This article explains how to verify if Role-Based Access Control (RBAC) is applied within the Symantec VIP Manager portal, and provides guidance on reviewing administrative roles for access control and compliance purposes.

Symantec VIP Manager

Role-Based Access Control (RBAC) is a security best practice that restricts system access based on a user's role within an organization. In Symantec VIP Manager, RBAC is implemented through administrator roles, each offering a distinct set of permissions.

How to Verify RBAC in VIP Manager

1. Log In to VIP Manager

   • URL: https://manager.vip.symantec.com 

   • Use an account with administrative privileges.

2. Access Administrator Settings

   • Navigate to the Account  tab.

   • Select Find / Modify VIP Administrators.

   • Click Search button

3. Review Role Assignments

   • You will see a list of administrator accounts.

   • Check the Role assigned to each administrator.

4. Common Roles in VIP Manager

   • Super Administrator – Full access to all configuration and user settings.

   • Help Desk Administrator – Manage users and credential assignments.

   • User Administrator – Manage user information only.

   • Auditor – View access logs and audit reports.

   • Read-Only Administrator – View-only access without configuration permissions.

If your administrators have different roles assigned with clear separation of duties, RBAC is in effect.

Best Practices

• Assign roles based on least privilege to ensure security.

• Regularly audit administrator roles to ensure compliance with internal and external policies.

• Maintain documentation of who has access and why.

FAQ

Q: Can I create custom roles in VIP Manager?
A: As of now, VIP Manager supports only predefined administrative roles.

Q: Where can I find an audit log of admin activity?
A: Go to Reports > View Audit Reports to review administrator actions based on specific search criteria within VIP Manager.