Cisco Cisco Email Security Appliance C160 用户指南
33-11
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 33 Distributing Administrative Tasks
Managing Custom User Roles for Delegated Administration
Delegated administrators with DLP Policies access privileges can view the following Email Security
Monitor pages:
Monitor pages:
–
Overview
–
DLP Incidents
–
Archived Reports
•
View all reports: Delegated administrators can view all reports and Email Security Monitor pages
on the Email Security appliance.
on the Email Security appliance.
See the Chapter 29, “Using Email Security Monitor,” on page 1 chapter for more information on email
reporting and the Email Security Monitor.
reporting and the Email Security Monitor.
Message Tracking
The Message Tracking access privileges define whether delegated administrators assigned to the custom
user role have access to Message Tracking, including message content that may violate your
organization’s DLP policies if the DLP Tracking Policies option has been enabled on the System
Administration > Users page and the custom user role also has DLP policies access privileges.
user role have access to Message Tracking, including message content that may violate your
organization’s DLP policies if the DLP Tracking Policies option has been enabled on the System
Administration > Users page and the custom user role also has DLP policies access privileges.
Delegated administrators can only search for the DLP violations for the RSA Email DLP policies
assigned to them.
assigned to them.
See Chapter 30, “Tracking Messages,” on page 1 for more information on Message Tracking.
See
for information for
allowing delegated administrators access to viewing matched DLP content in Message Tracking.
Trace
The Trace access privileges define whether delegated administrators assigned to the custom user role can
use Trace to debug the flow of messages through the system. Delegated administrators with access can
run Trace and view all of the generated output. Trace results are not filtered based on the delegated
administrator’s mail or DLP policy privileges.
use Trace to debug the flow of messages through the system. Delegated administrators with access can
run Trace and view all of the generated output. Trace results are not filtered based on the delegated
administrator’s mail or DLP policy privileges.
See
for more information on using Trace.
Quarantines
The Quarantines access privileges define whether delegated administrators can manage assigned
quarantines. Delegated administrators can view and take actions on any message in an assigned
quarantine, such as releasing or deleting messages, but cannot change the quarantine’s configuration
(e.g. the size, retention period, etc.), or create or delete quarantines.
quarantines. Delegated administrators can view and take actions on any message in an assigned
quarantine, such as releasing or deleting messages, but cannot change the quarantine’s configuration
(e.g. the size, retention period, etc.), or create or delete quarantines.
You can assign any of the quarantines to the custom user role using either the Monitor > Quarantines
page or the Custom User Roles for Delegated Administration table on the User Roles page.
page or the Custom User Roles for Delegated Administration table on the User Roles page.
See
and
for more information on assigning
Quarantine management tasks to administrative users.
See
for information on using the Custom
User Roles for Delegated Administration list to assign quarantines.