Assign roles to users

You can limit or extend user access to MVISION Insights by assigning or unassigning roles. All roles have specific permission sets. You can't assign or unassign roles for your own account.

Before you begin

Make sure that you have administrator permission to use MVISION ePO.

Task

  1. Log on to MVISION ePO as an administrator.
  2. Select MenuConfigurationUsers & Roles.
  3. On the Users and Roles page, select a user from the Users panel.
    The user details, assigned roles, and unassigned roles for the selected user appears on the right pane.
  4. Select the needed roles from the Unassigned Roles list.

    The Roles panel lists these default roles.

    Roles Permissions
    MVISION EDR Administrator Provide administrative access to MVISION EDR and allow users to:
    • Configure endpoint policies (MVISION ePO only).
    • Configure tenant's settings and data sources.
    • Execute a targeted remediation action (single device).
    MVISION ePO Administrator Provide administrative access to MVISION ePO and allow the user to:
    • View Automatic Responses and view results in the Server Task Log.
    • View Server Tasks and task results in Server Task Log.
    • View client tasks and policies in Endpoint Security Adaptive Threat Protection, Endpoint Security Common, McAfee® Host Intrusion Prevention, McAfee VirusScan Enterprise, and McAfee® Endpoint Security Web Control.
    • View client tasks and policies in McAfee Agent.
    • View client tasks and policies in McAfee® Data Exchange Layer (DXL).
    • View client tasks and policies in MVISION Endpoint.
    • View McAfee Host IPS catalog and client rules.
    • View Policy Assignment Rules.
    • View client tasks and policies in McAfee® Endpoint Security Threat Prevention.
    • View queries in Endpoint Security Adaptive Threat Protection, Endpoint Security Common, Endpoint Security Firewall, McAfee VirusScan Enterprise, and Endpoint Security Web Control.
    • View Audit Logs, Client Events, Dashboards, Exploit Prevention Events, Queries and Reports created by users, and Threat Events.
    • View System Tree and Systems.
    Note: For invited users with MVISION Insights role, the MVISION ePO Administrator role is not needed to access MVISION Insights.
    MVISION Insights Admin Access Provides administrative access to MVISION Insights.
    Note: This permission is needed to complete the onboarding process.
    MVISION Insights General Access Provides general access to MVISION Insights.
    MVISION ePO Security Analyst Allow user to:
    • Execute a targeted remediation action (single device).
    • Triage, scope, and conduct investigation cases.
    Receive Notifications Allow user to receive notifications from MVISION Insights.

    Administrators and invited users receive notifications if this role is assigned.

    Notifications alert users of possible campaign attacks on their organization and provide a link to navigate to the campaign details page. The notifications are color coded to indicate the severity of the campaigns.

    By default, notifications are retained for 30 days.

  5. Click Save Changes.

Results

The selected roles now appear in the Assigned Roles list.