Note: All of the following options are set using the Console UI
The Authentication Providers page allows admins to create or update providers.
Authentication providers, such as LDAP, Google Auth, and local auth, are used to authenticate user login credentials. Each of the providers are explained in detail within the Plugins documentation.
To create a new provider service, click “Add a Directory Service” to open the Creation drawer. Enter information as required and click “Add Service”. The process is further explained for each additional provider in the Plugins documentation.
The Groups page allows admins to create or delete groups. Groups allow permissions to be set for multiple users at once, instead of assigning permissions on a per-user basis for each node or folder.
To create a new group, click the “Create a New Group” button to open the Creation drawer. Enter the name of the group and select users you would like to be members (a user can belong to multiple groups).
Features
Groups can have certain UI features enabled or restricted throughout the Console. Currently supported features are:
Infrastructure/Client Installation page.
The Groups page also allows Users to be added or removed from Groups.
The Users page allows admins to manage all user accounts found in the Console. To create a new user, click the “Create a New User” button to open the User Creation drawer. Enter the required information and click “Create User”.
Features
Users may have certain UI features enabled or restricted throughout the console. Currently supported features are:
Infrastructure/Client Installation page.
This User will now be able to log into the Console using the given username and password.
The Roles page allows admins to define specific capabilities for a user or group. For instance, the Admin role has access to all operations by default and would be able to take any action on the Console. This includes creating, deleting, updating, and viewing nodes.
To create a new role, click the “Create a new Role” button to open the creation drawer. Enter the name of the Role and configure the object type and desired operations.
Features
Roles can have certain UI features enabled or restricted throughout the Console. Currently supported UI features are:
Scan Triggering – When assigned this Role on a node, Users and Groups will be able to trigger scans using “Scan Now” or “ Schedule Scan”
Enforcement Triggering - When assigned this Role on a node, Users and Groups will be able to fix findings using the “Remediate” button.
There are six levels of Operations configurable under “Add Permission”:
\* - all operationsREAD - display information on the node (endpoint, folder, or server)UPDATE - make changes to a node like its parent and other permissionsDELETE - delete the nodeLIST - display the children of the nodeCREATE - create new foldersThe Roles page is also able to update Roles by adding or removing permissions using the “Edit Role” drawer.
Sicura Console and CIS License information can be viewed under the License page
A CIS license can be uploaded by pressing the ‘Upload new license’ button on the card. Only CIS provided assessor zip files and Sicura provided cis_wrapper.key files wil be able to be uploaded.
Uploaded licenses will take precedence over the builtin CIS license that ships with the console. This allows users to overwrite expired licenses without having to upgrade their console version. The license can be reverted back to builtin at anytime using the ‘Revert to default license’ button
Sicura
© copyright 2022