Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. IT Analytics Help
  3. Section X. Storage (Capacity)
  4. Configuration of Host inventory
  5. Manage access control

Manage access control

For Linux hosts, root-level privileges are required. Data Collectors require read-only access to execute non-intrusive commands on hosts. It is strongly recommended that a separate login account used strictly for IT Analytics be established and using Active Directory for Windows systems and the sudo command for Linux systems, restrict the commands that IT Analytics can issue. To accommodate this security approach, you can optionally specify access control commands like sudo, sesudo, or pbrun.

See Host Access Privileges, Sudo Commands, Ports, and WMI Proxy Requirements.

Multiple Access Control settings can be created to manage access control commands for Linux hosts. For Linux systems, you must specify the path to an access control command such as sudo in order to execute certain OS commands with root-level privileges.

For additional prerequisite details:

See Host access requirements.

See Host Inventory configuration steps.

To Manage Access Control settings, select:

Admin > Data Collection > Host Inventory

  1. In the Host Inventory toolbar at the top of the browser window, click Manage Access Control.

  2. Add, Edit, or Delete settings using the buttons at the bottom of the window.

  3. Click Add to configure settings and then click OK.

Table: Access Control field descriptions.

Field

Description

Sample Values

Domain*

Select the IT Analytics Domain from the list; for most environments, only one Domain is displayed. Multiple domains facilitate management for Managed Services Providers (MSPs).

Name*

Assign a name to identify this Access Control setting.

Command*

Linux hosts only: Provide the full path to the access control command, such as sudo, sesudo, or pbrun.

See Host Access Privileges, Sudo Commands, Ports, and WMI Proxy Requirements.

You can configure sudo to prompt for a password using a custom prompt (the default is "Password"). IT Analytics expects the prompt to be "Password." If the hosts have a custom password prompt, you'll need to specify -p Password: after the path to sudo. See the example to the right.

/usr/bin/sudo

/user/local/bin/sudo -p Password:

Use for all command*

Select Yes to have the Data Collector use the access command for all commands.

Description

Enter a note to help identify this Access Control setting

   

Feedback

Was this page helpful?
Previous

Manage paths

Next

Host Inventory management

Feedback

Was this page helpful?