Default non-Classic System Role Permissions and Client options

This section lists the permissions available for each of the non-configurable System Roles.All permissions are selectable for staff level roles Superuser, Administrator or Standard whilst the Client role has a more limited permissions set that is more appropriate for its intended use. As such we have included an additional column which shows the available Client options.

IMPORTANT: To avoid accidental exposure of customer details to other clients, it is imperative that Client Dashboard logins are used in conjunction to Client Groups to ensure the customer only sees their own devices and information, rather than another client's details.

To avoid inadvertently revealing customer information, we recommend you log into the Client Dashboard with their login before distributing the credentials to the customer to verify they can only view their own details.

Permission

Summary

Superuser

Administrator

Standard

Client: System

Client: Available

General

General Settings

View and edit the general account settings

Allow Allow Deny Deny Deny

Users

Allow Deny Deny Deny Deny

User Accounts

Add, edit and delete user accounts

Allow Deny Deny Deny Deny

Roles & Permissions

Add, edit and delete user roles

Allow Deny Deny Deny Deny

Client Groups

Add, edit and delete client groups

Allow Deny Deny Deny Deny

Clients

Add, edit and delete  clients

Allow Allow Deny Deny Deny

Sites

Add, edit and delete sites

Allow Allow Deny Deny Deny

Devices

Add, edit and delete devices (Add not available for Clients)

Allow Allow Allow Deny Optional

Agents

Allow Allow Deny Deny Deny

Download & Install

Download and install agents and add devices

Allow Allow Deny Deny Deny

Site Installation Package

Configure and download a site installation package

Allow Allow Deny Deny Deny

Agent Auto-update Settings

View and update the Advanced Monitoring Agent versions on servers and workstations

Allow Allow Deny Deny Deny
  To log into an Agent the user must be based on a Administrator or Superuser role.          

External Links

Allow Allow Group Deny Deny

Settings

Edit the external links settings

Allow Allow Deny Deny Deny

Usage

Show the external links drop-down menu

Allow Allow Allow Deny Deny

Help

Allow Allow Allow Deny

Optional

System Help

Show the link to the helpfile section

Allow Allow Allow Deny

Optional

Support Tickets

Submit help tickets to customer support via the Help drop-down menu

Allow Allow Allow Deny

Optional

Release Notes

Show link to the release notes section

Allow Allow Allow Deny

Optional

Billing

Allow Deny Deny Deny Deny

Payment

Show the payment configuration option in the General Settings dialog

Allow Deny Deny Deny Deny

Report

View the price breakdown report and invoices

Allow Deny Deny Deny Deny

PSA Integration

Allow Allow Group Deny

Optional

Settings

Set up and configure a PSA integration

Allow Allow Deny Deny Deny

Usage

Create, edit and view PSA tickets and information

Allow Allow Allow Deny Optional

Asset Tracking

View and use the Asset Tracking section

Allow Allow Allow Deny Deny

Product Keys

Display the Windows and Microsoft Office Keys in the device Summary tab

Deny Deny Deny Deny Deny

Wall Chart

Edit the Wall Chart settings

Allow Allow Deny Deny Deny
Community   Access the Community portal Allow Allow Deny Deny Deny
LogicCards View LogicCard insights Allow Allow Deny Deny Deny
               

Alerting

Allow Allow Group Deny Deny

Alert Routing & Policies

Set server and workstation alert routing and alert policy settings

Allow Allow Deny Deny Deny

Email Templates

View and edit email templates

Allow Allow Deny Deny Deny

Email & SMS Alerts

Allow Allow Allow Deny Optional

Devices

Show the email and SMS alert columns for Servers and Workstations in the north pane

Allow Allow Allow Deny Optional

Checks

Show the email and SMS alert columns for checks in the South Pane

Allow Allow Allow Deny Optional

Reporting

Superuser

Administrator

Standard

Client: System

Client: Available

System Reports

Dashboard Reports

Allow Allow Allow Deny Deny

User Audit

View the User Audit Report

Allow

Allow

Allow

Deny

Deny

Device Inventory

View the Device Inventory Report

Allow

Allow

Allow

Deny

Deny

Feature Policy Report

View the Feature Policy Report

Allow

Allow

Allow

Deny

Deny

Critical Events

View the Critical Events Report

Allow

Allow

Allow

Deny

Deny

Check Clearing

View the Check Clearing Report

Allow

Allow

Allow

Deny

Deny

Fault History

View the Fault History Report

Allow

Allow

Allow

Deny

Deny

Bandwidth and Performance History

View the Bandwidth History Report

Allow

Allow

Allow

Deny

Deny

Active Directory Users

View the Active Directory Report

Allow

Allow

Allow

Deny

Deny

Automated Tasks

View the Automated Task Report

Allow

Allow

Allow

Deny

Deny

Remote Support

View the Remote Support Report

Allow

Allow

Allow

Deny

Deny

Take Control

View the Take Control report

Allow

Allow

Allow

Deny

Deny

Patch Management Overview

View the Patch Management report

Allow

Allow

Allow

Deny

Deny

Managed Antivirus - Threat Report, Antivirus Protection Report, Quarantine Report

View the Managed Antivirus reports

Allow

Allow

Allow

Deny

Deny

Web Protection - Web Protection Overview Report, Web Protection Report Builder

View the Web Protection reports

Allow

Allow

Allow

Deny

Deny

Backup & Recovery - Backup Integrity Report, Session History Report, Restorable Selection Report

View the Backup & Recovery reports

Allow

Allow

Allow

Deny

Deny

Mobile Device Management

View the Mobile Device Management reports

Allow

Allow

Group

Deny

Deny

Client Reports

       

Servers

Allow

Allow

Deny

Deny

Deny

Settings

Configure the settings and monthly content for the client server monitoring reports

Allow

Allow

Deny

Deny

Deny

Email Template

Configure the email template settings for the server monitoring reports

Allow

Allow

Deny

Deny

Deny

Monthly Content

Configure the daily, weekly and monthly reports and their email settings

Allow

Allow

Deny

Deny

Deny

Monthly Report

View and (re)send the monthly client server reports

Allow

Allow

Allow

Deny

Deny

Resend Daily

View and (re)send the daily client server reports

Allow

Allow

Allow

Deny

Deny

Resend Weekly

View and (re)send the weekly client server reports

Allow

Allow

Group

Deny

Deny

Workstations

Allow

Allow

Deny

Deny

Deny

Settings

Configure the settings for the client workstation reports

Allow

Allow

Deny

Deny

Deny

Email Template

Configure the email template settings for the workstation monitoring reports

Allow

Allow

Deny

Deny

Deny

Resend Daily

View and (re)send the client daily workstation reports

Allow

Allow

Allow

Deny

Deny

Resend Weekly

View and (re)send the client weekly workstation reports

Allow

Allow

Group

Deny

Deny

Notes

Allow

Allow

Deny

Deny

Deny

Settings

Configure the settings for the notes report

Allow

Allow

Deny

Deny

Deny

Email Template

Configure the email template settings for notes report

Allow

Allow

Deny

Deny

Deny

Notes Report

View the notes report

Allow

Allow

Allow

Deny

Deny

Allow

Allow

Allow

Deny

Deny

Mobile Apps

Superuser

Administrator

Standard

Client: System

Client: Available

Mobile Apps

Access the mobile apps

Allow

Allow

Deny

Deny

Optional

Private Notes

View and add private check notes

Allow

Allow

Deny

Deny

Optional

Monitoring & Management

Superuser

Administrator

Standard

Client: System

Client: Available

24x7 & Daily Safety Checks

Allow

Allow

Group

Deny Optional

Settings

Add, edit and delete checks

Allow

Allow

Deny

Deny

Deny

Predefined SNMP Checks

View, add, edit and delete predefined SNMP checks

Allow

Allow

Allow

Deny

Deny

Usage

Run and clear checks

Allow

Allow

Allow

Deny

Optional

Automated Tasks

Allow

Allow

Group

Deny

Optional

Settings

Add, edit and delete tasks for devices and sites

Allow

Allow

Deny

Deny

Denyl

Usage

Run automated tasks

Allow

Allow

Allow

Deny

Optional

View

View automated tasks on the Tasks tab

Allow

Allow

Allow

Allow

Optional

Outages

Allow

Allow

Deny

Deny

Optional

View

Show the outages tab

Allow

Allow

Allow

Deny

Optional

Details

Show the details of the outage

Allow

Allow

Deny

Deny

Deny

Monitoring Templates

Allow

Allow

Deny

Deny

Optional

Settings

Add, edit and delete monitoring templates. Set default monitoring templates for new devices

Allow

Allow

Deny

Deny

Deny

Usage

Add and replace checks on devices using the monitoring templates

Allow

Allow

Deny

Deny

Optional

Custom Scripts

View, add, edit and delete custom scripts for checks and tasks

Allow

Allow

Deny

Deny Deny

Maintenance Mode (Maintenance Windows)

Schedule maintenance mode and turn maintenance mode on and off

Allow

Allow

Allow

Deny Deny

Critical Events

Add, edit, delete and apply critical events settings

Allow

Allow

Deny

Deny

Optional

Notes

Allow

Allow

Allow

Group Optional

Usage

Add, edit and delete device notes and check notes

Allow

Allow

Allow

Deny

Deny

View

View client facing notes

Allow

Allow

Allow

Allow

Optional

Pending Actions

Allow

Allow

Allow

Group

Optional

Clients

View and cancel pending actions across clients

Allow

Allow

Allow

Deny Deny

Devices

View and cancel pending actions for a device

Allow

Allow

Allow

Allow

Optional

Reboot

Reboot devices

Allow

Allow

Allow

Deny

Optional

Backup Device Configuration

Download a copy of the 24x7 and Daily Safety Check configuration on a device

Allow

Allow

Allow

Deny

Optional

         
Apple Device Management    

Superuser

Administrator

Standard

Client: System

Client: Available

Certificates   Manage certificates Allow Allow Deny Deny Deny
Profile Library   Manage the profile library Allow Allow Deny Deny Deny
Profile Deployment   Deploy profiles to devices using Apple Device Management Allow Allow Deny Deny Deny
View   View Apple Device Management information Allow Allow Deny Deny Deny
Workstation View View workstations on the Dashboard Allow Allow Allow Allow Allow
  Commands Send commands from the Dashboard to the Mac Allow Allow Deny Deny Deny
Mobile Devices View View mobile devices on the Dashboard Allow Allow Allow Allow Allow
  Commands Send commands from the Dashboard to the mobile device Allow Allow Deny Deny Deny
               
Integrations    

Superuser

Administrator

Standard

Client: System

Client: Available

Integration Management     Allow Allow Deny Deny Deny
  View View integration settings Allow Allow Deny Deny Deny
  Manage Manage integration settings Allow Deny Deny Deny Deny
Endpoint Detection & Response              
  View View EDR on the Dashboard Allow Allow Allow Allow Allow
  Manage Manage the EDR integration Allow Allow Deny Deny Deny
  Policies Add, Edit and Delete EDR policies Allow Allow Deny Deny Deny
  Settings Apply EDR policies Allow Allow Deny Deny Deny
               

Features

   

Superuser

Administrator

Standard

Client: System

Client: Available

Managed Security

   

Managed Antivirus

Allow Allow Group Group Optional

Settings & Policies

Add, edit and delete Managed Antivirus policies and apply to devices. Use the CART tool

Allow Allow Deny Deny Deny

Usage

Run and cancel MAV scans, quarantine and release items from quarantine, update threat definitions, detect installed products

Allow Allow Allow Deny Optional

View

View MAV scan results

Allow Allow Allow Allow Optional

Web Protection

Allow Allow Group Group Optional

Settings & Policies

Add, edit and delete Web Protection policies and apply to devices

Allow Allow Deny Deny Deny

Usage

Refresh Web Protection data and use the website lookup tool

Allow Allow Allow Deny Optional

View

View Web Protection browsing data

Allow Allow Allow Allow Optional

Patch Management

    Allow Allow Group Group Optional

Settings & Policies

Add, edit and delete Patch Management policies and apply to devices

Allow Allow Deny Deny Deny

Usage

Install, approve, reprocess and ignore patches. Run the vulnerability check

Allow Allow Allow Deny Optional

View

View patches on the Patches tab

Allow Allow Allow Allow Optional

Backup & Restore

             

Backup & Recovery

Allow Allow Group

Group

Optional

Settings & Policies

Add, edit and delete Backup & Recovery policies and apply to devices

Allow Allow Deny

Deny

Deny

Usage

Download the Backup Manager, run backups, restore backups, view changed and removed files

Allow Allow Allow

Deny

Optional

View

View backup files on the Backup tab, view changed and removed files

Allow Allow Allow Allow

Optional

Networks

         

Network Discovery

Allow Group Deny Deny Deny

Settings

Enable or disable Network Discovery at the policy or device level.

Allow Deny Deny Deny Deny

Usage

Access the Networks tab, manage a network and use the Network Discovery feature.

Allow Allow Deny Deny Deny

View

Show Networks tab on the north panel

Allow Allow Deny Deny Deny

NetPath

Allow Allow Deny Deny Deny

Usage

Access the NetPath section, manage and view Network Paths

Allow Allow Deny Deny Deny

View

Show NetPath in the View menu

Allow Allow Allow Deny Deny

Mobile Devices

             

Mobile Device Management

Allow Allow Group Group Optional

Settings & Policies

Add, edit and delete mobile devices; view mobile device reports

Allow Allow Deny Deny Deny

Usage

Issue updates and commands for mobile devices under management

Allow Allow Allow Deny Optional

View

Show Mobile Devices tab on the north pane

Allow Allow Allow Allow Optional

MAX Mail, O365, Google Drive

           

Services (App Control)

Access the Services tab. Add, edit and delete services, and use the Services functions

Allow Allow Deny Deny Deny

Remote Access

             

Take Control

Allow

Allow

Group

Group

Optional

 

Settings

Configure and install Take Control and Remote Access. Customize the remote support mail templates

Allow

Allow

Deny Deny Deny
 

Usage

Use Take Control to remote on to end-point devices that have Take Control installed

Allow

Allow

Allow Deny Optional
 

View

Show Take Control column on the north pane

Allow

Allow

Allow Allow Optional

Remote Background Management

Allow

Allow

Group Group Optional
 

Settings

Enable the Remote Background Management feature for clients, sites and devices

Allow

Allow

Deny Deny Deny
 

Usage

Start and use Remote Background Management sessions on devices

Allow

Allow

Allow Deny Optional
 

View

Show RBM column on the north pane

Allow

Allow

Allow Allow Optional

Remote Support (Legacy tool)

Allow

Allow

Group Deny Optional
 

Email Template

Edit the Remote Support email template

Allow

Allow

Deny Deny Deny
 

Usage

Send the Remote Support agent

Allow

Allow

Allow Deny Optional

Remote Desktop

Allow

Allow

Deny Deny Optional

System Tray

Allow

Allow

Group Group Optional

Settings

Manage the system tray settings including icon

Allow

Allow

Deny Deny Deny

View

Show System Tray column on the north pane

Allow

Allow

Allow Allow

Optional

Risk Intelligence

Allow

Allow

Allow

Allow

Optional

Settings & Policies

Configure and install Risk Intelligence. Customize and apply policies.

Allow

Allow

Deny

Deny

Optional

Usage

Run Risk Intelligence scans

Allow

Allow

Allow

Deny

Optional

View

View the Risk Intelligence results and reports

Allow

Allow

Allow

Allow

Optional

Filter Manager

Settings

Manage and use custom filters

Allow

Allow

Allow

Deny Optional

Key

Allow

Allow

Deny

Deny  / Client Dashboard - option unavailable

Group

Group option unavailable - group contains mixed permissions

Optional

Client Dashboard - option available

Please be aware that the Asset Tracking section and all Dashboard Reports (apart from the account wide User Audit Report and Remote Support Report) are Client Group aware. And where setup, users will only see Assets and Dashboard Reports that are specific to their assigned Clients; for example when selecting All Clients from a Report drop-down, this will only return the Reports for their Client Group. In line with best practice we would suggest taking a moment to login as the Client and check the returned information to ensure the expected information is returned.