Delegated and tenant access

You can limit administrative access to Enterprise Threat Protector (ETP) by enabling delegated access or tenant access:
  • Delegated access. A super administrator grants an ETP user administrative access to specific locations, sub-locations, policies, and custom lists. A delegated administrator can:
    • Create locations, sub-locations, policies, and custom lists
    • View all locations, sub-locations, policies, and custom lists
    • Manage assigned locations, sub-locations, policies, and custom lists
    They can also perform additional tasks such as view reporting data, schedule a report, and more. For more information, see Delegated access.
  • Tenant access. Similar to delegated access, tenant access is used by Managed Service Providers (MSP) to restrict and create separate access for individual customers. A super administrator grants tenant access and assigns a tenant administrator to specific locations, sub-locations, policies, and custom lists. Unlike a delegated administrator, a tenant administrator cannot view settings associated with locations, sub-locations, policies, and custom lists they are not allowed to manage. They also cannot perform additional configuration operations in ETP. For more information, see Tenant access.