The Cortex Gateway enables you to manage roles and permissions across all Cortex products.
You can use the Permission Management in the Cortex Gateway to view and manage permissions, roles and user groups for Cortex XDR/XSIAM, Cortex XSOAR and Cortex XPANSE. Each product includes it's own components of which you can update or set accordingly.
You can manage roles and permissions for a single tenant or a number of tenants at the same time by clicking Permission Management in the Cortex Gateway.
Permission Management is divided into the following sections:
Permissions
From the Permission Management side panel, select Permissions to view permissions by either users or tenants.
When viewing or searching by users, from the Show dropdown, you can filter by product.
When viewing or searching by tenants, select the relevant product tab.
Users of the selected account are listed in the Permissions table.
Click the dropdown button to view all the tenants assigned to the user.
Tenants of the selected account are listed in the Permissions table.
Click the dropdown button to view all the users assigned to the tenant.
If Show User Subset is selected, only the users who are not designated as Hidden are displayed.
Actions
The Cortex gateway can be used to perform any of the actions as follows:
(Users) Add Permissions: In Add user role, add the user role and assign the relevant tenants as required for the user. You can also review the settings of the components for reference.
(Users) Update Permissions: In Update user role, update the user role and tenants as required for the user. You can also review the settings of the components for reference.
(Tenants) Update Permissions: In Update user role for tenant, update the user role and add or remove assigned users. You can also review the settings of the components for reference.
(Users) Remove User Permissions: Remove any required permissions. You cannot deactivate a user that has an Account Admin role.
(Users) Hide Users: When a user is designated as hidden, the user is no longer displayed in the Permissions table when the table is configured to Show User Subset (default configuration).
(Users) Activate/Deactivate User: Select the user to deactivate/activate.
Roles
User roles of the selected account are listed per product. There are pre-defined user roles and custom-defined roles. Certain user roles support specific view and action access privileges, where as the administrative user accounts support all view and action access privileges.
You can configure administrative access to suit the security requirements of your organization. The built-in roles provide specific access rights that cannot be changed. The roles you create provide more granular access control. You can define new roles or edit existing roles. You can see who created the role in the Created by field and where the role was created (Cortex Gateway or the tenant) in the Tenant field.
You can do the following:
Copy an existing role: Locate the predefined role that you want to base your custom role on, right-click and select Save As New Role. Add the details as required.
Create a new role: Select New Role and add the required details.
Edit role permissions (only available for roles you create): Locate the custom role you want to edit, right-click and select Edit Role.
User Groups
User groups of the selected account are listed per product. You can create a new user group for a number of different system users or groups. You can see the details of all user groups, the roles, nested groups, IDP groups (SAML) and when the group was created/updated, etc.
Note
You can only edit groups created from the gateway. Groups that were created on a single tenant, can only be edited on the tenant itself.