Documentation | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Delegated Administration Quick Start
Delegated Administration Quick Start
Delegated Administration | Web Protection Solutions | v8.4.x, v8.5.x | 29-Apr-2022
Delegated administration is a powerful tool for distributing configuration, policy management, and reporting responsibilities across an organization.
Global Security Administrators can define administrator accounts for all Forcepoint Security Manager modules (Web, Data, and Email).
In the Web module, Super Administrators can then grant policy management privileges, reporting rights, or both to delegated administrators, who can manage or report on Internet usage for specific clients (users, groups, computers, or networks).
Super Administrators can also:
*
Create a set of master restrictions that limit the access delegated administrators can grant to their clients via policies.
*
Send copies of their policies and filters to delegated administrators, who can use them as templates for creating policies and filters to apply to their clients.
All of this is accomplished through the use of roles, which group related clients with the administrators responsible for managing their policies, reporting on their Internet usage, or both. For example, a school district might create Staff, Teachers, and Elementary Students roles, and then assign one or more administrators to each.
To start using delegated administration, first use the Web module of the Forcepoint Security Manager to prepare your environment:
1.
(Optional) Configure user directory service settings: Make sure that your web protection software can communicate with a user directory so that you can identify user, group, and domain (OU) clients for use in applying policies.
2.
Customize Super Administrator policies and filters: Establish a policy baseline for your organization.
3.
Edit the Filter Lock: Create basic category and protocol management restrictions that apply to all delegated administrators.
When the environment is ready, set up administrator accounts via Global Settings:
1.
(Optional) Configure directory service settings for administrators: Make sure that the Security Manager can communicate with the directory service used to authenticate administrator logons.
2.
Configure email settings for administrators: Enable administrator notifications and automated password reset functionality.
3.
Create administrator accounts: Grant administrators access to the Web module.
Next, use the Web module of the Forcepoint Security Manager to enable delegated administration of policy management and reporting tasks.
1.
Create Web delegated administration roles: Define which administrators will manage policies, run reports, or both for which groups of clients.
2.
Train delegated administrators: Make sure that new administrators know how to perform their tasks.
This Quick Start guide provides the basic information needed to get started with delegated administration. Complete and comprehensive instructions are available from the Administrator Help, available from the Help menu in the Security Manager, or from the Technical Library.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Delegated Administration Quick Start
Copyright 2022 Forcepoint. All rights reserved.