USM Anywhere User Management

Overview
USM Anywhere Architecture
USM Anywhere Data Security
USM Anywhere Log Data Enhancement
USM Anywhere Quick Start Guides
USM Anywhere Deployment Guide
USM Anywhere User Guides
- Overview
- Getting Started with USM Anywhere
- USM Anywhere Best Practices
- USM Anywhere Dashboards
- Asset Management
- Alarms Management
- System Events Management
- Console User Events on USM Anywhere
- Configuration Issues Management
- User Behaviour Analytics
- Events Management
- USM Anywhere Scheduler
- Rules Management
- Vulnerability Assessment
- Open Threat Exchange® and USM Anywhere
- USM Anywhere Sensor Management
- The AWS Cloud Connector in USM Anywhere
- Subscription Management
- USM Anywhere Reports
- Machine Learning
- USM Anywhere User Management
  - Overview
  - Role-Based Access Control (RBAC) in USM Anywhere
  - Creating Users
  - Editing Users
  - Deleting Users
  - Managing Your Profile Settings
  - Using Multifactor Authentication
  - Configuring Web UI Session Timeout
- Using USM Anywhere for PCI Compliance
- USM Anywhere Investigations
- System Status within USM Anywhere
USM Anywhere Agents Guide
USM Anywhere BlueApps Guide

Because USM Anywhere manages important security functions for your organization, the system requires that all users with a username and a password. See Role-Based Access Control (RBAC) in USM Anywhere for more information about the in USM Anywhere. When the first user links to a newly-provisioned USM Anywhere environment, they configure the password for the initial user account. This is the default user as defined in your subscription, and this manager user account can only be deleted by another manager user. The Settings > Users page provides tools to add, edit, and remove user accounts in the system. After 45 days of inactivity, a user account will become locked. Manager users can unlock inactive accounts. Alternately, users can contact LevelBlue support to have their account unlocked. If you want to protect your account, enable multifactor authentication (MFA) for your user account. When this feature is activated, USM Anywhere displays the multifactor authentication page for you to complete your MFA configuration. The displayed page provides a unique QR code for your Authenticator app to retrieve a verification code. See Using Multifactor Authentication for more information about this security configuration.

Note: LevelBlue recommends that users enable MFA for their account. MFA adds extra security by requiring multiple factors to authenticate a user, making it more difficult for an unauthorized person to gain access to the account.

Users can access settings for their own account and log out of the system by clicking the

icon in the USM Anywhere web UI secondary menu. USM Anywhere collects information about when a user logs into the system and what the user does. This information is available in USM Anywhere when you go to Settings > System Events. USM Anywhere offers remote technical support for troubleshooting and diagnosis, where the LevelBlue Technical Support Engineers access your instance from their computers. This topic discusses these subtopics: Role-Based Access Control (RBAC) in USM Anywhere Creating Users Editing Users Deleting Users Managing Your Profile Settings API Clients Using Multifactor Authentication Requiring Multifactor Authentication Configuring Web UI Session Timeout

Viewing Machine Learning Alarms and Events Role-Based Access Control (RBAC) in USM Anywhere

USM Anywhere™

USM Central™

Automated Policy Manager

USM Anywhere User Management