Note: The pre-defined roles of Administrator, No Role, and Security Manager cannot be edited.
Roles determine what a user can or cannot do from their account. They can be configured to a great degree. SecurityCenter comes with eight pre-defined roles; however, custom roles can be created by the Administrator or Security Manager user in an organization to facilitate organizations with a complex security policy needs. In keeping with the SecurityCenter convention, role assignments are hierarchical. Users may only assign permissions that they currently own. For example, if a user has a custom role with “Create Policies” enabled and “Update Feeds” disabled, that user can only create users with “Create Policies” enabled.
The Administrator, No Role, and Security Manager roles are static and cannot be modified. An Administrator is an account that has management responsibility over the console. The primary task of the Administrator is to install and configure each Organization. In addition, the Administrator adds components to SecurityCenter such as PVS, LCE, and Nessus to extend its capabilities. The Administrator is automatically assigned the “Manage Application” role.
A Security Manager is the account within an Organization that has a broad range of security roles within the defined Organization. This is the initial user that is created when a new Organization is created and has the ability to launch scans, configure users (except for the Administrator user), vulnerability policies, and other objects that belong to their Organization.
User Access Control
Within the defined user roles, granular permissions are applied that enable users to perform various tasks. Custom roles can also be created with any combination of desired permissions based on enterprise needs. The permissions are described on the “Add Role” page.