Skip Navigation
  1. BlackBerry Docs
  2. CylanceON-PREM
  3. Cylance ONPREM Administration Guide
  4. CylanceON-PREM Administration
  5. Managing roles
  6. Role permissions

Role permissions

The following table describes the available permissions:
Role Permission Type
Description
Application
Applications allow access to the
CylanceON-PREM
 API.
  • View allows users to view the Application Settings and the Application ID, but users cannot view the Application Secret.
  • Create allows users to add a new application.
  • Update allows users to edit and update an application.
  • Delete allows users to delete an application.
Audit Logs
Audit Logs record all user interactions with your
CylanceON-PREM
 Console. This includes creating, updating, and deleting things.
  • View allows users to view the Audit Logs page. Users can also download the Audit Logs as a CSV file.
Detection Events
Detection Events are threat events discovered on your devices.
  • View allows users to view all Events pages, including File Events, Script Events, Memory Events, Device Events, and Application Events.
Devices
Devices are your endpoints with Agents. Agents must be configured to communicate with your
CylanceON-PREM
 Console.
  • View allows users to view the Device List page. This option must be selected for users to create, update, or delete tags.
  • Create allows users to add a new device using the installation token.
  • Update allows users to edit and update device information.
  • Delete allows users to delete devices from the
    CylanceON-PREM
     Console.
Exclusions
Exclusions define what is on the Safe List or the Quarantine list.
  • View allows users to view the Safe/Quarantine page. This option must be selected for users to create, update, or delete tags.
  • Create allows users to create a new Exclusion.
  • Update allows users to edit existing Exclusions.
  • Delete allows users to delete existing Exclusions.
Installation Token
Installation tokens are a randomly generated string of characters that enables the agent to report to its assigned account on the
CylanceON-PREM
 console.
View System Settings must also be enabled for users to view the installation token.
  • Regenerate allows users to generate a new installation token. Regenerating the installation token should only be used to prevent installation of new agents with the existing token. All agents installed using the token prior to regenerating it will continue to communicate with the console.
Network Configuration
Network Settings define the IP Address for the
CylanceON-PREM
 appliance as well as other configuration options.
View System Settings must also be enabled for users to view the installation token.
  • Update allows users to edit the fields in Network Settings.
Policies
Policies define what the Agent will do with threats.
  • View allows users to view the Policies page. This option must be selected for users to create, update, or delete tags.
  • Create allows users to create new Policies.
  • Update allows users to edit existing Policies.
  • Delete allows users to delete existing Policies.
Roles
Roles define what a user can do in the
CylanceON-PREM
 Console.
  • View allows users to view the Role Management page. This option must be selected for users to create, update, or delete tags.
  • Create allows users to create new Roles.
  • Update allows users to edit existing Roles.
  • Delete allows users to delete existing Roles.
Rules
Rules can automatically assign a policy to a device, based on the selected conditions (like Device Name, IPv4 Address, or Operating System).
  • View allows users to view the Rules page.
  • Create allows users to create a rule.
  • Update allows users to edit existing rules.
  • Delete allows users to delete rules.
SSL Certificates
CylanceON-PREM
 requires a certificate to ensure secure communication between the server and the endpoints.
  • View allows users to view the Certificates page.
  • Install allows users to add a certificate.
  • Update allows users to update a certificate.
  • Delete allows users to delete a certificate.
System Logging Settings
System Logging Settings sets the level of information captured in the log file.
View System Settings must also be enabled for users to view system logging settings.
  • Update allows users to change the logging level for the
    CylanceON-PREM
     virtual appliance.
System Logs
System logs are the log files for the
CylanceON-PREM
 virtual appliance. System logs can help when troubleshooting issues with the virtual appliance.
View system settings must also be enabled for users to view system version.
  • Downloads allows users to download System Logs.
System Settings
System Settings displays the installation token (used when installing the agent) and system settings (version, hostname, IP address, log level, and console language).
  • View allows users to view the System Settings page.
System Version
System Version provides a way to update the
CylanceON-PREM
 virtual appliance.
View system settings must also be enabled for users to view system version.
  • Update allows users to update the
    CylanceON-PREM
     virtual appliance.
Tags
Device Tags allow you to group your devices based on your criteria.
  • View allows users to view the Device Tagging page. This option must be selected for users to create, update, or delete tags.
  • Create allows users to create a Device Tag.
  • Update allows users to update a Device Tag.
  • Delete allows users to delete a Device Tag.
Users
Users have access to the
CylanceON-PREM
 Console. Use roles to grant or restrict access to the
CylanceON-PREM
 console.
  • View allows users to view the User Management page. This option must be selected for users to create, update, or delete tags.
    This option must be selected for users to create, update, or delete tags.
  • Create allows users to create a User.
  • Update allows users to update a User.
  • Delete allows users to delete a User.