Administrators


The Administrators page allows the Crystal Eye administrator to define application policies based on groups. The two default groups are rp_admin_group and rp_report_group.


The Administrators application is installed by default and can be accessed from the left-hand navigation panel.


Left-hand Navigation Panel > System Configuration > Account Roles > Administrators crystal-eye-xdr-navigation-administrators-app


The rp_admin_group application policy permits access to all applications while the rp_report_group application policy by default only allows access to Active Session, Filter and Proxy Report, IDPS Alerts, Network Detail Report, Protocol and Application Detail Report, Security Dashboard and System Dashboard.

How to Create a new custom App Policy

To start creating a new application policy, click the Add button in the top right hand corner of the App Policies page. crystal-eye-xdr-create-new-app-policy-administrators-app

Set the Policy Name and add a description for that policy. In this example, this policy will be assigned to the only group available at this time (allusers). With the policy name and description set, click Add to go to the next page. crystal-eye-xdr-create-new-app-policy-administrators-detail-app

This page allows you to set the applications that can be accessed under this policy. Placing a check in the action box will grant the user assigned this policy (to be set later) access to that application. crystal-eye-xdr-create-new-app-policy-administrators-set-access-1

In this example, this policy will only have access to the Security Dashboard and IP Attack Map application which will be set by clicking on the action box for Security Dashboard and IP Attack Map to place a check in those action boxs. When all applications are set as desired, scroll back to the top of the page and click Update to commit the change. crystal-eye-xdr-create-new-app-policy-administrators-set-access-2

The new policy is now created and can be further configured, edited or deleted. crystal-eye-xdr-create-new-app-policy-administrators-app-complete

How to assign an App Policy to a Local User Account

App Policies can be assigned to user accounts via group membership. crystal-eye-xdr-app-policy-user-group If you have an App Policy assigned to a particular group that App policy will apply to members of that group. crystal-eye-xdr-app-policy-user-group-2

crystal-eye-xdr-app-policy-user-group-3

Alternatively if you have an App Policy assigned to the allusers default group then this App policy applies to all users. You can then further restrict that user account access by removing them from all other user groups.

How to assign an App Policy to an Active Directory Account

When setting up Active Directory Authentication (https://manual.redpiranha.net/40/system-configuration/account-manager/active-directory-authentication) you can add the User Defined Groups to the AD Users as a security group. eg. To include the Crystal Eye default user group rp_report_group add rp_report_group as a security group to AD Users and add AD users to the AD Security group in order to access Applications defined under the Crystal Eye default user group rp_report_group. The same will apply for custom Application Policies that are assigned custom Crystal Eye User Groups.