[FAQ] Common Admin Questions

What is a Cipherscale space? A Cipherscale Space is a dedicated administrative tenant created upon signup, used to manage your Users, Devices, Gateways, and Policies.

How do I transfer ownership of all my spaces? See Mission: Transferring Account Ownership

How do I manage cookie preferences? See Mission: Managing Privacy by Configuring Cookie Preferences

How do I set the default time zone for my space? Navigate to Settings, select your preferred time zone from the Default timezone drop-down list on the General tab, and click Save Preferences. This time zone will apply to your admission rules and gateway logs.

Will I receive email notifications for system events? Yes, Cipherscale automatically sends email alerts for critical system events.

What types of system events can I receive notifications for? You can customize your notification settings to receive alerts for critical events, specifically regarding subscription seat usage and gateway connectivity.

How will I know if I have exceeded my allocated user seats? You can enable the Subscription Limit Exceeded notification. Once activated, the system will send you an alert whenever your user count exceeds the number of allocated seats on your current subscription.

Can I receive a warning before I completely run out of subscription seats? Yes, by enabling the High Subscription Usage notification. This setting allows you to configure a threshold—such as 80% of your subscription capacity—so you get notified proactively before you run out of available seats.

How do I monitor the availability of my deployed gateways? You can turn on the Gateway Status Change notification. This ensures you receive an immediate alert whenever your deployed Gateways change status, such as going online or dropping offline.

From where can I change all these Email Notification settings? You can navigate to Settings and use the Notifications tab to view and configure these settings.

Which authentication methods are supported? Cipherscale provides direct native OIDC support for Google and Microsoft, and supports Federated SSO for any SAML 2.0 compliant Identity Provider.

Can multiple authentication methods be active at the same time? Yes, you can enable Multi-Auth, which allows multiple authentication methods to be active simultaneously, and users can choose their preferred method when signing in.

How do I enable or configure user authentication? Navigate to Settings and select the Authentication tab. You can toggle Google and Microsoft ON/OFF, or click SAML Configuration to set up a new Identity Provider. See Mission: Identity Provider (IdP SAML) Integration.

What administrative roles are available? Users are assigned roles that determine their privileges. An Owner controls billing and full setup, an Admin can configure the solution, an Auditor can view configurations without changing them, and a User can simply access authorized resources.

How are user devices created and managed? Devices are automatically registered and created in the system the first time a User successfully authenticates on them.

How do I recover an 'Expired' user? Navigate to the Intent Bar and type: "Resend the invite to [User Email]." This generates a fresh 7-day token.

A user is at their device limit. What do I do? Users are limited to 5 devices. Type "Show me [User]'s devices," then type "Delete device [device name or ID]." By deleting unused devices, new devices can be registered for the user.

How do I get human support? If the Copilot cannot resolve an issue, email support@cipherscale.com.

What types of access does Cipherscale secure? The platform provides a unified Zero Trust solution for Private Access (internal applications), SaaS Access (public SaaS apps using IP Pinning), and Internet Access (delivering traffic to data centers with your third-party internet security stack).

If multiple access policies apply to a request, which is enforced? Cipherscale evaluates access policies in top-to-bottom order based on arranged priority. The first access policy that matches the user, group, or device requesting access is enforced.

What is the difference between Access Policies and Admission Rules? Access Policies determine whether to allow or deny access to a destination. Admission Rules are mandatory prerequisites attached to those policies; they continuously evaluate context such as Device Posture, Location Context (IP/Country), and Time Constraints to determine whether the user is even qualified to request access.

Do I need to open any incoming ports in my firewall? Yes, for a Gateway to function and receive connections, you must ensure that UDP port 51820 or a configured alternative port is open to incoming traffic from the internet.

How does load balancing work if a resource uses multiple gateways?

Do I need to configure my private DNS servers in the Administration Portal? No. For private applications, the Gateway automatically uses the private DNS server on its local network to resolve domain names.

Can I manage configurations using AI? Yes, Cipherscale's AI-native core allows you to use a conversational chat interface to build intent-based Zero Trust policies (e.g., "Allow the DevOps group access..."), automatically deploy gateways to cloud environments, all types of Cipherscale platform configurations, and run Root Cause Analysis to troubleshoot blocked access instantly.

How do I view the logs for a specific gateway? Navigate to Gateways, click the row of the specific gateway you want to investigate, and select the Sessions tab.

Where can I find User and Gateway session logs? Navigate to Overview and select Sessions from the Detail Ribbon. You can view the User and Gateway session logs by clicking the appropriate tab.

Does Cipherscale provide audit logs for administrative changes? Yes, admin audit logs automatically track all configuration changes made within the portal. Navigate to Overview and select Logs from the Detail Ribbon.

Where can I view the current online status for users and infrastructure? The Overview tab provides high-level status widgets. The Seats card, Users card, Gateways card, and Resources card visually display status metrics for various entities configured in your space.