The Safeguard for Privileged Passwords Appliance is built specifically for use only with the Safeguard for Privileged Passwords privileged management software that is already installed and ready for immediate use. It comes hardened to ensure the system is secure at the hardware, operating system, and software levels.
The following two tables list the Safeguard for Privileged Passwords 3000 Appliance and 2000 Appliance specifications and power requirements.
Table 8: 3000 Appliance: Feature specifications
Processor |
Intel Xeon E3-1275v6 3.8 GHz |
# of Processors |
1 |
# of Cores per Processor |
4 cores (8 threads) |
L2/L3 Cache |
8MB L3 Cache |
Chipset |
Intel C236 Chipset |
DIMMs |
Unbuffered ECC UDIMM DDR4 2400MHz |
RAM |
32 GB |
Internal HD Controller |
LSI MegaRAID SAS 9361-4i Single |
Disk Hard Drive |
4 x Seagate 7E2000 2TB SAS 512E |
Availability |
TPM 2.0, EEC Memory, Redundant PSU |
I/O Slots |
x16 PCIe 3.0, x8 PCIe 3.0 |
RAID |
RAID10 |
NIC/LOM |
4 port - dual GbE LAN with Intel i210-AT |
Power Supplies |
Redundant, 700W, Auto Ranging (100v~240V), ACPI compatible |
Fans |
1 Supermicro SNK-P0046P and 2 Micron 16GB 2666MHz 2R ECC Unb Z01B Dual Label |
Chassis |
1U Rack |
Dimensions
(HxWxD) |
43 x 437.0 x 597.0 (mm)
1.7 x 17.2 x 23.5 (in) |
Weight |
Max: 37 lbs (16.78 Kg) |
Table 9: 2000 Appliance: Feature specifications
Processor |
Intel Xeon E3-1275v5 3.60 GHz |
# of Processors |
1 |
# of Cores per Processor |
4 |
L2/L3 Cache |
4 x 256KB L2, 8MB L3 SmartCache |
Chipset |
Intel C236 Chipset |
DIMMs |
DDR4-2400 ECC Unbuffered DIMMs |
RAM |
32GB |
Internal HD Controller |
LSI MegaRAID SAS 9391-4i 12Gbps SAS3 |
Disk |
4 x Seagate EC2.5 1TB SAS 512e |
Availability |
TPM 2.0, EEC Memory, Redundant PSU |
I/O Slots |
x16 PCIe 3.0, x8 PCIe 3.0 |
RAID |
RAID10 |
NIC/LOM |
3 x Intel i210-AT GbE |
Power Supplies |
Redundant, 700W, Auto Ranging (100v~240V), ACPI compatible |
Fans |
4 x 40mm Counter-rotating, Non-hot-swappable |
Chassis |
1U Rack |
Dimensions
(HxWxD) |
43 x 437.0 x 597.0 (mm)
1.7 x 17.2 x 23.5 (in) |
Weight |
Max: 46 lbs (20.9 Kg) |
Miscellaneous |
FIPS Compliant Chassis |
Table 10: 3000 Appliance and 2000 Appliance: Power requirements
Input Voltage |
100-240 Vac |
Frequency |
50-60Hz |
Power Consumption (Watts) |
170.9 |
BTU |
583 |
Safeguard for Privileged Passwords is also available as a virtual appliance and from the cloud.
The front panel of the Safeguard for Privileged Passwords 3000 Appliance and 2000 Appliance contain the following controls for powering on, powering off, and scrolling through the LCD display.
-
Green check mark button: Use the Green check mark button to start the appliance. Press the Green check mark button for NO more than one second to power on the appliance.
|
Caution: Once the Safeguard for Privileged Passwords Appliance is booted, DO NOT press and hold the Green check mark button. Holding this button for four or more seconds will cold reset the power of the appliance and may result in damage. |
-
Red X button: Use the Red X button to shut down the appliance. Press and hold the Red X button for four seconds until the LCD displays POWER OFF.
|
Caution: Once the Safeguard for Privileged Passwords Appliance is booted, DO NOT press and hold the Red X button for more than 13 seconds. This will hard power off the appliance and may result in damage. |
- Down, up, left, and right arrow buttons: When the appliance is running, the LCD home screen displays: Safeguard for Privileged Passwords <version number>. Use the arrow buttons to scroll through the following details:
- Serial: <appliance serial number>
- X0: <appliance IP address>
- MGMT: <management IP address>
- MGMT MAC: <media access control address>
- IPMI: <IP address for IPMI>
Table 11: Appliance LCD and controls
Green check mark button |
Use the Green check mark button to start the appliance. Press the Green check mark button for NO MORE THAN one second to power on the appliance.
|
Caution: Once the Safeguard for Privileged Passwords Appliance is booted, DO NOT press and hold the Green check mark button. Holding this button for four or more seconds will cold reset the power of the appliance and may result in damage. | |
Red X button |
Use the Red X button to shut down the appliance. Press and hold the Red X button for four seconds until the LCD displays POWER OFF.
|
Caution: Once the Safeguard for Privileged Passwords Appliance is booted, DO NOT press and hold the Red X button for more than 13 seconds. This will hard power off the appliance and may result in damage. | |
Down, up, left, and right arrow buttons |
When the appliance is running, the LCD home screen displays:
- Safeguard for Privileged Passwords <version number>
Use the arrow buttons to scroll through the following details:
- Serial: <appliance serial number>
- X0: <appliance IP address>
- MGMT: <management IP address>
- MGMT MAC: <media access control address>
- IPMI: <IP address for IPMI>
|
|
CAUTION: All customers upgrading to Safeguard for Privileged Passwords 7.0 require a new license. For more information, contact Support. |
Hardware appliance
The Safeguard for Privileged Passwords 3000 Appliance and 2000 Appliance ship with the Privileged Passwords module which requires a valid license to enable functionality.
You must install a valid license. Once the module is installed, Safeguard for Privileged Passwords shows a license state of Licensed and is operational. If the module license is not installed, you have limited functionality. That is, even though you will be able to configure access requests, if a Privileged Passwords module license is not installed, you will not be able to request a password release.
Virtual appliance Microsoft Windows licensing
You must license the virtual appliance with a Microsoft Windows license. We recommend using either the MAK or KMS method. Specific questions about licensing should be directed to your Sales Representative. The virtual appliance will not function unless the operating system is properly licensed.
Licensing setup and update
To enter licensing information when you first log in
The first time you log in as the Appliance Administrator, you are prompted to add a license. The Success dialog displays when the license is added.
On the virtual appliance, the license is added as part of Initial Setup.
IMPORTANT: After successfully adding a license, the Software Transaction Agreement will be displayed and must be read and accepted in order to use Safeguard for Privileged Passwords.
To configure reminders for license expiration
To avoid disruptions in the use of Safeguard for Privileged Passwords, the Appliance Administrator must configure the SMTP server, and define email templates for the License Expired and the License Expiring Soon event types. This ensures you will be notified of an approaching expiration date.
Users are instructed to contact their Appliance Administrator if they get an "appliance is unlicensed" notification.
As an Appliance Administrator, if you receive a "license expiring" notification, apply a new license.
To update the licensing file
Licensing update is only available using a virtual machine, not via the hardware.
To perform licensing activities
Go to the licensing page:
- Navigate to Appliance | Licensing.
- To upload a new license file, click Upload new license file and browse to select the current license file. The Software Transaction Agreement will also be displayed during this process and must be read and accepted in order to complete the licensing process.
- To remove the license file, select the license and click Remove selected license.
|
CAUTION: For customers upgrading to 7.0 from a previous Safeguard for Privileged Passwords release, be aware the following changes are required prior to upgrading:
|
The Safeguard for Privileged Passwords 3000 and 2000 Appliances are built specifically for use only with the Safeguard for Privileged Passwords privileged management software, which is pre-installed and ready for immediate use on the hardened appliances.
Safeguard for Privileged Passwords virtual appliances and cloud applications are also available.
To set up a new deployment: 3000 Appliance, 2000 Appliance, Virtual Machine, or Cloud
If this is a new physical appliance, virtual machine, or cloud deployment, see the Safeguard for Privileged Passwords Appliance Setup Guide. The guide is also included in the package with a physical appliance.
To update an existing physical appliance or virtual appliance with this patch
It is the responsibility of the Appliance Administrator to upgrade Safeguard for Privileged Passwords by installing an update file (patch). Consider the following:
- Minimum patch version: 6.0.0.12276. If you are running an earlier version of the Safeguard for Privileged Passwords Appliance, you must upgrade to this version before applying the 7.0 patch.
- Clustered environment: See the Patching cluster members section in the Safeguard for Privileged Passwords Administration Guide for instructions on how to deploy a patch so all appliances in the cluster are on the same version.
Prepare to install a patch
- Backup your appliance before you install a patch. Once you install a patch, you cannot uninstall it. See the Safeguard for Privileged Passwords Administration Guide, Backup and restore topic.
-
Download the latest physical appliance patch or virtual appliance patch from the One Identity Support Portal:
https://support.oneidentity.com/one-identity-safeguard-for-privileged-passwords/download-new-releases
To install the hardware patch
- As an Appliance Administrator, log in to the Safeguard for Privileged Passwords client.
-
Select Appliance Management | Appliance | Patch Updates.
The current appliance and client versions are displayed.
-
Click Upload a File and browse to select the update file you downloaded from the One Identity support web site.
NOTE: When you select a file, Safeguard for Privileged Passwords uploads it to the server, but does not install it.
- Once the file has successfully uploaded, click Install Now.
To install the virtual machine patch
- Make adequate resources available. The virtual appliances default deploy does not provide adequate resources. The minimum resources required are: 4 CPUs, 10GB RAM, and a 500GB disk. Without adequate disk space, the patch will fail and you will need to expand disk space then re-upload the patch.
- Go to the web management console and click Setup and follow the wizard.