Settings
Learn how to make important settings for your organization and account.
Organization settings
You manage your central company data via the organization settings. Furthermore, organization-wide settings can be made:
Two-factor authentication for all team members Use this option to enforce 2FA for all users. Please note that 2FA must first be configured on the server side for a newly installed on-premises instance.
Submit technical analysis data Use this option to help us better counter new threats and vulnerabilities. Only technical data is transmitted, such as the manufacturer name and software version.
Third-Party: G Data CyberDefense Before you can use Defence you must accept the G Data Eula.
Multi-Factor Authentification
To protect your Enginsight environment from unauthorized access in addition to your password, you should set up a two-factor authentication.
Sensitive functions are always additionally protected by a second factor (e.g. creating plugins or changing settings). Nevertheless, we recommend to request an additional authentication already at login:
Go to Settings → 'User Account'
Open the 'Advanced Settings'
Activate the 'Two-Factor Authentification at Login'
Depending on what information you have stored in your user account, you will be offered different options for two-factor authentication:
Authenticator and cell phone number added: Authenticator and SMS are offered
Authenticator added, no cell phone number: only Authenticator is offered
Added cell phone number, no authenticator: only SMS is offered
SMS is offered neither authenticator nor cell phone number added: e-mail is offered
We do not recommend authentication via e-mail. Therefore, you should always provide a cell phone number or add an authenticator. By using both options, you minimize the chance of losing access to your Enginsight account for too short a time. If you still do not have access to your account, please contact support: support@enginsight.com
Add a Authenticator App
Go to 'Settings' → Multi-Factor Authentication
Click on 'Add Authentication Code'
Scan the QR-Code with the Authenticator App on your mobile device or enter the Authenticator Code manually
Test the Authentication via App
Team members
In the Team Members area you get an overview of all users that have been added to the specific organization.
You have only one organization?
Select Add new user, to add new users.
You have multiple organizations?
Add New User: Add a user who is not yet in a shared organization.
Invite existing user: Add a user to the organization that already exists in other shared organizations.
Roles
With roles, the 'Permissions' of all team members can be individually designed and easily managed. You can either create individual roles or assign system roles.
Assign Role
Go to 'Settings' → 'Team Members'
Click on the desired team member
Assign one or more roles to the user and save the settings.
Individual Roles
Individual roles allow you to assign view, edit and delete rights for each individual function according to the needs of your work organization.
Go to 'Settings' → 'Roles'
Assign a name and a description.
Define under 'Permissions' which rights the respective role should have.
Permissions
All important functions of the Enginsight platform can be assigned customized permissions.
Structure of a Permission
The structure of each permission follows the same principle.
FUNCTION_ and following:
| Permission | Meaning |
|---|---|
* | All permissions of the corresponding function |
EDIT | Permission to make adjustments |
CREATE | Permission to add a new entry |
REMOVE | Permission to delete an entry |
If not all permissions are available for certain functions, this is because the operation is generally not possible. (For example, invoices cannot be deleted).
Existing Permission
Permissions can be set for the following functions.
Cross-module
| Permission | Meaning |
|---|---|
* | All functions. |
PDFREPORTS | PDF-Reports |
Dashboard
| Permission | Meaning |
|---|---|
CONFIGURATIONLISTS | Configurations-Lists |
CONFIGURATIONPOLICIES | Configurations-Policies |
Issues
| Permission | Meaning |
|---|---|
ISSUES | Issues |
MAINTENANCES | Maintenance periods |
Hosts
| Permission | Meaning |
|---|---|
HOSTS | Hosts |
PLUGINS | Plugins |
Endpoints
| Permission | Meaning |
|---|---|
ENDPOINTS | Endpoints |
Observations
| Permission | Meaning |
|---|---|
OBSERVATIONS | Observations |
Shield
| Permission | Meaning |
|---|---|
SHIELD | Shield |
Penetration Testing
| Permission | Meaning |
|---|---|
PENTEST | Open Penetration Testing |
AUDITS_CREATE | Start pentest |
AUDITS_VIEW | See pentest results |
AUDITTEMPLATES | Templates |
TARGETGROUPS | Target Groups |
HACKTORS | Hacktor |
Discovery
| Permission | Meaning |
|---|---|
DISCOVERIES | Asset Discovery |
INVENTORY | |
WATCHDOG | Watchdog |
Alerts
| Permission | Meaning |
|---|---|
ALERTS | Alerts |
WEBHOOKS | Webhooks |
Settings
| Berechtigung | Bedeutung |
|---|---|
ACCOUNT | Own Useraccount |
ACCESSKEYS | Accesskeys |
GROUPS | Groups |
INVOICES | Invoices (SaaS) |
ORGANISATIONS | Oganizations |
PAYMENTMETHODS | Payment methods (SaaS) |
ROLES | Roles |
SUBSCRIPTIONS | Subscriptions (SaaS) |
MEMBERS | Team members |
LICENCE | Licenses, Contingent Management (On-Premises) |
System Roles
Reasonable authorization-combinations often depend on the individual needs of the respective IT department. We offer system roles for recurring requirements. Here we distinguish between owner, administrator, operator and guest.
| Action Rights | Viewing Rights | No Access |
|---|---|---|
🟩 | 🟨 | ⬜️ |
Viewing and action rights
| Owner | Administrator | Operator | Guest | |
|---|---|---|---|---|
Dashboard | 🟩 | 🟩 | 🟨 | 🟨 |
Issues | 🟩 | 🟩 | 🟩 | 🟨 |
Hosts | 🟩 | 🟩 | 🟨 | 🟨 |
Endpoints | 🟩 | 🟩 | 🟨 | 🟨 |
Shield | 🟩 | 🟩 | ⬜️ | ⬜️ |
Penetration Testing | 🟩 | 🟩 | ⬜️ | ⬜️ |
Discoveries | 🟩 | 🟩 | ⬜️ | ⬜️ |
Observations | 🟩 | 🟩 | 🟨 | 🟨 |
Alerts and Issues | 🟩 | 🟩 | 🟩 | 🟨 |
Viewing and action rights: Settings
| Owner | Administrator | Operator | Guest | |
|---|---|---|---|---|
User Account | 🟩 | 🟩 | 🟩 | 🟩 |
Password | 🟩 | 🟩 | 🟩 | 🟩 |
Multi-Factor-Authentication | 🟩 | 🟩 | 🟩 | 🟩 |
Roles | 🟩 | 🟩 | ⬜️ | ⬜️ |
Responsibilities | 🟩 | 🟩 | ⬜️ | ⬜️ |
Access Keys | 🟩 | 🟩 | ⬜️ | ⬜️ |
Groups | 🟩 | 🟩 | ⬜️ | ⬜️ |
Payment Methods (SaaS) | 🟩 | ⬜️ | ⬜️ | ⬜️ |
Plans (SaaS) | 🟩 | ⬜️ | ⬜️ | ⬜️ |
Invoices (SaaS) | 🟩 | ⬜️ | ⬜️ | ⬜️ |
Contingent Management (On-Premises) | 🟩 | ⬜️ | ⬜️ | ⬜️ |
Support | 🟩 | ⬜️ | ⬜️ | ⬜️ |
Responsibilities
Define the responsibilities for the entire organization here. On the one hand, this is relevant for documentation reasons. On the other hand, you can use the definitions to efficiently manage your notifications in the event of alerts.
When you add an alert, the option "Inform responsible persons" is available. If you activate this option (default setting), the team members defined as security responsible will receive a notification.
In the case of alerts on hosts, the persons responsible for the host also receive a notification. In the case of alerts on endpoints, the corresponding endpoint owners receive a notification.
In addition, note the option to assign separate responsibilities for individual assets. The technical responsible person defined here also receives a notification if the "Inform responsible person" option is active for an alert.
Groups
Group your team members to efficiently assign the notification via alerts. For example, create a group for management, departments or admins.
Groups are independent of team member permissions. You always define permissions using roles.
Subscriptions, Payment methods, Invoices (SaaS)
In SaaS, you purchase a license by booking a subscription. Individual subscriptions apply to each organization. This means that you book one subscription per organization with its own contingents and periods. Newly created organizations therefore do not have a booked subscription at first. However, for a test period of 14 days you can already work with a small contingent.
Use the role model to restrict access to the subscriptions.
Book subscription
You always book the subscriptions for your organizations in the corresponding organization. Therefore, first always switch to the organization for which you want to book a subscription. Go to Settings → Subscriptions→ Checkout.
Choose payment interval
First, select the payment interval you want. You can choose between a monthly and yearly payment method. If you pay once a year, you will receive a discount.
Set licenses
Your SaaS account already includes a server license. In the next step, select additional licenses.
Server License: Authorized to install a Pulsar Agent on a server operating system.
Client License: Authorized to install a Pulsar Agent on a client operating system.
Endpoint License: Authorized to monitor an endpoint (website or URL).
The other functions of the Enginsight platform (e.g. asset inventory, penetration testing, ping/port checks and SNMP) only require SaaS access and are not licensed separately.
Deposit payment method
Select the preferred payment method or add a payment method.
You have the choice between:
Credit card and
SEPA direct debit.
Enter address
Specify your billing address. By default, the organization's address is entered. However, you can choose a different invoice address as well as a different invoice recipient.
Customize subscription
You can make adjustments to your booked subscriptions at any time. Payments that have already been made will be offset.
Offsetting will happen on the invoice document only. The platform will always show you the cost of the selections made.
Cancel subscription
To cancel a subscription, click Cancel at Settings → Subscriptions. There are no cancellation periods.
Retrieve invoices
You will receive the invoices as an email. You can also retrieve them in the corresponding organization at Settings → Invoices.
Use the role model to restrict access to the invoices.
Licences and Contingent Management (On-Premises)
Learn how to manage your licences and organisations in the On-Premises version of Enginsight.
Last updated
