|
|
|
|
Configuring Authorization > Working with roles > Adding a new role
|
|
1.
|
Go to the Settings > Authorization > Roles page in the Data Security module of the Security Manager.
|
|
2.
|
Click New in the toolbar at the top of the content pane.
|
|
Select Full Control to give this role complete access to system functions, then click OK to create the role.
|
|
|
|
|
The Dashboard shows system alerts, statistics, and an incident summary over the last 24 hours.
|
|
|
The System Health screen enables you to monitor the performance of Forcepoint DLP servers and protectors.
|
|
|
The Endpoint Status screen summarizes the results of endpoint connectivity tests. (Not included in Forcepoint Web Security or Forcepoint Email Security.)
|
|
|
The Mobile Status contains details of the traffic being monitored by Forcepoint DLP over specific periods, such as data that has breached policies and the actions taken.
|
|
|
Summary reports - Select this option to give administrators with this role access to data loss prevention summary reports.
|
|
|
Detail reports - Select this option to give administrators with this role access to data loss prevention incident detail reports. When this option is selected, several more are made available:
|
|
View violation triggers - Select this option if you want the administrator to view the values that trigger violations.
|
|
|
View forensics - Select this option if you want the administrator to view forensics for this incident. (Users who aren't allowed to see this confidential data cannot see a preview of the email message or the content of the transaction in other channels.)
|
|
|
Perform operations on incidents - Select this option if you want administrators with this role to be able to perform all escalation, remediation, and workflow operations on data loss prevention or mobile incidents.
|
|
|
Export incidents to a PDF or CSV file - Select this option if you want to allow administrators with this role to bulk export DLP or mobile incidents from an incident report to a PDF or CSV file. Exports include all data in the current report.
|
|
|
Incident Risk Ranking reports - Select this option if you want administrators with this role to be able to access Incident Risk Ranking and My Case reports. Requires the Analytics Engine to be installed.
|
|
|
Hide source and destination - Select this option if you do not want administrators with this role to view source and destination information like user names and IP addresses. Instead, reports will show sources and destinations as unique IDs generated by the system. By default, users see this information. Please note that this will not affect the source and destination fields in the syslog. Syslog always displays names.
|
|
|
Summary reports - Select this option to give administrators with this role access to discovery summary reports.
|
|
|
Detail reports - Select this option to give administrators with this role access to discovery detail reports. When this option is selected, more are made available:
|
|
|
View violation triggers - Select this option if you want the administrator to view the values that trigger discovery violations.
|
|
|
Perform operations on incidents - Select this option if you want administrators with this role to be able to perform all escalation, remediation, and workflow operations on discovery incidents.
|
|
|
Export incidents to a PDF or CSV file - Select this option if you want to allow administrators with this role to bulk export discovery incidents from an incident report to a PDF or CSV file. Exports include all data in the current report.
|
|
4.
|
Mark Send email notifications if administrators with this role should be notified when an incident is assigned to them.
|
|
5.
|
|
|
Data loss prevention policies - Can configure DLP policies for all channels as well as content classifiers and resources.
|
|
|
Discovery policies - Can configure discovery policies, tasks, content classifiers, and resources.
|
|
|
Sample database records - Can view sample database information when editing a database fingerprinting classifier, including database, Salesforce, and CSV classifiers.
|
|
|
The Traffic log contains details of the traffic being monitored by Forcepoint DLP over specific periods, such as data that has breached policies and the actions taken.
|
|
|
The System log displays system events sent from different Forcepoint components, for example Forcepoint DLP servers, protectors, or policy engines.
|
|
|
The Audit log displays actions performed by administrators in the system.
|
|
|
Services - Administrators can configure local and external services like Linking Service and Microsoft RMS.
|
|
|
Archive Partitions - Administrators can select incident partitions, then archive, restore or delete them.
|
|
|
Policy Updates - Administrators can update predefined policies to the latest version.All other general settings
|
|
|
Analytics - Administrators can configure settings used to calculate risk scores in the Incident Risk Ranking report.
|
|
|
All other general settings - Administrators can configure all other settings under Settings > General.
|
|
8.
|
Indicate whether administrators in this role can configure Data Security module Authorization settings.
|
|
9.
|
|
|
Manage system modules - Give this role the ability to register modules with the management server.
|
|
|
Manage endpoint profiles - Give this role the ability to view and edit endpoint profiles. Administrators can add new endpoint profiles, delete profiles, and rearrange their order. (Not included in Forcepoint Web Security or Forcepoint Email Security.)
|
|
|
Deploy settings - Give this role the ability to deploy configuration settings to all system modules.
|
|
10.
|
Click OK to save your changes.
|
|
|
|
|
|
Configuring Authorization > Working with roles > Adding a new role
|
