|
|
|
|
Configuring Authorization > Working with roles > Adding a new role
|
|
1.
|
Go to the Settings > Authorization > Roles page in the Data Security module of the Security Manager.
|
|
2.
|
Click New in the toolbar at the top of the content pane.
|
|
Select Full Control to give this role complete access to system functions, then click OK to create the role.
|
|
|
|
|
The Dashboard shows system alerts, statistics, and an incident summary over the last 24 hours.
|
|
|
The System Health screen enables you to monitor the performance of Forcepoint DLP servers and protectors.
|
|
|
The Endpoint Status screen summarizes the results of endpoint connectivity tests. (Not included in Forcepoint Web Security or Forcepoint Email Security.)
|
|
|
The Mobile Status contains details of the traffic being monitored by Forcepoint DLP over specific periods, such as data that has breached policies and the actions taken.
|
|
|
Select Summary reports to give administrators with this role access to data loss prevention summary reports.
|
|
|
Select Detail reports to give administrators with this role access to data loss prevention incident detail reports. When this option is selected, several more are made available:
|
|
Select View violation triggers to allow administrators to view the values that trigger violations.
|
|
|
Select View forensics to allow administrators to view forensics for this incident. (Users who aren't allowed to see this confidential data cannot see a preview of the email message or the content of the transaction in other channels.)
|
|
|
Select Perform operations on incidents to allow administrators with this role to be able to perform all escalation, remediation, and workflow operations on data loss prevention or mobile incidents.
|
|
|
Select Export incidents to a PDF or CSV file to allow administrators with this role to bulk export DLP or mobile incidents from an incident report to a PDF or CSV file. Exports include all data in the current report.
|
|
|
Select Incident Risk Ranking reports to allow administrators with this role to access Incident Risk Ranking and My Case reports.
|
|
|
Select Hide source and destination to prevent administrators with this role from seeing source and destination information like user names and IP addresses. Instead, reports will show sources and destinations as unique IDs generated by the system.
|
|
|
Summary reports - Select this option to give administrators with this role access to discovery summary reports.
|
|
|
Detail reports - Select this option to give administrators with this role access to discovery detail reports. When this option is selected, more are made available:
|
|
|
View violation triggers - Select this option if you want the administrator to view the values that trigger discovery violations.
|
|
|
Perform operations on incidents - Select this option if you want administrators with this role to be able to perform all escalation, remediation, and workflow operations on discovery incidents.
|
|
|
Export incidents to a PDF or CSV file - Select this option if you want to allow administrators with this role to bulk export discovery incidents from an incident report to a PDF or CSV file. Exports include all data in the current report.
|
|
4.
|
Mark Send email notifications if administrators with this role should be notified when an incident is assigned to them.
|
|
5.
|
|
|
Data loss prevention policies - Can configure DLP policies for all channels as well as content classifiers and resources.
|
|
|
Discovery policies - Can configure discovery policies, tasks, content classifiers, and resources.
|
|
|
Sample database records - Can view sample database information when editing a database fingerprinting classifier, including database, Salesforce, and CSV classifiers.
|
|
|
The Traffic log contains details of the traffic being monitored by Forcepoint DLP over specific periods, such as data that has breached policies and the actions taken.
|
|
|
The System log displays system events sent from different Forcepoint components, for example Forcepoint DLP servers, protectors, or policy engines.
|
|
|
The Audit log displays actions performed by administrators in the system.
|
|
|
Services - Administrators can configure local and external services like Linking Service and Microsoft RMS.
|
|
|
Archive Partitions - Administrators can select incident partitions, then archive, restore or delete them.
|
|
|
Policy Updates - Administrators can update predefined policies to the latest version.All other general settings
|
|
|
Analytics - Administrators can configure settings used to calculate risk scores in the Incident Risk Ranking report.
|
|
|
All other general settings - Administrators can configure all other settings in the Settings > General menu.
|
|
8.
|
Indicate whether administrators in this role can configure Data Security module Authorization settings.
|
|
9.
|
|
|
Manage system modules - Give this role the ability to register modules with the management server.
|
|
|
Manage endpoint profiles - Give this role the ability to view and edit endpoint profiles. Administrators can add new endpoint profiles, delete profiles, and rearrange their order. (Not included in Forcepoint Web Security or Forcepoint Email Security.)
|
|
|
Deploy settings - Give this role the ability to deploy configuration settings to all system modules.
|
|
10.
|
Click OK to save your changes.
|
|
|
|
|
|
Configuring Authorization > Working with roles > Adding a new role
|
