Roles

Overview

CyberCNS supports Role Based Access Control. Using this feature can create users and restrict those users to specific tasks/companies within CyberCNS.

  • On the Global View () Navigate to the Roles tab.

  • CyberCNS has four default roles like Admin, It Admin, No Roles, and Read Only. Apart from these roles, customized roles can be created by the user.

  • When the Admin chooses to grant the user access to All Companies, the user will be able to access all companies and the Global View.

  • When the Admin chooses to grant the user access to specific companies, the user will only be able to access those companies and will not have Global View access.

  • The IT Admin Role user will not be able to create a new company, Edit a company or Delete a company; however, the user will have full Company View and Global View access (Only if the Admin has granted access to all companies).

Agents

Asset

Company

Roles

Admin

  • By default, the Admin role will have access to all sections and can perform READ, UPDATE, DELETE and CREATE actions.

IT Admin

  • By default, the IT Admin role will have access to all sections (based on companies allowed) and can perform READ, UPDATE, DELETE and CREATE actions except New Company create or existing company edit/delete actions.

Read Only

  • By default, the Read Only role will not have access to CREATE, UPDATE & DELETE Companies. The read-only user can view the CyberCNS portal.

No Role

  • By Default, No Role will have no functionality or role attached to it so only login is created for that user but no information is visible/accessible to the user with this role. Admin will have to grant or change the role to another role based on which user will be able to perform actions.

Create a New Role

  • In the Roles section, can create a new role and assign tasks that the role is authorized to perform from the Resources and Scopes below.

  • To add a new role click on +Add as shown below.

  • Enter a Role Name (eg. Site Administrator) and allow the resources and scopes for the particular role as depicted in the below image.

  • In the Role section, can add a Role to the users and select the tasks to be performed. So that the users can perform the Resources and Scopes as mentioned below.

  • All the Resources mentioned below have the options of READ, UPDATE, SAVEDATA, DELETE, CREATE, etc. Can select either of these scopes in particular resources.

  • Once the Resources and Scopes are selected, click on Save.

Resources and Scopes

ADAUDIT

ADCOMPUTERS

ADGPO

ADGROUPS

ADLOGS AND ADMINEVENTS

ADOU

ADROLE AND ADUSERDATA

ADUSERGROUPS AND ADUSERS

AGENT

 

ALERTUSERSETTINGS AND ALERTS

APPLICATION BASELINE

ASSET AND ASSETBESTPRACTICES

ASSETCREDENTIALS AND ASSETFIREWALLPOLICY

ASSETRUNNINGPROCESS, ASSETSERVICES, AND ASSETSHARES

ASSETSNMPTABLE, ASSETSYSTEMINFO, AND ASSETTIMESTATS

ASSETUSERS AND AUDITLOG

AZUREADCOMPUTERS AND AZUREADERROR

CERTIFICATE AND CERTIFICATECREATE

COMPANY

COMPANYSTATS AND COMPANYSTATSTIMESERIES

COMPLIANCE

COMPLIANCEASSESSMENTS

COMPLIANCECHECKS

CUSTOMGENERATEDREPORTS

CUSTOMPORTSETTINGS

CUSTOMREPORTBUILDER

CYBERLABELLING AND CYBERPATCHING

CYBERUTILS

DIAGNOSTICS AND DISCOVERYSETTINGS

DOMAINCONFIGURATION AND EDR

EVENTS AND EXTENSION

EXTERNALSCAN AND EXTERNALSCAN_ITADMIN

EXTERNALSCANJOB AND EXTERNALSCANJOB_ITADMIN

EXTERNALSCANNSESCRIPTSINFO AND EXTERNALSCANNSESCRIPTSINFO_ITADMIN

EXTERNALSCANOSINFO AND EXTERNALSCANOSINFO_ITADMIN

EXTERNALSCANPORTSINFO, EXTERNALSCANPORTSINFO_ITADMIN AND EXTERNALSCANSETTINGS

EXTERNALSCANSETTINGS_ITADMIN

FSMOROLES AND INSTALLEDPROGRAM

INTEGRATIONRULESSETTINGS

INTEGRATIONS

INTERFACES AND JOBS

KAPICLIENTS

KIDENTITYPROVIDERS

KROLES

KUSERS

LOG4JINFO AND MANAGEAGENTUPDATES

NOTIFICATIONRULES AND NOTIFICATIONTICKETS

PASSWORDPOLICY, PATCHINGSTATUS, AND PATCHSCHEDULER

PDSCANRESULTS, PDSCANSETTINGS

PORTS AND REGISTRYMISCONFIGURATION

REMEDIATION

REMEDIATIONSUPPRESSION

SCHEDULER

SECURESCORE AND SECURITYCOMPLIANCE

SMBSHAREPATHS AND SNMPV2CREDENTIALS

SNMPV3CREDENTIALS

SSLSCANTIMESERIES

STANDARDREPORTS

STORAGE AND TABLESETTINGS

TICKETINGRULESCONFIG

USERPERMISSIONS AND USERSETTINGS

VULNERABILITY AND VULNERABILITYTIMESERIES

WINDOWSUPDATE

  • There is an option to Edit and Delete the Roles using the Action column. Any Roles can be edited and deleted if needed.

  • In the image below, Clone the preexisting Role by giving a new name for the Role if needed.

  • This completes the Roles section.

Â