ESET Online Help

Search
Select the category
Select the topic

The ESET PROTECT On-Prem Permission Settings

In the ESET PROTECT On-Prem, you must create a Static Group, where security engineers have access and full permission rights.

We recommend using pre-defined permission sets in ESET PROTECT On-Prem.

Refer to ESET PROTECT On-Prem documentation for details on creating an ESET PROTECT On-Prem Native User.

The EI_SERVER_INSTALLER Web Console access user permission set:

EI_Admin_Permission

note

The user with this permission set should be used during the ESET Inspect Server installation process. If there is an error, diagnostics data logs are created, which can help solve the issue.

 

The EI_ADMIN Web Console access user permission set:

EI_User_Permission

 

The EI_READ_ONLY Web Console access user permission set:

EI_Reviewer_Permission

Custom permission sets

You can create custom permission sets (see the Permission Sets Online Help topic).

A given permissions set enables Read, Use or Write access. In general:

Read permissions allow viewing data only.

Use permissions allow using objects and run tasks but not modifying or deleting them.

Write permissions allow modifying respective objects and/or duplicating them.

Some permissions (refer below) control a process, not an object. Permissions work globally, so it makes no difference which group they are applied to—they will work regardless. If a user is given permission for a process, they can only use it on objects with sufficient permissions.

Functionality types:

Access to ESET Inspect On-Prem

Read—Log in to ESET Inspect Web Console.

Change Server Settings

Write—Change ESET Inspect Server Settings in More > Admin > Settings.

Edit Notes/Comments

Write—Edit notes and comments through ESET Inspect On-Prem.

Edit Tags

Write—Create and edit tags in ESET Inspect On-Prem.

Create & Edit Incidents

Write—Create and edit incidents in ESET Inspect On-Prem.

Add Objects to Incidents

Write—Work with objects within ESET Inspect On-Prem incidents.

Assign Incidents

Write—Assign incidents to a specific user in the Incidents window.

Change Incident Status

Write—Change the incident report progress status.

Block Modules

Write—Block executables based on the SHA-1 hash. The blocked executable will appear in the blocked hashes section. Users can access the remediation option in detection details.

Clean Modules

Write—Delete the executable file and add it to the blocked hashes section to prevent future occurrences and access the remediation option in detection details.

Kill Process

Use—Kill the run process that triggers a detection.

Remote Shell Access

Use—Connect to the Computer via remote Terminal.

Resolve Detection

Write—Change the detection status.

Change Detection Priority

Write—Change the detection priority levels.

Mark as Safe/Unsafe

Write—Mark executables as Safe/Unsafe.

Mark as Safe/Unsafe

Write—Mark scripts as Safe/Unsafe.

Create and Manage Rules

Write—Create, save and manage rules.

Enable/Disable Rules

Write—Enable or disable rules.

Import/Export Rules

Read—Export the rule from ESET Inspect On-Prem.

Write—Import the rule into ESET Inspect On-Prem.

Create and Manage Exclusions

Write—Allows creating, saving and managing exclusions.

Enable/Disable Exclusions

Write—Enable or disable exclusions.

Import/Export Exclusions

Read—Export an exclusion from ESET Inspect On-Prem.

Write—Import an exclusion into ESET Inspect On-Prem.

Resolve Questions

Write—Resolve a notification.

Create and Manage Tasks

Write—Create and manage tasks.

Pause/Resume Tasks

Write—Pause and resume tasks.

Download Executables

Use—Download an executable file for further diagnostics.

Download Scripts

Use—Download a script file for further diagnostics.

Audit Log

Read—Read the audit log.