Skip to main content

Managing Organization with a Team

Published on:
.
2 min read

The Organization Sharing function of Zenconsole offers collaborative management of your organization by several users working together.

Zenconsole provides role-based, granular organization management access restrictions. This not only enables the sharing of the organization with certain users but also enables the assignment of rights for specific roles based on the individual's demands and degree of authorization.

Through Role-based Organization Sharing, different customer employees (or partners) are delegated the ability to create policies and rulesets, view reports, and manage firewall instances without having to request permissions or ask for the changes to be made, resulting in significant operational cost savings for the enterprises and MSSPs.

To configure Sharing features for your organization, you may follow the steps given below:

  1. Login Zenconsole and then select the organization you want to manage.

  2. Navigate to the Settings > Administrators page.

    Figure 1. Organization Administrators page

  3. Click + Add Admin button in the Administrators pane. This will open a window to fill in admin details.

  4. Type the email address of the new admin in the Email field. This must also be used for Zenconsole login.

  5. By selecting an option from the Role drop-down menu, assign one of the available responsibilities to the new admin account. Admin, Viewer, and Owner are viable alternatives.

  6. You may leave the Notify admin via mail option as enabled. This option will send an invitation mail to the new administrator.

  7. Click Add to add the admin to the organization. The administrator will be automatically added to the organization and appear on the organization administrators page.

    Figure 2. Organization Administrators List

note

You can only share an organization if you're the owner of it.

Zenarmor Organization Delegation

Zenconsole provides a powerful delegation feature. As the owner of the organization, you can delegate administration of the organization to team members. There are three types of roles for an organization administrator in Zenconsole :

  1. Owner: This is the user who has created the firewall or whose Zenconsole account was used to register the firewall to the Zenconsole. The Owner has all rights in the organization to manage and configure, like configuring packet engine status, changing firewall settings, user management, and policy management.

  2. Admin: This is one of the users who you shared your organization with. This user has the highest level of organization privileges. This user can perform all tasks required for

    • Engine management (start/stop engine, enter/exit bypass mode),
    • Policy management (add/delete/clone/configure a policy),
    • Firewall configuration (Setting name/location/tag for node, configuring reporting database and deployment mode, changing privacy settings, setting DNS enrichment for reports, exempting VLANs/Networks, enabling/disabling health check and block notification page, sharing node, managing subscriptions and API keys), and
    • Advanced reporting (Viewing, customizing report views and live sessions explorer).

    Admin has the same organization access privileges as the Owner except for the following tasks:

    • User/group deletion from the organization
    • Update admin roles in the organization
    • Update tags
    • Disable Google Authentication

  3. Viewer: This is one of the users who you shared your organization with. This user can view configurations, reports, and live sessions. Viewer does not have rights on the following tasks:

    • Deleting or sharing any organizational item
    • Managing Centralized Policies of the organization
    • Changing Settings of the organization
    • Changing the Status of the packet engine (start/stop the engine and enter/exit bypass mode)
Last updated on by Zenarmor