User Authorization

Applies to Product: USM Appliance™ AlienVault OSSIM®

User Authorization provides methods for limiting user access to different parts of the USM Appliance web interface. This allows the default admin to ensure that only authorized admins can perform specific operations or authorized users can only view specific parts of the UI. Configuring user authorization helps ensure the integrity of USM Appliance by restricting access and operations.

USM Appliance provides the following methods to configure what users can access in USM Appliance:

  • Entity association — Associates a user with entities within the structure tree. This option is accessible from Configuration > Administration > Users > Structure. See Limit User Visibility with Entities for more information.

  • Allowable assets — Entity association includes which assets the user is allowed to view. This feature works like a filter within an entity or a correlation context. You can, for this reason, think of it as a subset of entity association (visibility limitation). This option is accessible from Configuration > Administration > User > New. See Create New Accounts for Local Users for instructions.
  • Templates — Grant access to different parts of the USM Appliance web interface. Templates are a straight forward way of applying or selecting which parts of the UI are accessible to a user. This option is accessible from Configuration > Administration > Users > Templates. See Control User Authorization with Templates.