About administrator account roles and access rights (Endpoint Protection 12.1.2)
|Article:HOWTO81226|||||Created: 2012-10-24|||||Updated: 2013-06-06|||||Article URL http://www.symantec.com/docs/HOWTO81226|
When you install the Symantec Endpoint Protection Manager, a default system administrator account is created, called
admin. The system administrator account gives an administrator access to all the features in Symantec Endpoint Protection Manager.
To help you manage security, you can add additional system administrator accounts, domain administrator accounts, and limited administrator accounts. Domain administrators and limited administrators have access to a subset of Symantec Endpoint Protection Manager features.
You choose which accounts you need based on the types of roles and access rights you need in your company. For example, a large company may use the following types of roles:
An administrator who installs the management server and the client installation packages. After the product is installed, an administrator in charge of operations takes over. These administrators are most likely system administrators.
An operations administrator maintains the servers, databases, and installs patches. If you have a single domain, the operations administrator could be a domain administrator who is fully authorized to manage sites.
An antivirus administrator, who creates and maintains the Virus and Spyware policies and LiveUpdate policies on the clients. This administrator is most likely to be a limited administrator.
A desktop administrator, who is in charge of security and creates and maintains the Firewall policies and Intrusion Prevention policies for the clients. This administrator is most likely to be a domain administrator.
A help desk administrator, who creates reports and has read-only access to the policies. The antivirus administrator and desktop administrator read the reports that the help desk administrator sends. The help desk administrator is most likely to be a limited administrator who is granted reporting rights and policy rights.
Table: Administrator roles and responsibilities describes the account type and the access rights that each role has.
Table: Administrator roles and responsibilities
Article URL http://www.symantec.com/docs/HOWTO81226