Manage Role Permissions at Endpoint Server Level

The NetWitness Platform version 11.7 and later provides more flexibility for managing RBAC (Role-Based Access Control). This enhancement enables you to grant/revoke access for any role at individual endpoint server levels in an environment rather than all. On the admin > Config view for any endpoint server, you can navigate to the Permissions tab and manage a significant number of permissions for the selected endpoint server. A new permission called endpoint-server.file.analyze lets the user perform file analysis activities(Analyze Files, Save a Local Copy and Initiate OPSWAT Scans), allowing more flexible options to manage user permissions. Refer to Manage Users with Roles and Permissions on the System Security and User Management Guide for more information.

The following illustrations show how you can set permissions at the endpoint server level for an analyst.

netwitness_rbacusr.jpg

To configure permissions at the endpoint server level:

  1. Go to (Admin) > Services.

  2. In the Services view, select the Endpoint Server service.

  3. Click netwitness_config.png and select View > Config.

  4. Navigate to Permissions tab.

  5. Select a role from the Roles pane on the left. (For more information on managing roles, refer (Optional) Add a Role and Assign Permissions in System Security and User Management Guide.)

  6. Select the permissions from the PERMISSIONS section (Center pane).

  7. Click Save. The Assigned Users pane on the right shows the list of users assigned with the selected role and permissions.

  8. Repeat steps 5 – 7 if you want to modify permissions to any role. Make sure you save the changes before navigating out of the current role.

RbacRN.png

Note: Some of the permissions on the Permissions tab are disabled, and you can modify them only on the Security server (Admin > Security). All other permissions listed here are editable on both the Security server and the Permissions tab. For more information on managing permissions and on the NetWitness Platform, see System Security and User Management Guide.