Permission Management in the Cortex Gateway - Cortex Gateway Admin Guide - Cortex - Cortex - Security Operations

Cortex Gateway Administrator Guide

Product
Cortex
Creation date
2023-03-23
Last date published
2024-02-26
Category
Cortex Gateway Admin Guide
Abstract

The Cortex Gateway enables you to manage roles and permissions across all Cortex products.

You can use the Permission Management in the Cortex Gateway to view and manage permissions, roles and user groups for Cortex XDR/XSIAM, Cortex XSOAR and Cortex XPANSE. Each product includes it's own components of which you can update or set accordingly.

You can manage roles and permissions for a single tenant or a number of tenants at the same time by clicking Permission Management in the Cortex Gateway.

Permission Management is divided into the following sections:

Permissions

In the Permissions tab you can view permissions by either users or tenants.

  • In the Users tab, you can view all the users allocated to a specific Customer Support Portal (CSP) account. If a user is not listed, ensure that the user is added to the Customer Support Portal. The Permissions table provides information such user name, email, groups, tenants, roles, etc. You can manage each user by updating their roles and deleting their permissions.

  • In the Tenants tab, you can view each tenant and the users who have access. You can manage each tenant by updating permissions and editing the roles and available users.

  • From the Show option, you can select the following products to filter the users by:

    • All products

    • XDR&XSIAM

    • XSOAR

    • XPANSE

You can select whether to Show User Subset to display only the users who are not designated as Hidden users (default).

You can do the following by either right clicking the relevant user or clicking the pencil located to the right of the row:

  • Add Permissions. In the Add Permissions window, select from the list of Available Tenants for which you want to grant permissions. Add the roles as required.

  • Update Permissions: In the Update Permissions window, select a role from either the Default Roles or Custom Roles you want to assign the user and Update the role.

  • Remove Permissions: Remove any required permissions. You cannot deactivate a user that has an Account Admin role.

  • Hide Users: Locate the user you want to hide, right-click, and select Hide User. When a user is designated as hidden, the user is no longer displayed in the Permissions table when the table is configured to Show User Subset (default configuration).

Roles

Lists the pre-defined user roles and custom-defined roles. Use roles to assign specific view and action access privileges to administrative user accounts. Configure administrative access to suit the security requirements of your organization. The built-in roles provide specific access rights that cannot be changed. The roles you create provide more granular access control. You can define new roles or edit existing roles. You can see who created the role in the TENANT field and where the role was created (Cortex Gateway or the tenant) in the CREATED BY field.

You can do the following:

  • Copy an existing role: Locate the predefined role that you want to base your custom role on, right-click and select Save As New Role. Add the details as required.

  • Create a new role: Select New Role and add the required details.

  • Edit role permissions (only available for roles you create): Locate the custom role you want to edit, right-click and select Edit Role.

User Groups

Lists the user groups. The user groups are divided by product. Each tab displays the user groups per product. You can create a new user group for a number of different system users or groups. You can see the details of all user groups, the roles, nested groups, IDP groups (SAML) and when the group was created/updated, etc.

Note

You can only edit groups created from the gateway. Groups that were created on a single tenant, can only be edited on the tenant itself.