Administration roles

You can use pre-defined administration roles to divide up security tasks according to each administrator's responsibility level.

You can't edit or delete these roles.

Super Admin

Super Admin administrators have access to everything in Sophos Cloud Optix.

They can manage administrators, roles, and role assignments in Sophos Central, and can control other administrators' access to information in Sophos Cloud Optix using environment tags.

They can also configure third-party integrations, for example Jira, Slack, and ServiceNow, and the Sophos Cloud Optix API.

There must be at least one administrator with the Super Admin role.

Admin

Admin administrators have access to all environments in Sophos Cloud Optix. A Super Admin administrator can restrict access to specific environments.

Admin administrators can't manage administrators and role assignments or configure third-party integrations or the Sophos Cloud Optix API.

Read-only

Read-only administrators have read-only access to all environments in Sophos Cloud Optix. Super Admin administrators can restrict access to specific environments.

They can't do the following:

  • Manage administrators and role assignments.
  • Add, edit or delete cloud environments.
  • Configure third-party integrations.
  • Configure the Sophos Cloud Optix API.

They also can't see some options, for example Edit buttons.

Custom

Sophos Central Super Admin administrators can add Custom roles. Custom roles are not available for the standalone Sophos Cloud Optix console.

Custom roles are based on the pre-defined Admin and Read-only administrator roles but also enable you to restrict access to specific products in Sophos Central, including Sophos Cloud Optix.

Custom administrators do not have access to any environments in Sophos Cloud Optix until a Super Admin provides them with access. They can't do the following:

  • Manage administrators and role assignments.
  • Configure third-party integrations.
  • Configure the Sophos Cloud Optix API.