Back=right
mouse click.
Back=right
mouse click.
Login Accounts can be configured on the Administration > Management Console > Account Administration screen on the Web console.
Up to 128 users can access IWSVA using assigned access rights. When in the application, users can make configuration changes that are recorded in the login accounts log.
The audit log file is where IWSVA stores any configuration changes that users make to the application. The log file contains a prefix that you can use to organize your logs.
The log prefix is automatically generated but you can change this in the Command Line Interface (CLI). To change the log prefix, ensure that you have root permission and then from the CLI, open the configuration file (/etc/iscan/intscan.ini) and make the necessary changes. Finally, restart IWSVA to activate the change.
If you have a team of security administrators who are responsible for different functions and who may also have help desk privileges, then assigning them access rights can be beneficial to your organization. To manage IWSVA, these users can have different logins with different privileges.
Access rights can also give you the ability to audit what is being changed in IWSVA. If you have the need to comply with certain government agency standards, then this function can be critical.
The following discusses the levels of access:
Administrator—Users have complete and unrestricted access to the system. They can read and modify any settings accessible through the console including creating, deleting, and modifying user accounts.
Auditor—Users cannot make any configuration changes; they can view configurations, logs, and reports and can also change their own passwords.
Reports only—Users can only view the Summary pages and scheduled reports. They can generate logs and real-time report queries and change their own passwords.
Custom roles—These are the roles manually added with complete, read-only or no access to some or all administration domains. Users can modify or view different pages depending on the access rights assigned to their role.
A user role determines the web console menu items accessible to a user. A role is assigned a permission for each menu item. Permissions determine the level of access to each menu item. The permission for a menu item can either be:
Full access: Allows full access to a menu item. Users can configure all settings, perform all tasks, and view data in a menu item.
Read-only: Only allows users to view settings, tasks, and data in a menu item.
No access: Hides a menu item from view.
The following tables list the menu items available for administrators.
Administration Domains |
Menu Items |
Status Monitoring |
|
Policy Management |
|
Logs |
|
Reports |
|
System Administration |
|