Delegated administrators
Administrators are the individuals who can access the Forcepoint Security Manager. Depending on their permissions, they may be able to do one or more of the following in the Web module:
- Log on and view some elements of the Status > Dashboard page, but take no other actions.
- Access all configuration and management features, but save no changes.
- Run reports on specific groups of clients, or on all clients.
- Manage policies for specific groups of clients.
- Have full configuration access to all features.
The specific permissions available depend on the administrator’s role type (Super Administrator, policy management and reporting, or investigative reporting). See Delegated administration roles.
Global Security Administrators (like admin) define administrator accounts in Global Settings. These accounts may either be network logon accounts (defined in a supported directory service) or local accounts, used only to access the Forcepoint Security Manager. Once an account has been defined, the Global Security Administrator assigns each one a level of logon access to one or more management modules (Web, Data, or Email).
The levels of Web module access that can be granted to administrators are:
- Access and account management, which grants unconditional Super Administrator permissions (see Delegated administration and reporting permissions).
- Access, which allows the administrator to log on and view limited portions of the and Alerts pages only. Super Administrators can add those administrators to roles to allow them some level of additional policy management access, reporting access, or both.
Any administrator account that has been granted access to the Web module appears on the page. These accounts are also listed on the page.
Only administrators that have already been granted Web module access via Global Settings can be added to roles.