Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »



1)   Go to Settings -> Site Security then click Add.

This table is used to restrict and allow users and groups from accessing the different areas on the Portal. The portal is composed of 2 areas:

  • General Admin Area - the general administration section in which operators can manage the devices and policies. This also includes the Reports and Support & Maintenance menus.
  • Settings Admin Area -the settings administration section in which the system administrators can configure the SphereShield suite components.


This table defines the access scope permissions Each scope that did not specifically define will allow any user to access. 

The access levels are: 

  • Admin without Settings Access - users and groups that only they can view the General Admin Area, but does not have access to the Settings Admin Area.
  • Admin with Settings Access- users and groups that only they can view the General Admin Area including access to the Settings Admin Area.
  • Admin Selective Menu Items Access-users and groups that can view only specific menu items from the Access Portal Admin Area.

If a user is defined in more than one group than the group with the widest scope of access will be applied 

These groups are fetched from a resource as defined in users and groups settings



 There are three types of access scopes. With the exception of selective menu, any scope that hasn't been defined to a specific group or user means that all users are able to access.

However for Admin without settings and for Admin with settings (Full admin) a group is needed.


2)   Once the Add window is open, select the scope you wish to define.

4)   Choose the access type: Groups or Users

5)   Start typing the name of the group.

Note that the same group can be defined for both admin with settings and admin without settings to prevent end users from entering restricted sections.

If the same group is defined for multiple scopes, then the higher privilege settings wins. 

E.g. Setting admin with settings and admin without settings to the group Domain admins means that Domain admins group will have access to the full access portal site.


You need at least one scope set to "Admin without settings" so the restriction can be achieved.



6) To restrict access to information to a user that is a member of a team, configure "Users can only see Teams they have permissions on" to "Yes" in the top menu:




  • No labels