Roles & Privileges

Access control within Infraon is managed through role-based privileges. A Role defines a user's role within Infraon, and Privileges define the user's level of access across multiple modules of Infraon. Infraon comes with seven default roles with pre-defined privileges.

What you see on the screen

On Infraon, multiple default roles are displayed as a list with icons for editing, cloning, and deleting. The 'New Role' button is at the top right corner of the page.

Details displayed are as follows:

• Role Name

• User Count

• Role Description

• Icons to edit/clone/delete

Roles

While Infraon comes with seven default roles, you can edit an existing role's privileges and add a new one to suit your needs.

*Monitoring Dashboards and reports are those dashboards/reports assigned to the user to enable monitoring.

Instructions to 'Add a new Role.'

• Go to Infraon Configuration -> User Management -> Role and Privileges

• Click on the 'New Role' button in the top right corner.

Privileges for default roles are saved as templates and can be selected and customized to suit needs. Privileges are customized at the ‘General,’ ‘Ticket,’ ‘NCCM,’ ‘Privacy Settings,’ and ‘Reports’ levels.

Privileges

The Privileges module within Infraon Infinity empowers administrators with granular control over user permissions. This ensures users have the necessary access to perform their tasks effectively while safeguarding sensitive data within the platform.

Here, admins can define specific actions/modules that users can perform within each module using checkboxes. These levels include:

Here's a breakdown of the functionalities offered by the Privileges module and its sub-modules:

General:

Grant access to various Infraon Infinity modules:

• Agent

• API Registration

• Audit

• Business Hour

• Bot Configuration

• Business Rule

• Business Catalogue

• Change

• CI Relation rule

• Asset

• Contract Management

• Correlation Rule

• CSAT

• Client Registration

• Dashboard

• Department

• Device Credentials

• Diagnosis Tools

• Discovery

• Events

• Geomap

• Holiday

• IMACD

• Mail Automator

• Jobs

• Knowledge Base

• Leaves

• Maintenance

• Messenger

• My Profile

• Network Configuration

• Network Diagram

• Organization

• Address Book

• Password Policy

• Problem

• Release

• Request

• Requester

• Service Catalogue

• Shift

• SLA

• SMS Gateway

• Software License

• SSP Configuration

• Tag

• Task

• Team Escalation

• Teams

• Template

• Thresholds

• Topology

• Trigger

• Technician

• Role

• Vendor

• Workflow

• Workspace

Log Management:

Manage user access to functionalities related to Log Management and configurations. This sub-module offers permissions for:

• Log Multi-Index: Create and manage the multi-indexes that help retrieve data from Elasticsearch.

• Log Export Configs: Export Configs define how logs are exported, including format, size, and downloaded exported log files.

• Log Search: Enables rapid searching and analysis of vast amounts of structured and unstructured log data, delivering results in seconds.

• Log Rule: A critical component in monitoring systems that defines how log data is processed and analyzed in real-time to quickly detect and respond to security threats.

Ticket:

Define permission levels (Add, View, Edit, Delete, etc.) for different user roles regarding ticket management tasks. This allows for granular control over how users interact with tickets within the system.

NCCM (Network Change & Configuration Management):

Manage user access to functionalities related to network changes and configurations. This sub-module offers permissions for:

• Baseline Scheduler: Control access to scheduling tasks for network baseline configuration.

• Configuration Download Job: Manage permissions for initiating downloads of network configuration data.

• Configuration Parameters: Define user access to view or modify network configuration parameters.

• Configuration Profiles: A configuration profile is a template or predefined set of configuration settings that network administrators can create and customize configuration profiles with information like device details and connection protocols for SSH and Telnet.

• Configuration Search: Configuration Search specifically focuses on download jobs, allowing users to view or export the "startup" or "running" configurations within these jobs to identify any configuration.

• Configuration template: Configuration templates hold the commands for uploading jobs and making changes to network devices, including provisioning, OS upgrades, creating or deactivating services, and any other change.

• OS Image: OS images are used primarily for managing and deploying configuration changes across network devices such as routers, switches, and firewalls.

Privacy Settings:

Administrators can control the visibility of requester information for technicians working on service requests. This helps balance transparency and data privacy within your Infraon Infinity platform.

• Unmask Requester's Contact: This section provides a toggle button. Enabling this option grants technicians visibility to the requester's contact information, potentially including phone numbers. This can be beneficial for situations where direct contact with the requester might be necessary to resolve an issue.

• Unmask Requester's Email: Another toggle button allows administrators to control the visibility of the requester's email address for technicians. Granting access to email addresses can facilitate direct communication between technicians and requesters, potentially expediting issue resolution.

• Unmask Requester's Name: The final toggle button controls the visibility of the requester's name for technicians. Enabling this option ensures technicians can easily identify the person requesting assistance.

Report:

Define permission levels (Add, View, Edit, Delete, etc.) for different user roles regarding reports. This ensures users can access reports relevant to their needs while restricting access to sensitive data as necessary.

Once all the parameters are added, click 'Submit' to save and add the role. Administrators and privileged users can edit and delete roles using the respective icons.