Scope tags

Scope tags are tags used to separate the management duties of the assets or hosts among the Asset Managers in an Xshield or Xprotect instance. An Asset Manager who is assigned a Scope tag can manage only the assets or hosts tagged with the Scope tag. The applied scope extends to the Dashboard, Alerts, Visual Explorer, and Flow Explorer features in Xshield. In Xprotect, the scope extends to the Dashboard, Alerts, Commands, and Files features.  

Scope tags are instance-level objects. You can assign multiple Scope tags to an Asset Manager. In this case, the assets or hosts with all applied scopes are accessible to the Asset Manager.

Add Scope tags to assets or hosts

Only Org Admins, Admins, or User Managers can add Scope tags.

  1. Add some or all Scope tags needed for the Asset Managers in the Xshield or Xprotect instance.

  2. Go to the relevant instance and assign Scope tags as follows:

  • In an Xshield instance, assign the Scope tag at the level of Workload groups, Endpoint groups, and multiple selected assets. For groups, edit the group and assign the Scope tag from the fly panel. For assets, select the assets and assign the Scope tag from the fly panel.

  • In an Xprotect instance, assign the Scope tag to multiple selected hosts from the Hosts page.

When Asset Managers log into their instances, they see only the assets and hosts based on the Scope tags assigned to them. See RBAC role privileges in Xshield and RBAC role privileges in Xprotect for more details about the privileges to the features and the objects in the instances.

Edit Scope tags

Edit the scope tags for an Asset Manager when you want them to manage a different set of assets or hosts.

  1. Go to Users.

  2. Select an instance from the Instance drop-down list.

  3. Click the 3-dot menu for the Asset Manager and click Edit Scope.

  4. Add or remove scopes.

  5. Click Save.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.