UpPrevious Next
Sheriff CSMâ„¢
User Administration in Sheriff CSM
In Sheriff CSM, user administration occurs through authentication and authorization, which includes the process of creating, modifying, or deleting user accounts; controlling access to the Sheriff CSM web interface; enforcing administrative policies; and monitoring user activity.
User Authentication
Sheriff CSM allows you the flexibility of verifying user authenticity by storing credentials locally in Sheriff CSM or with existing user credentials established with LDAP (Lightweight Directory Access Protocol).
See
Set Up Password Policy for Local User Authentication for instructions to store user credentials locally, or
Configure LDAP in Sheriff CSM for instructions to use LDAP for authenticating users.
User Authorization and RBAC
Role-based access control (RBAC) delegates certain functions to specific roles and can be instrumental in enforcing administrative policies. The role, a given set of responsibilities, determines which Sheriff CSM features users can access. You may want to restrict access to certain parts of the web interface to ensure that unauthorized changes aren't made to Sheriff CSM. For example, you can restrict access solely to the part of the UI for delegating and reporting tickets, while allowing broader access to more critical parts of the UI for defining polices and correlation directives.
Important: You must configure user permissions in Sheriff CSM, even if authentication is performed against LDAP.
See
User Authorization for more details.
User Activity
In addition to authenticating and authorizing users, Sheriff CSM captures the length of user sessions, as well as their activities. You can use these data for system audits and compliance.
See
Monitor User Activities to make logging selections for monitoring user activity.
User Accounts
When you create user accounts, you determine what role the user is going to play in viewing and administering Sheriff CSM. You configure which parts of the web interface the users have access to and their level of visibility into the company's assets, including Sheriff CSM (Sensors) Deputies.
See
Manage User Accounts for topics and instructions for creating and managing user accounts.