In USM Central, user administration and management provides a broad range of control for security, role-based permissions, and integration with connected deployments. The system requires that all users log in with a user name and a password. AT&T Cybersecurityrecommends that users enable Multi-Factor Authentication (MFAA method of access control in which a user is granted access only after successfully presenting several separate pieces of evidence to an authentication mechanism – typically at least two of the following categories: knowledge, possession, and inherence.) for their account to provide extra security to your USM Central environment and all connected deployments.
Users can access settings for their own account and log out of the system by clicking the icon in the top of the page of the USM Central UI.
Notable user management features in USM Central include:
- Accounts in USM Central use role-based access control (RBAC) to assign users to pre-defined levels of access to different functions in the UI.
- Account access can be given an extra level of security by enabling MFA to logins.
- Connected deployments can be accessed from the USM Central drop-down list at the top of the page. MFA authorization is carried over between deployments when logging into other environments from the USM Central deployments drop-down list.
- Manager accounts can regulate which connected deployments are visible in the USM Central UI for other accounts.
Because USM Central user accounts are replicated in all connected deployments, users created in USM Central will have the same role permissions in the connected deployment. These roles can be individually changed in the user management controls from the connected deployments as well. Because of the level of customization available, this enables users to have higher or lower role-based permissions in connected deployments as well as different views of what deployment information is visible in the USM Central UI.
Topics covered in this section include: