Scribd Logo
Upload

Welcome to Scribd!

  • Policies and Platforms

    Uploaded by

    Yan Nurindra
    20 views24 pages
    The document discusses CyberArk PAM (Privileged Account Management) which includes a master policy, platform, and safe components. It describes how CyberArk improves security over direct remote access to privileged accounts by implementing centralized management of credentials, session isolation and monitoring, and threat analytics. Key CyberArk components include the vault server, private ark client, password vault web access, central policy manager, privileged session manager, and privileged threat analytic tools.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses CyberArk PAM (Privileged Account Management) which includes a master policy, platform, and safe components. It describes how CyberArk improves security over direct remote access to privileged accounts by implementing centralized management of credentials, session isolation and monitoring, and threat analytics. Key CyberArk components include the vault server, private ark client, password vault web access, central policy manager, privileged session manager, and privileged threat analytic tools.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    20 views24 pages

    Policies and Platforms

    Uploaded by

    Yan Nurindra
    The document discusses CyberArk PAM (Privileged Account Management) which includes a master policy, platform, and safe components. It describes how CyberArk improves security over direct remote access to privileged accounts by implementing centralized management of credentials, session isolation and monitoring, and threat analytics. Key CyberArk components include the vault server, private ark client, password vault web access, central policy manager, privileged session manager, and privileged threat analytic tools.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 24

    CyberArk PAM

    Policy, Platform, Safe

    Yan Nurindra
    Network Engineer
    Agenda
    • Master Policy
    • Platform
    • Safe
    • After CyberArk
    • Cyberark Component
    • Demo Lab
    Master Policy
    Master Policy
    Master Policy
    Contoh Privileged Account
    Before CyberArk
    Target Server

    Administrator

    Databases Security
    Appliances

    Direct Remote Access :


    - Remote Desktop
    User / Requestor - Putty
    - MSSQL Studio Network
    Servers
    Devices

    Potential Problem :
    • Sharing Credential/Password Need :
    IP + Credential
    • Less controlling / No Tracking activity
    • Password target server managed manually
    • Account unmanage on Target Server
    • Potential Backdoor Account
    After PAM CyberArk
    User Access
    Target Server
    PRIVILEGED ACCOUNTS
    User
    vault encryption Management
    /Requestor

    Databases Security
    Appliances

    Auditor

    Network
    Servers
    Devices

    Approver

    Session isolation,
    monitoring &
    recording Privileged Threat Analytics
    CyberArk Component
    • Vault
    – Vault Server (Private Ark Server)
    – Vault Client (Private Ark Client)

    • Password Vault Web Access


    • Central Policy Manager
    • Privileged Session Manager
    • Privileged Threat Analytic
    Vault Server
    • Menjadi tempat semua data
    disimpan.
    • Berisi log vault (Italog).
    • Data yang disimpan berupa user
    password dan recording.
    • Dibagi ke dalam bagian-bagian yang
    disebut “safe”.
    • Logon menggunakan privateark client.
    • Ada service event notification engine
    PrivateArk Client
    Fungsi Privateark client:
    • Mengakses Vault
    • Kumpulan Safe
    • Membuat Users
    • Membuat Groups
    • Report License Capacity
    Password Vault Web Access
    • Web interface CyberArk
    • Diakses baik oleh user dan
    administrator.
    • Untuk Administrator dapat
    digunakan untuk create safe, edit
    safe, add account, create policy, dsb
    • Generate Report
    Password Vault Web Access
    Central Policy Manager
    • Komponen dalam CyberArk yang dapat mengubah password secara otomatis.
    • CPM dapat men-generate password acak dan mengganti password lama pada
    server.
    Quiz
    • Quiz 1 CyberArk
    Privileged Session Manager
    • Mengamankan, mengontrol, dan memonitor akses server.
    • Record session dan Live session ketika user mengakses ke server.
    Privileged Session Manager
    Privileged Session Manager
    Privileged Threat Analytic
     Menentukan Risk Scoring Untuk setiap Session yang berjalan
     Melakukan suspend, terminate dan resume untuk command tertentu
    Privileged Threat Analytic
    Privileged Threat Analytic
    Lab
    • Login Portal CyberArk University
    • Syarat sudah punya email berca
    • Lab PAM Administrator
    Quiz
    • Quiz 2 CyberArk
    TERIMA KASIH
    SOBAT BERCAONE!

    You might also like