User Groups

On this page, you can manage User Groups and their roles in your Infinity Portal account. Each User Group has a unique name. A user can belong to multiple User Groups. You can add users to a group who are defined manually in the Infinity Portal, or import a group from an Identity ProviderClosed A system entity that creates, maintains, and manages identity information for principals and also provides authentication services to relying applications within a federation or distributed network. Acronym: IdP or IDP. (IdP).

Managing User Groups

Note - All fields marked with an asterisk (*) are mandatory.

  1. Go to > User Groups.

  2. In the toolbar, click New.

    A wizard window opens.

  3. In the Group Details step of the wizard, enter this information:

    1. Name

    2. Description

    3. For Group Source, select one of these options:

      • Manually - Select this option to add only users who are defined manually in the Infinity Portal.

      • IdP directory Sync - Select an Identity Provider (IdP) and a group to import. The Infinity Portal automatically synchronizes group membership information from the IdP. This option is available only for an IdP that is integrated with the Infinity Portal and has Directory Sync enabled. See SSO Authentication Setup with Identity Provider.

      • IDP ID - Enter the ID of a group as it appears in your Identity Provider (IdP). This option is available only for an IdP that is integrated with the Infinity Portal. See SSO Authentication Setup with Identity Provider.

      Note - In an IdP directory sync configuration, the Infinity Portal synchronizes group membership with the IdP on a regular basis. In an IDP ID configuration, the Infinity Portal queries the IdP for each login event.

    4. Click Next.

  4. Optional - In the Members step of the wizard, add more members to the group. These additional members must be defined manually in the Infinity Portal.

    1. Click Add member.

      A new window opens.

    2. Select users to add to the group.

    3. Click Next.

  5. In the Access and Roles step of the wizard, assign roles to the user group:

    1. For an account of type Managed Security ServiceClosed A Check Point service offering that helps customers with deployments or technical services for Check Point products. Provider (MSSPClosed Managed Security Service Provider (MSSP) - An managed security service provider (MSSP) provides outsourced monitoring and management of security devices and systems. Common services include managed firewall, intrusion detection, virtual private network, vulnerability scanning and anti-viral services.) , below Associated Accounts, select one of these:

      • This account [NAME OF YOUR INFINITY PORTAL ACCOUNT] only

        The group is associated only with your Infinity Portal account. This is the default configuration.

      • [NAME OF YOUR INFINITY PORTAL ACCOUNT] + All Child Accounts

        The group is associated with your Infinity Portal account and all of its child accounts (including child accounts that you create in the future).

      • Only specific accounts

        This group is associated with Infinity Portal accounts that you add in the Include Accounts field.

      • All accounts except

        This group is associated with your Infinity Portal account and all of its child accounts (including child accounts that you create in the future). Accounts that you add in the Exclude Accounts field are not associated with this group.

        Example - The MSSP account Cyber MSSP has two child accounts: Acme Corp. and Logistics Inc. The administrator adds Acme Corp. in the Exclude Accounts field. As a result, the group is associated only with the Cyber MSSP account and the Logistics Inc. account.

    2. Assign Global Roles to the group. See Users.

    3. Assign Specific Service Roles to the group. See Specific Service Roles.

      Example - When you select Support Contact Point for Harmony Connect in your Harmony Admins user group, this role automatically applies to users in the Harmony Admins Group.

  6. Click Add.

    The new User Group appears in the table.

Note - You can create a User Group without members and add the members later.

Note - If in the Accounts tab you configured a User Group to be associated with a child account automatically, you can edit this User Group only from the parent account.

Important - Immediately after you remove a user from a User Group, the user loses permissions that were based on the group.

  1. Go to > User Groups.

  2. Select the User Group that you want to edit.

  3. Click Edit.

    A new window opens.

  4. Make changes to the User Group.

  5. Click Save.

  1. From the list, select the User Group.

  2. Click Delete.

  1. Right-click the top row of the table that contains the names of the columns.

    A popup window opens.

  2. Select columns to show in the table.

    Only the selected columns appear in the table.

  1. In the Search field, click the Filter icon .

    The Filters pane shows on the right side of the Dashboard.

  2. Apply one or more filter criteria.

  3. To clear the filter, click Clear All.