Learn about SIA
Learn about the main features and components of SIA.
A location is a public IP address or a named collection of public IP addresses that belong to a region or geographic area in your network, such as a CIDR block for an office branch or your company headquarters. For more on locations, see About locations.
A policy is a group of settings that define how SIA handles known or suspected threat events and access control events. It’s also where you enable or configure other important features of SIA. For more on policies, see About policies.
SIA allows you to create two broad categories of lists: block lists and exception lists. For more on lists, see About lists.
An identity provider (IdP) is a service that creates, manages, and saves user identity information. With an IdP, you can enable authentication, and configure the users and groups who can access websites, web applications, specific file types, and sensitive data. For more on IdP, see About identity providers.
ETP Client is a client agent that directs DNS and web traffic to SIA for analysis. For more on SIA client, see About ETP Client.
Enterprise Security Connector
Enterprise Security Connector is a virtual machine (VM) you deploy in your network to act as one of the following:
- an internal DNS resolver that forwards traffic to SIA.
- a DNS sinkhole that receives malicious or suspicious traffic.
- an HTTP forwarder that forwards web traffic to SIA Proxy.
For more on Security Connector, see About Security Connector.
SIA Secure Web Gateway
The Secure Web Gateway (SWG) is the full web proxy configuration of SIA Proxy. SWG performs URL filtering, anti-malware scanning, and applies acceptable use policies to each user. For more on SWG, see Full web proxy.
You can define the websites, web applications, file types, and sensitive data that your users are allowed to access. For more on access control, see Configure access control.
Use the Dashboard to apply interactive widgets that allow you to view and track network traffic, events, and other activity across your organization. For details, see Dashboard.
View data on events and network activity. You can also schedule a daily or weekly report to show alerts, events, or other data. For more information, see Events, Activity, and Scheduled reports.
Roles include permissions that let you act on objects in Control Center. These roles are available for SIA. Contact your Control Center administrator to assign one of these roles:
|SIA Administrator||etpAdmin||Can perform all operations, view all reports, and see all reporting data in SIA.|
|Delegated Administrator||etpDelegatedAdmin||A delegated administrator can:|
If the delegated access feature is enabled, an SIA administrator can assign the delegated administrator role to a user.
A delegated administrator cannot change the IP addresses or CIDR blocks that are configured to an assigned sub-location.
For more information, see Assign a delegated administrator role.
|Strict Delegated Administrator||etpStrictDelegatedAdmin||A strict delegated administrator can:|
If the tenant access feature is enabled, an SIA administrator can assign this role to a user. For more information, see Assign a strict delegated administrator role.
|Tenant Administrator (for Multi-tenancy feature)||etpTenantAdmin||Can perform all operations, view all reports, and data associated with their tenant.|
A user must have this role to manage a tenant. When you assign a user to a tenant, they are automatically assigned this role. For more information, see Multi-tenancy.
|Tenant Viewer (for Multi-tenancy feature)||etpTenantViewer||Can view specific reports and filter data in those reports. A tenant viewer can also view settings for most configuration items in the tenant. To learn what’s available to a tenant viewer, see Tenant viewer.|
|Report Viewer||etpReportViewer||Can view reports and reporting data in SIA. A report viewer cannot view configuration settings.|
By default, a report viewer cannot see the DNS Activity, Summary of Proxy Activity, Proxy Activity, and Identity Provider Activity reports. The etpRestrictedPageViewRole permission is required to view these reports.
|Viewer||etpViewer||Has read-only privileges. A viewer can view report data and configuration settings.|
By default, a viewer cannot see the DNS Activity, Summary of Proxy Activity, Proxy Activity, and Identity Provider Activity reports. The etpRestrictedPageViewRole permission is required to view these reports.
|N/A||etpRestrictedPageViewRole||Grants access to the DNS Activity, Proxy Activity, Summary of Proxy Activity, and Identity Provider Activity reports. This is a permission that your Control Center administrator can assign to any SIA role. Unlike other permissions in SIA, this permission cannot be the only one assigned to an SIA user. For example, your Control Center administrator cannot create a role that only has this permission assigned. If you want a Report Viewer to also see these reports, make sure your administrator assigns this additional permission to the user.|
Updated 4 months ago