to be able to specify those centralized quarantines in message and content filters and
DLP Message Actions on an Email Security appliance, the name of the custom role must be the same
on both appliances.
Step 4
Choose the access privileges to enable for this role.
Step 5
Click Submit to return to the User Roles page, which lists the new user role.