Component | Requirements | ||
---|---|---|---|
Web management console |
Desktop browsers:
The web management console is implemented for modern web browser technology, using:
|
One Identity Safeguard for Privileged Passwords supports a variety of platforms, including custom platforms.
The following table lists the platforms and versions that have been tested for Safeguard for Privileged Passwords (SPP). Additional assets may be added to Safeguard for Privileged Passwords. If you do not see a particular platform listed when adding an asset, use the "Other" or "Other Linux" option on the Management tab of the Asset dialog.
When Safeguard for Privileged Passwords (SPP) is joined with a Safeguard for Privileged Sessions (SPS) appliance, platforms are supported that use one of these protocols:
• SPP 2.8 or lower: RDP, SSH
• SPP 2.9 or higher: RDP, SSH, or Telnet.
Some platforms may support more than one protocol. For example, a Linux (or Linux variation) platform supports both SSH and Telnet protocols.
For the embedded sessions module, platforms that support RDP and SSH protocols are generally supported.
Platform | Version | Architecture (all versions unless noted) |
SPP |
SPS |
---|---|---|---|---|
ACF2 - Mainframe |
r14, r15 |
zSeries |
True |
True |
ACF2 - Mainframe LDAP |
r14, r15 |
zSeries |
True |
False |
Active Directory |
|
|
True |
False |
AIX |
6.1, 7.1, 7.2 |
PPC |
True |
True |
Amazon Linux |
2 |
x86_64 |
True |
True |
Amazon Web Services (AWS) |
1 |
True |
False | |
CentOS Linux |
6 7 |
(ver 6) x86, x86_64 (ver 7) x86_64 |
True |
True |
Cisco ASA |
7.x, 8.x |
|
True |
True |
Cisco IOS | 12.X, 15.X |
True |
True | |
Debian GNU/Linux |
6, 7, 8, 9 |
x86, x86_64, MIPS, PPC, zSeries |
True |
True |
Dell iDRAC |
7, 8 |
True |
True | |
ESXi (VSphere) |
5.5, 6.0, 6.5, 6.7 |
|
True |
False |
F5 Big-IP |
12.1.2, 13.0, 14.0 |
True |
True | |
Facebook (deprecated) |
True |
False | ||
Fedora |
21, 22, 23, 24, 25, 26, 27, 28, 29, 30 |
x86, x86_64 |
True |
True |
Fortinet FortiOS |
5.2, 5.6 |
True |
True | |
FreeBSD |
10.4, 11.1, 11.2 |
x86, x86_64 |
True |
True |
HP iLO |
2, 3, 4 |
x86 |
True |
True |
HP iLO MP |
2, 3 |
IA-64 |
True |
True |
HP-UX |
11iv2 (B.11.23), |
PA-RISC, IA-64 |
True |
True |
IBM i |
7.1, 7.2, 7.3 |
PPC |
True |
True |
Junos - Juniper Networks |
12, 13, 14, 15 |
True |
True | |
macOS |
10.9, 10.10, 10.11, 10.12, 10.13 |
x86_64 |
True |
True |
MongoDB |
3.4, 3.6, 4.0 |
True |
False | |
MySQL |
5.6, 5.7 |
True |
False | |
OpenLDAP |
2.4 |
|
True |
False |
Oracle |
11g Release 2, 12c Release 1 |
True |
False | |
Oracle Linux (OEL) |
6 7 |
(ver 6) x86, x86_64 (ver 7) x86_64 |
True |
True |
Other |
|
|
False |
False |
Other Linux |
|
|
True |
True |
PAN-OS |
6.0, 7.0, 8.0, 8.1 |
True |
True | |
PostgreSQL |
9.6, 10.2, 10.3, 10.4, 10.5 |
|
True |
False |
RACF - Mainframe |
z/OS V2.1 Security Server, |
zSeries |
True |
True |
RACF - Mainframe LDAP |
z/OS V2.1 Security Server, z/OS V2.2 Security Server |
zSeries |
True |
False |
Red Hat Enterprise Linux (RHEL) |
6, 7, 8 |
(ver 6) x86, x86_64, PPC, zSeries (ver 7 and 8) x86, x86_64, PPC, zSeries |
True |
True |
SAP HANA |
2.0 |
Other |
True |
False |
SAP Netweaver Application Server |
7.3, 7.4, 7.5 |
True |
False | |
Solaris |
10, 11 |
(ver 10) SPARC, x86, x86_64 (ver 11) SPARC, x86_64 |
True |
True |
SonicOS |
5.9, 6.2 |
True |
False | |
SonicWALL SMA or CMS |
11.3.0 |
True |
False | |
SQL Server |
2012, 2014, 2016 |
True |
False | |
SUSE Linux Enterprise Server (SLES) |
11 12 |
(ver 11) x86, x86_64, PPC, zSeries, IA-64 (ver 12) x86_64, PPC, zSeries |
True |
True |
Sybase (Adaptive Server Enterprise) |
15.7, 16 |
True |
False | |
Top Secret - Mainframe |
r14, r15 |
zSeries |
True |
True |
Top Secret - Mainframe LDAP |
r14, r15 |
zSeries |
True |
False |
Twitter (deprecated) |
True |
False | ||
Ubuntu |
14.04 LTS, 15.04, 15.10, 16.04 LTS, 16.10, 17.04, 17.10, 18.04 LTS, 18.10, 19.04 |
x86, x86_64 |
True |
True |
Windows |
Vista, 7, 8, 8.1, 10 Enterprise (including LTSC and loT). |
True |
True | |
Windows Server |
2008, 2008 R2, 2012, 2012 R2, 2016, 2019 |
True |
True |
Platform | Version |
---|---|
Microsoft Active Directory |
Windows 2008+ DFL/FFL |
OpenLDAP |
2.4 |
The following example platform scripts are available:
For more information, see Safeguard for Privileged Passwords Administration Guide,
|
CAUTION: Facebook and Twitter functionality has been deprecated. Refer to the custom platform open source script provided on GitHub. Facebook and Twitter platforms will be remove in a future release. |
Sample custom platform scripts and command details are available at the following links available from the Safeguard Custom Platform Home wiki on GitHub:
Command-Reference:
https://github.com/OneIdentity/SafeguardCustomPlatform/wiki/Command-Reference
Writing a custom platform script:
https://github.com/OneIdentity/SafeguardCustomPlatform/wiki/WritingACustomPlatformScript
Example platform scripts are available at this location:
https://github.com/OneIdentity/SafeguardCustomPlatform/tree/master/SampleScripts
|
CAUTION: Example scripts are provided for information only. Updates, error checking, and testing are required before using them in production. Safeguard for Privileged Passwords checks to ensure the values match the type of the property which include: a string, boolean, integer, or password (which is called secret in the API scripts). Safeguard for Privileged Passwords cannot check the validity or system impact of values entered for custom platforms. |
One Identity Safeguard for Privileged Passwords is made up of a core set of features, such as the UI and Web Services layers, and a number of modules.
The One Identity Safeguard for Privileged Passwords 2000 Appliance ships with the following module which requires a valid license to enable functionality:
You must install a valid license for each Safeguard for Privileged Passwords module to operate. More specifically, if any module is installed, Safeguard for Privileged Passwords will show a license state of Licensed and is operational. However, depending on which models are licensed, you will see limited functionality. That is, even though you will be able to configure access requests:
The Safeguard for Privileged Passwords virtual appliance requires a valid Microsoft Volume License Agreement that includes licensing for Windows 10 Enterprise. Privileged sessions is available via a join to Safeguard for Privileged Sessions.
The virtual appliance will not function unless the operating system is properly licensed.
As an Appliance Administrator:
As a Safeguard for Privileged Passwords user, if you get an "appliance is unlicensed" notification, contact your Appliance Administrator.
For more information on adding or updating a Safeguard for Privileged Passwords license, see Licensing.
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy