AlienVault® USM Central™

Role-Based Access Control (RBAC) in USM Central

Role Availability Read-Only Analyst Manager

USM Central implements role-based access control (RBAC)Describes authentication and authorization scheme in which access to functionality is based on the privileges or permissions associated with the group or role a user is a member of., which provides users with the following:

There are three roles in USM Central:

  • Read-Only: You can access views and search the system, but cannot make system changes that impact other users.
  • Analyst: You can view and search the system and perform all the same tasks as the Read-Only role, and also view alarms.
  • Manager: This role enables Analyst permissions, and also enables you to update deployments, add or configure credentials for users, and view alarms.

You can see the predefined roles in USM Central in the following table:

Predefined Roles in USM Central

Section Action Read-Only User Analyst User Manager User
Upper Navigation Access: documentation, support, and forum links
Profile Settings
Alarms View: alarmsAlarms provide notification of an event or sequence of events that require attention or investigation. page and alarm details
Configure filters
Asset drop-down menu items: add to current filter, look up in OTXThe world’s first truly open threat intelligence community. Enables collaborative defense with open access, collaborative research, and seamless integration with USM Anywhere and USM Appliance, and integrations capabilities for other security products.
Asset drop-down menu items: full details
Manage columns
Generate report
Save views
Alarm details: create rule
Alarm labels: apply, create, manage
Alarm Status: update
Vulnerabilities View: vulnerabilities page and vulnerabilities details
Generate report
Save views
Asset drop-down menu items: add to current filter, look up in OTX, full details
Configuration Issues View: configuration issues page and configuration issues details
Configure filters
Generate report
Save view
Asset drop-down menu items: add to current filter, look up in OTX, full details
Settings > Deployments View the deployments page
Create a new deployment
Disconnect a deployment
Configure a deployment
Connect to an existing deployment
Settings > Users View the user page
Edit a user
Delete a user
Create a user
Settings > System Events View the system events page
Settings > System Settings Modify the session timeout
Settings > Rules View the rules page
Create an orchestration rule
Reports > Saved Reports Edit a report
Copy a report
Delete a report