Administrative Privileges

For each custom administrative role that you create, you can select the privileges and levels of access for each privilege. The levels of access for each privilege are:
  • Enable—Allow read/write access to a page in the ESM Console.
  • Disable—Hide access to a page.
  • Read Only—Allow a user to view but not modify a page.
The following table describes the privileges that you can customize for each role.
PrivilegeDescription
Is Active
Users whom are assigned this role can log in to the ESM Console.
Enable License Notifications
The ESM Console displays license notifications to users who have this privilege enabled when a license is due to expire or has expired.
Dashboard
Access to the main ESM Console Dashboard.
Security Events
Access to the Security Events page.
Policies
Access to all policy pages.
Exploit
Access to all exploit protection rule pages where you can view user-defined and default exploit protection rules. If your access permits, you can also configure new or modify existing rules and processes. For more granular control, configure access by Exploit page:
  • Protection Modules (Application Protection Modules)
  • Kernel Protection Modules
  • Process Management
Malware
Access to all malware protection rule pages where you can view user-defined and default restriction rules and settings, malware protection rules, WildFire rules, and verdicts associated with files opened on your endpoints. If your access permits, you can also configure new or modify existing rules and configure administrative hash overrides. For more granular control, configure access by Malware page:
  • Restrictions
  • Restriction Settings
  • Protection Modules
  • WildFire
  • Hash Control
Forensics
Access to the forensics management page and the agent query. For more granular control, configure access by the individual Forensics pages:
  • Forensics
  • Agent Query
Disable All Protection
Access to halt all Traps protection rules.
Setting this privilege to read-only access functions the same as setting the access to disable. In both cases, the ESM Console hides the option from view.
Monitor
Access to all monitoring pages.
Agent
Access to all agent monitoring pages. For more granular control, configure access by the individual Agent pages:
  • Health
  • Logs
ESM
Access to all ESM monitoring pages. For more granular control, configure access by the individual ESM pages:
  • Health
  • Logs
Data Retrieval
Access to the data retrieval monitoring page where you can monitor the status of data uploaded to the ESM Server, and export or delete data.
Settings
Access to configure or view any of the ESM, Agent, Conditions, or Licensing settings pages.
ESM
Access to configure any of the ESM settings. For more granular control, configure access by any of the ESM settings pages:
  • Settings
  • WildFire
  • Syslog
  • Email
  • Panorama
  • Multi ESM
  • Content Updates
Agent
Access to configure any of the agent settings or action rules or to create installation packages for Mac endpoints. For more granular control, configure access by any of the settings pages:
  • Settings
  • Actions
  • Installation Package (Mac endpoints only)
Conditions
Access to view and create conditions that you can use in policy rules.
Licensing
Access to view and manage Traps licenses.

Related Documentation