Managing Administrators
The Netskope UI provides full access for deploying and managing admin rights for the Netskope solution. As a Tenant Admin, you have full privileges to create and manage other admins.
Summary of Operations by Predefined Roles and Privileges
View and Manage means admins with this designation can perform all actions. View Only means admins with this designation can view, export CSV files, and download and email PDFs.
Privilege/Role | Iaas/PaaS | Admins | Advanced Settings | Settings | CCI | Events |
---|---|---|---|---|---|---|
Tenant Admin | View and Manage | View and Manage | View and Manage | View and Manage | View and Manage | View and Manage |
Delegated Admin | View and Manage | View and Manage | View and Manage | View and Manage | ||
Restricted Admin | View Only | View Only | ||||
Cloud Intelligence Analyst | ||||||
Application Risk Analyst | View Only | |||||
Enterprise Applications Admin | View and Manage | |||||
Directory Admin | View Only | View Only | ||||
Security Admin | View and Manage | View and Manage | View and Manage | View and Manage | ||
InfoSec Operations Admin | View and Manage | View and Manage | ||||
Compliance Office | View and Manage | |||||
Security Analyst | View and Manage | View Only | ||||
Iaas/PaaS | View and Manage | View and Manage | View and Manage |
Privilege/Role | API Data Protection | Policies | Reports | End Users | Incident Management | Threat |
---|---|---|---|---|---|---|
Tenant Admin | View and Manage | View and Manage | View and Manage | View and Manage | View and Manage | View and Manage |
Delegated Admin | View and Manage | View and Manage | View and Manage | View and Manage | View and Manage | View and Manage |
Restricted Admin | View Only | View and Manage | View Only | View and Manage | ||
Cloud Intelligence Analyst | View and Manage | View and Manage | ||||
Application Risk Analyst | View and Manage | View and Manage | ||||
Enterprise Applications Admin | View and Manage | View and Manage | ||||
Directory Admin | View Only | View Only | View and Manage | View and Manage | View and Manage | |
Security Admin | View and Manage | View and Manage | View and Manage | View and Manage | View and Manage | View and Manage |
InfoSec Operations Admin | View and Manage | View and Manage | View and Manage | View and Manage | View and Manage | |
Compliance Officer | View Only | View and Manage | View and Manage | View and Manage | ||
Security Analyst | View and Manage | View and Manage | ||||
IaaS/PaaS | View and Manage | View and Manage | View and Manage |
Functional Areas and UI Mapping
Each functional area has access to functionality in the UI. The table below shows the general mapping. Note, we do not have a menu item called Advanced Settings but the mapping shows the areas for which we consider to be advanced settings.
Functional Area | UI Component |
---|---|
Administrators | Settings > Administration > Admins Settings > Administration > Roles Settings > Administration > Audit Logs |
Advanced Settings | Settings > Administration > SSO Settings > Administration > IP Allowlist Settings > Tools > Rest API Settings > Tools > Clear Events |
End Users | Settings > Security Cloud Platform > Users Settings > Security Cloud Platform > Groups Settings > Security Cloud Platform > Devices |
Policies | Everything under Policies (Main Menu) Settings > Manage |
API-enabled Protection | Everything under API-enabled Protection (Main Menu) Settings > API-enabled Protection > SaaS Settings > API-enabled Protection > IaaS |
API Data Protection | Policies > API Data Protection |
Real-time Protection | Policies > Real-time Protection |
Security Posture | Policies > Security Posture |
Settings | Everything under Settings |
CCI | Everything under Cloud Confidence Index (Main Menu) |
Events | Skope IT > Events SkopeIT> Alerts Skope IT > Applications Skope IT > Sites Skope IT > Users |
Advanced Analytics | Everything under Advanced Analytics (Main Menu) |
Forensics | Policies > Forensic Settings > Forensics |
Threat | Incident > Anomaly Incident > Compromised Credentials Incident > Malware Incident > Malsites |