Installation guide

Error creating email notifying user 'test'. Invalid

address: noreply@localhost

Check the System -> Configuration -> Mail -> Return Address

settings. The email address defaults to “noreply@localhost” if left blank.

Many email servers will disallow emails from this address.

Email user their password

There is an option to include the user’s password within the email if desired. If this is

not included, contact information of the security manager will be included. (TNS

Authentication only)

User must change their

password on login

Require password change on next login. (TNS Authentication only)

Basic/Contact Information

Name, Title, Address

Information, Email, Phone

Contact information for the user can be entered here.

Roles

The pre-defined roles of Administrator, No Role, and Organization Head cannot be edited.

Roles determine what a user can or cannot do from their account. They can be configured to a great degree.

SecurityCenter comes with five pre-defined roles; however, custom roles can be created by the Organization Head user to

facilitate organizations with a complex security policy needs. In keeping with the SecurityCenter convention, role

assignments are hierarchical. Users may only assign permissions that they currently own. For example, if a user has a

custom role with “View Vulnerability Data” enabled and “Update Plugins” disabled, that user can only create users with

“View Vulnerability Data” enabled.

Available pre-defined roles include:

 Administrator

 End User

 Manager

 No Role

 Organization Head

The Administrator, No Role, and Organization Head roles are static and cannot be modified. An administrator is an

account that has management responsibility over the console. The primary task of the administrator is to install and

configure each Organization. In addition, the administrator adds components to SecurityCenter such as PVS, LCE, and

Nessus to extend its capabilities. The administrator is automatically assigned the “Manage Application” role.

An Organization Head is the account within an Organization that has a broad range of security roles within the defined

Organization. This is the initial user that is created when a new Organization is created and has the ability to launch

scans, configure users (except for the administrator user), vulnerability policies, and other objects that belong to their

Organization. Each Organization has an Organization Head account that cannot be deleted. Permission-wise, the

Organization Head user is nearly identical to the Manager user, however there are differences: