Introduction
This document describes the configuration for AMP user privileges for Cisco Secure Email and Cisco Secure Email and Web Manager
Prerequisites
Requirements
Cisco recommends knowledge of these topics:
- Cisco Secure Email (aka ESA)
- Cisco Secure Email and Cisco Secure Email and Web Manager (aka SMA)
Components Used
The information in this document is based on these software and hardware versions:
- Email Security Appliance version 14.3
- Cloud email Security version 14.3
- AMP feature key
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.
Background Information
This feature provides you a role for AMP configurations privileges. When this privilege is assigned to a user, the user get to configure AMP security settings only.
To view AMP-relevant reports, users can use this AMP configuration privilege to view both AMP configurations and AMP Reports. AMP Reports access is given to the 4 reports:
- Advanced Malware Protection
- AMP File Analysis
- AMP Verdict Chart Updates
- Mailbox Auto Remediation reports. (Applicable to both legacy and NGUI)
Configure
For ESA
Add the user role
You first need to create a new user role on the ESA:
- Go to System Administration > User Roles
- Click on “Add User Role”
- Name the User Role
- Select “Full Access” in AMP Configuration
- Select “View relevant reports” in Email Reporting
- Submit and commit
Assign the user role to a user
Next, you need to create a new user to assign the user role created in the previous section:
- Go to System Administration > Users
- Click on “Add User”
- Name the user
- Click on “Custom Roles” and select the User Role created previously
- Submit and commit changes
For SMA
Add the user role
You first need to create a new user role on the SMA:
- Go to System Administration > User Roles
- Click on “Add User Role”
- Name the User Role
- Select by group or all Email appliances at your convenience “AMP reports”
- Submit and commit
Assign the user role to a user
Next, you need to create a new user to assign the user role created in the previous section
- Go to System Administration > Users
- Click on “Add User”
- Name the user
- Click on “Custom Roles” and select the User Role created previously
- Submit and commit changes