This exercise demonstrates the creation, configuration, and application of User Roles.
The User Role feature enables ZeroLock Management Console (ZMC) administrators to configure roles with permissions for three (3) sections of the ZMC.
User Roles may be permitted to Modify or View specific sub-sections within these three sections.
Modify enables the user to make changes in the assigned section of the ZMC and view the changes. Users with this permission option can duplicate, edit, and delete User Roles.
View alone only permits the user to view the settings for a ZMC section. The options to duplicate, edit, and delete are not available.
However, employing the User Role allows for greater granular control of permissions, and provides a more focused approach to allowing specific actions.
Exercise A: The administrator wants to configure a User to view alerts for a single endpoint group.
To accomplish this, the first step is to create a User Role.
- Go to Manages Users | User Roles then select Add New Role.
- The New User Role screen consists of fields for the name and description followed by three (3) sections used to configure what someone with that User Role may modify and view. Select CREATE once the name and description have been entered since no options are being added.
- With the User Role created, the next step is to assign it to an Endpoint Group. In this scenario, select the Demonstration Endpoint Group.
- Select System Configuration | Endpoint Groups then click the box next to Demonstration Endpoint Group followed by EDIT.
- Once on the Edit Group >2 screen, enable the new User Role by selecting Allow Access and then clicking the Eye button to open the group property window showing the options that can be allowed.
- On the group property window, in the ALERTS section, click the box for View Alerts. This selection will permit viewing the alert but not its details.
- With the User Role enabled and allowed to view alerts on endpoints, a User needs to be assigned to this role. Go to Manage Users | Users and select the user, then EDIT.
- In the Edit User dialog, select the newly created role followed by UPDATE.
- When the user Joe Demo logs in, his ZMC dashboard will look like the one below. Alerts for the endpoints in his Endpoint Group are visible, but the other ZMC sections are greyed out. Since this group only consists of Endpoint #2, that is the only endpoint listed.
Since View Alerts was assigned, not View Alert Details, alerts are visible, but provide limited detail.
Exercise B: The administrator wants to configure a user to manage alerts for a single endpoint group.
To accomplish this task, follow the previous instructions until Step 6. At Step 6 select all 3 boxes in the ALERTS section, then UPDATE. From that point, continue following the instructions through Step 9.
When user Joe Demo logs in, the dashboard looks the same but now, double-clicking an alert opens the alert details screen. The option to Kill or Release the process that caused the alert is visible on the upper right.
On selecting Kill Process, the Remediate button is activated. Click the Remediate button and the threat has been dealt with.
You now know how to configure User Roles in the ZeroLock® environment.