cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
1395
Views
0
Helpful
1
Replies
Brendon Bell
Beginner

AMP for Endpoints - subtenanting

We have the account set up as follows.

Our Company purchased 70 licences, and we have sub-tenanted 50 of these to down stream ISP customer:

1. When I log in (with administrator privileges) I have the following option:> Analysis > Reports


When our customer logs in with their account (without administrator privileges) they do not have the reports option at the bottom of this menu.
If we give them administrator access, then they will have visibility of the 20 devices that belong to us (and we don't want that).

How can we give the customer access to generating their own reports without providing visibility of our devices?

Note: the test user you can see above was used to test this out.

2. We want to activate email notifications on a per account basis.

If our our customer logs in with their account and selects:

Analysis > Events > Not Subscribed > Immediate (one email per event)

does this send an email each time an event is detected?
Which email address will this go to?
Can you please confirm that this will only occur for the computers that are loaded against his account (and not ours)?
Also, can you please confirm that we will not get spammed in our worksorders queue every time that one of our customers devices goes down?

1 REPLY 1
Matthew Franks
Cisco Employee

Brendon,

1. When you create their user account (non administrator), you can assign them privileges to certain groups, policies, outbreak control lists, custom detection list, exclusion lists, etc.  You can also go in and edit these as needed under Accounts > Users.  If you create separate groups, policies, objects, etc. for your various customers they will only see data for their connectors.

2. If they make a subscription for one email per event, they will get an email for each event based on the subscription settings.  This is typically used if they have an automatic ticket generating system based on each email.  It will go to the email address listed as the notification email (Accounts > Users > click a user) for the user creating the subscription.  If they only have privileges for some connectors, they will only get emails concerning those connectors.

If you have an Admin account and are monitoring all systems, you will get alerted when they have detections if you have subscriptions set up for all policies.

Thanks 

Content for Community-Ad

This widget could not be displayed.