Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Safeguard for Sudo 7.3 - Administration Guide

Introducing Safeguard for Sudo Planning Deployment Installation and Configuration Upgrade Safeguard for Sudo System Administration Managing Security Policy Administering Log and Keystroke Files Supported sudo plugins Troubleshooting Safeguard for Sudo Variables Safeguard for Sudo programs Installation Packages Supported Sudoers directives Unsupported Sudo Options Safeguard for Sudo Policy Evaluation

Medium business deployment

The medium business model is suitable for small organizations with relatively few hosts to protect, all of which may be located within a single data center.

This configuration example comprises multiple UNIX/Linux hosts located within the SME space and one or more web servers located in a DMZ.

Multiple policy server components (pmmasterd) are installed in a failover configuration, with groups of plugin hosts balanced between the policy servers. If a policy server is unavailable for any reason, the plugin hosts will failover to the alternative policy server.

Figure 3: Medium business implementation: Minimum 2 Masters and Circa 100 Agents

Large business deployment

This is an example of how a large business might deploy Safeguard for Sudo. Some global companies prefer to fragment their requirement and deploy multiple instances as shown in the medium-sized business model.

This example comprises three policy servers, two are balancing the load of multiple plugin hosts. This may be necessary if there is a high level of audit and/or a significant volume of requested elevated privilege. Further, there is an additional policy server configured as a failover should one or both policy servers become unavailable.

Figure 4: Large business implementation: Minimum 3 Masters and less than 1000 Agents

Installation and Configuration

This is an overview of the steps necessary to set up your environment to use Safeguard for Sudo software:

To configure a primary policy server

  1. Check the server for installation readiness.

  2. Install the Safeguard for Sudo policy server package.

  3. Configure the primary policy server.

  4. Join the primary policy server to policy group.

To configure a secondary policy server

  1. Check the host for installation readiness.

  2. Install the Safeguard for Sudo policy server package.

  3. Configure the secondary policy server.

  4. Join the Sudo Plugin host to the secondary policy server.

To install the Sudo Plugin on a remote host

  1. Check the remote host for installation readiness.

  2. Install the Safeguard for Sudo software on the remote host.

  3. Join the Sudo Plugin host to the policy server.

The following topics walk you through these steps.

Download Safeguard for Sudo software packages

To download the Safeguard for Sudo software packages

  1. Go to https://support.oneidentity.com/safeguard-for-sudo.

  2. On the Product Support - Safeguard for Sudo page, click Software Downloads under Self Service Tools in the left pane.

  3. On the Safeguard for Sudo - Download Software page, click Download to the right of the version to be downloaded.

    For more information about Safeguard for Sudo native platform install packages, see Installation Packages.

  4. Read the License Agreement, select the I have read and accept the agreement option, and click Submit.

  5. Download the relevant package from the web page.

    The Safeguard for Sudo server package includes the PM Agent and the Sudo Plugin components.

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation