Fortinet black logo

Handbook (HTML)

Configuring permissions

Copy Link
Copy Doc ID 73ac471a-9afd-11ea-8862-00505692583a:460155

Configuring permissions

The FortiDB roles allow you to assign privileges to administrators. For information on assigning roles to administrators, see To add or modify an administrator.

If you are using the software-only version of FortiDB, the privileges that are available depends on the FortiDB license. For more information, see Privileges by license type (software-only FortiDB).

Administrator privileges by role
Role Privileges
Operations Manager
  • Review target-database connection information.
  • Review target group connection information
  • View pre-defined policies and user-defined policies
  • View DAM Policies (Data, Metadata, Privilege, PCI, SOX, and HIPAA policies)
  • Create, modify, delete, and run assessments
  • Start/Stop monitoring
  • View DAM Alerts
  • Read results of FortiDB-shipped reports
  • Read results of Custom reports
  • Perform penetration tests
  • View the Privilege Summary
Policy Manager
  • Import/export and enable/disable pre-defined policies (pre-defined policies) for VA
  • Import/export and enable/disable Metadata, Privilege, PCI, SOX, and HIPAA policies for DAM
  • Import/export and enable/disable user-defined policies for VA and Data Policies for DAM
  • Add policy groups for VA and DAM
  • Create, modify and delete user-defined policies for VA and Data Policies for DAM
Report Manager
  • Review target-database connection information.
  • Review target group connection information
  • Review Assessment settings
  • Read results of FortiDB-shipped reports
  • Generate DAM PCI, SOX, and HIPAA compliance reports
  • Read results of Custom reports
  • View the Privilege Summary
Security Administrator
  • Create, modify, delete, and enable/disable FortiDB users
  • Configure and modify user-role assignments
  • View the Entitlement report
System Administrator
  • Import/export and enable/disable pre-defined policies (pre-defined policies)
  • Import/export and enable/disable user-defined policies
  • Archive and restore assessment results
  • Change system properties
  • Enable/View Audit trail
Target Manager
  • Create, modify, and delete and import/export connections to target databases
  • Create, modify , and delete target groups
  • Perform Auto Discovery of target databases
  • Review Assessment settings
  • Review the Privilege Summary
See also

Configuring permissions

The FortiDB roles allow you to assign privileges to administrators. For information on assigning roles to administrators, see To add or modify an administrator.

If you are using the software-only version of FortiDB, the privileges that are available depends on the FortiDB license. For more information, see Privileges by license type (software-only FortiDB).

Administrator privileges by role
Role Privileges
Operations Manager
  • Review target-database connection information.
  • Review target group connection information
  • View pre-defined policies and user-defined policies
  • View DAM Policies (Data, Metadata, Privilege, PCI, SOX, and HIPAA policies)
  • Create, modify, delete, and run assessments
  • Start/Stop monitoring
  • View DAM Alerts
  • Read results of FortiDB-shipped reports
  • Read results of Custom reports
  • Perform penetration tests
  • View the Privilege Summary
Policy Manager
  • Import/export and enable/disable pre-defined policies (pre-defined policies) for VA
  • Import/export and enable/disable Metadata, Privilege, PCI, SOX, and HIPAA policies for DAM
  • Import/export and enable/disable user-defined policies for VA and Data Policies for DAM
  • Add policy groups for VA and DAM
  • Create, modify and delete user-defined policies for VA and Data Policies for DAM
Report Manager
  • Review target-database connection information.
  • Review target group connection information
  • Review Assessment settings
  • Read results of FortiDB-shipped reports
  • Generate DAM PCI, SOX, and HIPAA compliance reports
  • Read results of Custom reports
  • View the Privilege Summary
Security Administrator
  • Create, modify, delete, and enable/disable FortiDB users
  • Configure and modify user-role assignments
  • View the Entitlement report
System Administrator
  • Import/export and enable/disable pre-defined policies (pre-defined policies)
  • Import/export and enable/disable user-defined policies
  • Archive and restore assessment results
  • Change system properties
  • Enable/View Audit trail
Target Manager
  • Create, modify, and delete and import/export connections to target databases
  • Create, modify , and delete target groups
  • Perform Auto Discovery of target databases
  • Review Assessment settings
  • Review the Privilege Summary
See also