Lab Topology
Total Seven Machines:
001-DC: 10.0.0.2 – 1G RAM and 25G Storage
002-PVWA/PSM/CPM : 10.0.20.1 – 4G RAM and 30G Storage
003-PSMP/PSM Gateway: 10.0.1.16 – 1G RAM and 30G Storage
004-PTA : 10.0.0.1 – 6G RAM and 50G Storage
005-Target Linux: 10.0.0.20 – 2G RAM and 20G Storage
006-Target Windows: 10.0.10.50 – 2G RAM and 60G Storage
007-Vault : 10.0.10.1 – 1G RAM and 20G Storage
Contents
INTRODUCTION TO CORE PAS …………………………………………………… 14
PVWA ……………………………. 14
Log in as Administrator .. 14
Activate the PSM ………… 17
Deactivate “Reason for Access” ………………………………………………. 18
Connect using a stored account in the New UI…………………………… 18
Connect using a stored account in the Classic UI ……………………….. 20
PRIVATEARK CLIENT …………….. 23
REMOTE CONTROL CLIENT ……… 27
PRIVATEARK SERVER ……………. 29
USER MANAGEMENT ……. 34
Know the Players ………… 34
LDAP INTEGRATION AND DIRECTORY MAPPING ………………………………………. 35
LDAP Integration ………… 35
Configure Predefined Directory Mappings ………………………………… 39
Test the LDAP Integration and Predefined Mappings …………………. 42
Configure Custom Directory Mapping ………………………………………. 42
Test Custom Directory Mapping ………………………………………………. 45
UNSUSPEND A SUSPENDED USER (OPTIONAL) ………………………………………….. 50
LOG IN WITH MASTER …………… 53
PASSWORD MANAGEMENT – PART 1 ………………………………………… 54
SECURING WINDOWS DOMAIN ACCOUNTS …………………………………………….. 54
Platform Management … 54
Safe Management ………. 60
Account Management …. 63
EDITING THE MASTER POLICY ….. 67
Password Management . 68
SECURING UNIX SSH ACCOUNTS 72
Vault Administrator Tasks ……………………………………………… 72
Safe Manager Tasks ……. 76
Auditor Tasks ……………… 91
PASSWORD MANAGEMENT – PART 2 ………………………………………… 94
LINKED ACCOUNTS ………………. 94
Securing SSH Accounts Using a Logon account ………………………….. 94
Securing Windows Server Local Accounts via a Reconcile Account .. 97
SECURING ORACLE ACCOUNTS . 103
Vault Adminstrator Tasks ……………………………………………….. 103
Safe Manager Tasks ….. 105
SECURING AN ACCOUNT WITH SSH KEYS ……………………………………….. 107
Generating a Key-Pair .. 107
Verify You Are Able to Log in with the Private Key ……………………. 112
USAGES – SECURING SERVICE ACCOUNTS ………………………………………..116
Manage a Scheduled Task Usage …………………………………………… 116
Managing a Configuration File Usage …………………………………….. 121
PRIVILEGED ACCESS WORKFLOWS …………………………………………… 126
REQUIRE USERS TO SPECIFY REASON FOR ACCESS ………………………………… 126
Activating the Policy ….. 126
Add Predefined Reasons for Access ………………………………………… 127
REQUIRE DUAL CONTROL ACCESS APPROVAL ……………………………………… 130
Activating the Policy ….. 130
Adding an approver to a Safe …………………………………………….. 132
Testing Dual Control ….. 134
EXCLUSIVE PASSWORDS WITH AUTOMATED RELEASE AND ONE-TIME USE ………. 138
Adding a Master Policy exception for Exclusive Passwords ……….. 138
Adding a Master Policy exception for One-Time Passwords ………. 139
Reducing the Minimum Validity Period …………………………………… 140
Testing Exclusive Passwords ……………………………………………….. 141
DISCOVERY AND ONBOARDING ………………………………………………. 143
ACCOUNTS FEED ……………….. 143
Configure Automatic Onboarding Rules ………………………………….. 143
Configure and Run Windows Accounts Discovery …………………….. 145
Verify Automatically Onboarded Accounts ……………………………… 150
Manually onboard discovered accounts………………………………….. 150
PASSWORD UPLOAD UTILITY (OPTIONAL) ………………………………….. 152
Add the Administrator as a member of template safe ………………. 152
Configure and run PUU 153
PRIVILEGED SESSION MANAGEMENT ……………………………………….. 161
Disable Privileged Access Workflows ……………………………………… 161
PRIVILEGED SESSION MANAGER …………………………163
Enabling PSM …………… 163
Adding Exceptions …….. 163
Connect with a Linux Account ……………………………………………….. 165
Connect with an Oracle Account ……………………………………………. 167
Connect via HTML5 Gateway ………………………………………………… 169
Connect using PSM Ad-Hoc Connection ………………………………….. 170
PRIVILEGED SESSION MANAGER FOR WINDOWS …………………………………….. 173
PRIVILEGED SESSION MANAGER FOR SSH …………………………………………….. 176
AUDITING USER ACTIVITY IN THE PSM (MONITORING) ……………………………… 177
PSM Session Terminators ……………………………………………………… 178
Monitor, Suspend and Terminate Active Sessions …………………….. 181
Monitor Recordings …… 182
PRIVILEGED THREAT ANALYTICS ……………………………………………… 184
DETECTIONS AND AUTOMATIC REMEDIATION FOR UNIX/LINUX …………………… 184
Unmanaged Privileged Access ………………………………………………. 184
Suspected Credential Theft and Automatic Password Rotation ….. 186
Suspicious Password Change and Automatic Reconciliation ……… 189
Suspicious activities in a Unix session and automatic suspension . 191
Security Rules Exceptions ……………………………………………….. 194
DETECTIONS AND AUTOMATIC REMEDIATION FOR WINDOWS …………………….. 195
Unmanaged Privileged Access ………………………………………………. 195
Suspicious Activities in a Windows Session and Automatic Suspension …………..200
CONNECT TO THE PTA ADMINISTRATION INTERFACE ……………………………….. 203
REPORTS …………………… 205
GENERATE “PRIVILEGED ACCOUNTS INVENTORY” REPORT ………………………….. 205
GENERATE “SAFES LIST” REPORT AND “USERS LIST” REPORT ………………………. 207
GENERATE REPORTS USING EVD …………………………………………… 209
REPLICATIONS ……………. 214
BACKUP AND RESTORE ………… 214
Enabling the Backup and DR users …………………………………………. 214
Installing the PrivateArk Replicator ………………………………………… 216
Create a Safe and an Account to test Backup ………………………….. 221
Running a Backup ……… 222
Delete the Linux02 Safe 223
Running a Restore …….. 223
COMMON ADMINISTRATIVE TASKS …………………………………………. 225
ROTATING CPM LOGS ………… 225
OPTIONAL EXERCISES ….. 227
AD HOC ACCESS ……………….. 227
Set up the Ad Hoc Access Platform…………………………………………. 228
Add the Local Administrator Account …………………………………….. 230
CPM Scanner Configuration ………………………………………………….. 230
Test Ad Hoc Access ……. 231
CUSTOM FILE CATEGORIES ……. 232
Creating the Custom File Category …………………………………………. 233
Adding the Custom File Category to the Platform …………………….. 234
Making the File Categorical Searchable ………………………………….. 235
Testing the New File Category ………………………………………………. 237
Hi johnyan,
Could you please share the link for Contents?
Thanks,
Bhagya