Chat now with support
Chat mit Support

One Identity Safeguard for Privileged Passwords 7.5.x - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home page Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Global Services External Integration Real-Time Reports Safeguard Access Appliance Management Settings
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms Importing objects
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings
User Management Reports Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions

Asset Discovery job workflow

You can configure, schedule, test, and run Asset Discovery jobs. After the job has run, you can select whether to manage the asset. You can also view information about the Asset Discovery jobs that have run.

Asset Discovery job workflow

  1. Create an Asset Discovery job. For more information, see Adding an Asset Discovery job..
  2. After you save the Asset Discovery job, you can test it by selecting Run Now. For more information, see Asset Discovery..
  3. After the Asset Discovery job runs, select the asset discovery job and click View Details. For more information, see Asset Discovery Results..

  4. To control management of an asset, navigate to Asset Management > Assets, select the asset, and choose one of these context menu options.

    Enable

    Select Enable to have SPP manage a disabled asset. This option is only available for assets that have been disabled.

    Disable

    Select Disable to prevent SPP from managing the selected asset. When you disable an asset, SPP disables it and removes all associated accounts. If you choose to manage the asset later, SPP re-enables all the associated accounts.

  5. On Asset Management > Assets, you can show or hide assets marked as disabled, use the following buttons. For more information, see Assets..
    Show Disabled Display the disabled assets.
    Hide Disabled Hide assets marked as disabled.
  6. Search the Activity Center for information about discovery jobs that have run. SPP lists the Asset Discovery events in the Asset Discovery Activity category.

Adding an Asset Discovery job

You can add a new Asset Discovery job.

To add an asset discovery job

  1. Navigate to Asset Management > Discovery.
  2. Open the Assets tab.
  3. Click New Asset Discovery Job to create a new Asset Discovery job.
  4. In the New Asset Discovery Job dialog, provide information for the discovery job on the following tabs:
    General tab (asset discovery)

    Where you add general information about the discovery job and identify which partition you want SPP to add the assets it discovers.

    Information tab (asset discovery)

    Where you select the directory and set the search location.

    Asset Discovery Rules tab (asset discovery)

    Where you define the search constraints and conditions, add tags, and choose the profile you want to govern the discovered assets.

    Schedule tab (asset discovery)

    Where you configure the schedule for the discovery job.

    After you save the discovery job, you can modify or run it using the Asset Discovery toolbar. For more information, see Asset Discovery.

General tab (asset discovery)

Navigate to:

  • web client: Asset Management > Discovery > Assets > (add or edit a Asset Discovery job).

On the General tab, supply general information about the Asset Discovery job and identify the partition where you want SPP to add the assets it discovers.

Table 132: Discovery: General properties
Property Description
Name

Enter a name for the Asset Discovery job.

Limit: 50 characters

Description

Enter information about this Asset Discovery job.

Limit: 255 characters

Partition

Use Browse to select the partition in which to manage the discovered assets. You can also add a new partition from the Partitions dialog (accessed via the Browse button) by clicking Create New.

IMPORTANT: You cannot change the partition after you save this discovery job.

Information tab (asset discovery)

Navigate to:

  • web client: Asset Management > Discovery > Assets > (add or edit a Asset Discovery job).

On the Information tab, define the directory or network information for the discovery job.

Table 133: Discovery Type
Property Description
Discovery Type

Choose a type of discovery:

  • Asset

  • Directory

  • Network

  • StarlingAgent

If you select Directory, directory assets that are shared can be discovered into any partition. Directories include Active Directory or LDAP. See Directories that can be searched in Supported platforms.

To share a directory asset, select Available for discovery across all partitions for the asset; see Management tab (add asset). If the check box is not selected, the asset is not shared and the asset will only be discovered into the partitions to which the directory asset is assigned.

Table 134: Discovery: Information properties for Asset scans
Property Description

ESX Host (RegEx)

Enter a value to limit the search to selected ESX hosts that match this regular expression.

NOTE: This is only supported for the VCenter platform.

Asset

Select an asset in the current partition to run the Asset Discovery job. An asset is only available for selection if the platform supports Local Asset Discovery.

Ignore If Not Running

Select this check box to limit the search to virtual machines that are currently running.

Table 135: Discovery: Information properties for Directory scans
Property Description
Directory

Select the Directory on which to run the Asset Discovery job.

Table 136: Discovery: Information properties for Network scans
Property Description
Enable OS Detection

This check box is selected by default, indicating that OS fingerprinting is to be used to detect the operation system being used. Clear this check box if you do not want to use the OS fingerprinting process.

Starting IP Address

Enter a starting IPv4 address. All IPv4 addresses between this IPv4 address and the IPv4 address entered in the Ending IP Address field will be included in the discovery.

NOTE: IPv6 scans are not supported.

Ending IP Address

Enter an ending IPv4 address. All IPv4 addresses between this IPv4 address and the IPv4 address entered in the Starting IP Address field will be included in the discovery.

NOTE: IPv6 scans are not supported.

Exclude IP

SPP allows you to exclude an IP address within a specified IPv4 range from the scan.

Click  Add to exclude an IP address from the scan.

Click  Delete to remove the corresponding excluded IPv4 address and include that IP address in the scan.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen