Chat now with support
Chat mit Support

One Identity Safeguard for Privileged Sessions 7.0.4 LTS - Installation Guide

One Identity Safeguard for Privileged Sessions (SPS) Appliance 3000

Unit: 1 U

Drive Bays: 8 x 2.5

Redundant PSU: Yes

NIC: 4 x 1GBase-T Ethernet ports

IPMI: version 2.0

CPU: Intel Xeon E3-1275 v6 3.80GHz

Memory: 2x 16GB

HDD: 4x 2TB

RAID: LSI MegaRAID SAS 9361-4i

RAID Type: RAID 5

Usable Storage: 6TB

Chassis (W x H x D): 17.2" x 1.7" x 23.5" (437 x 43 x 650 mm)

Weight: 35 lbs (15.9kg)

Wattage IDLE / LOAD: N/A

Electrical: 500W Redundant AC-DC Power Supplies

Operating Temperature: 5°C to 35°C (41°F to 95°F)

Non-operating Temperature: -40°C to 60°C (-40°F to 140°F)

Humidity Range: 8% to 90% (non-condensing)

Non-operating Humidity: 5% to 95% (non-condensing)

Compliant to: CE, cCSAus, FCC, VCCI-A

Link to manufacturer documentation

List of appliance ports

  1. Redundant power supplies

  2. Serial port

  3. 2x USB ports

  4. 2x USB ports

  5. 2x RJ45 GbE Ethernet ports

  6. VGA port

  7. 4 x 1GBase-T Ethernet ports

  8. Dedicated IPMI LAN port

Front view of the appliance

  1. Power On/Off

  2. No information is displayed on this LCD screen. If it lights up when the power is turned on, the device is working properly.

  3. These buttons (with the exception of the Power button) have no function and are for display only on this device. If they light up when the power is turned on, the device is working properly.

One Identity Safeguard for Privileged Sessions (SPS) Appliance 3500

Unit: 1 U

Drive Bays: 10 x 2.5

Redundant PSU: Yes

NIC:

  • 2 x 1GBase-T Ethernet ports

  • 2 x 10GBase-T Ethernet ports

IPMI: version 2.0

CPU: 2 x Intel Xeon Silver 4110 2.1 Ghz

Memory: 8 x 8GB

HDD: 8 x 2TB + 1 HotSpare

RAID:

  • LSI Avago CacheVault Power Module 02 (CVPM02) Kit
  • 1 x Broadcom MegaRAID SAS 9361-16i +

RAID Type: RAID 50

Usable Storage: 12 TB

Chassis (W x H x D): 17.2" x 1.7" x 28.5" (437 x 43 x 724 mm)

Weight: 41 lbs (18.6kg)

Wattage IDLE / LOAD: N/A

Electrical: 750W Redundant AC-DC Power Supplies

Operating Temperature: 10°C to 35°C (50°F ~ 95°F)

Non-operating Temperature: -40°C to 60°C (-40°F to 140°F)

Humidity Range: 8% to 90% (non-condensing)

Non-operating Humidity: 5% to 95% (non-condensing)

Compliant to: CE, cCSAus, FCC, VCCI-A

Link to manufacturer documentation

NOTE:The One Identity Safeguard for Privileged Sessions (SPS) Appliance 3500 is equipped with a dual-port 10Gbit interface. This interface has SFP+ connectors (not RJ-45) labeled A and B, and can be found right of the Label 1 and 2 Ethernet interfaces. If you want faster communication, for example, in case of high data load, you can connect up to two 10G SFP+ transceivers. These transceivers are not shipped with the original package and have to be purchased separately.

List of appliance ports

  1. Redundant power supplies

  2. 2x RJ45 10GbE Ethernet ports

  3. 2x 3.0 USB ports

  4. Dedicated IPMI LAN port

  5. Serial port

  6. VGA port

  7. 2 x 1GBase-T Ethernet ports

  8. 2x SFP+ 10GbE ports

One Identity Safeguard for Privileged Sessions Software Installation Guide

This document describes how to install the One Identity Safeguard for Privileged Sessions (SPS) software on a certified hardware. The list of certified hardware is available at One Identity.

Note that installing and reinstalling SPS can take a long time, especially for a HA cluster. There are no supported workarounds for reducing the necessary downtime. One Identity recommends testing SPS in a virtual environment, and using physical hardware only for verifying HA functionality and measuring performance.

Installing the SPS software

The following describes how to install a new SPS on a server.

Prerequisites:

When installing SPS on a physical hardware, make sure that you use a One Identity-supported appliance, and that every hard disk required for the particular appliance is inserted. Installing SPS without the required number of hard disks can cause erroneous behavior.

To install a new SPS on a server

  1. Login to your support portal and download the latest One Identity Safeguard for Privileged Sessions installation ISO file. Note that you need to have partner access to download One Identity Safeguard for Privileged Sessions ISO files. If you are a partner but do not see the ISO files, you can request partner access within support portal.

  2. Mount the ISO image, or burn it to a CD-ROM.

  3. Connect your computer to the IPMI interface of SPS. For details, see the following documents:

    For Safeguard Sessions Appliance 3000 and 3500, see the X9 SMT IPMI User's Guide.

  4. Power on the server.

  5. Login to the IPMI web interface, and boot the One Identity Safeguard for Privileged Sessions installation CD on the server using a virtual CD-ROM. For details, see the following documents:

    For Safeguard Sessions Appliance 3000 and 3500, see the X9 SMT IPMI User's Guide.

  6. When the One Identity Safeguard for Privileged Sessions installer starts, select Installer, press Enter, and wait until the server finishes the boot process.

    TIP: For testing purposes, you can speed up installation at the expense of slowing down RAID synchronization. Add the following kernel parameter to Installer in GRUB:

    lazy_itable_init=true

    This option defers full filesystem initialization, requiring the kernel to finish it during RAID synchronization, which slows that process down considerably. This is not recommended in a production environment.

  7. Installing SPS will completely delete the contents of the hard disks. If you want to proceed installing SPS, enterYESto start the installation process. Depending on the size of the disks, the installation process takes from a few minutes to an hour to complete.

    Caution:

    Hazard of data loss All data on the disks will be deleted.

  8. The installer displays the following message: Waiting for RAID sync..., and starts to synchronize the disks of SPS.

    • You are recommended to wait until the synchronization finishes. RAID synchronization is a two-step process, the progress of the active step is indicated on the progress bar. Wait until both steps are completed. Note that this synchronization takes several hours, depending on the size of the hard disks (about 8 hours on the average).

    • To skip the RAID synchronization, pressCtrl+Alt+Deleteto reboot SPS. Note that the system will automatically perform the synchronization after the first boot, but in this case the process will take several days.

  9. When the installation is finished, the Installation finished successfully message is displayed. Unmount the installation media, then press Ctrl+Alt+Delete to reboot SPS. Wait until the system reboots and displays the IP address it accepts management connections on.

  10. If you are installing the slave node of a SPS cluster, skip this step. Enter the IP address displayed in the previous step into your browser and verify that the Welcome Wizard of the One Identity Safeguard for Privileged Sessions is available. (If you have to create an alias IP address for your computer that falls into the 192.168.1.0/24 subnet (for example 192.168.1.10), see "The initial connection to One Identity Safeguard for Privileged Sessions (SPS)" in the Administration Guide.)

    NOTE: For details on the supported web browsers and operating systems, see "Supported web browsers and operating systems" in the Administration Guide.

    Figure 1: The Welcome Wizard

  11. Power off the system.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen