Web client system requirements
Web management console system requirements
| Component | Requirements | ||
|---|---|---|---|
| Web management console |
Desktop browsers:
The web management console is implemented for modern web browser technology, using:
|
Supported platforms
One Identity Safeguard for Privileged Passwords supports a variety of platforms, including custom platforms.
Safeguard for Privileged Passwords tested platforms
The following table lists the platforms and versions that have been tested for Safeguard for Privileged Passwords (SPP). Additional assets may be added to Safeguard for Privileged Passwords. If you do not see a particular platform listed when adding an asset, use the "Other" or "Other Linux" option on the Management tab of the Asset dialog.
SPP joined to SPS: Sessions platforms
When Safeguard for Privileged Passwords (SPP) is joined with a Safeguard for Privileged Sessions (SPS) appliance, platforms are supported that use one of these protocols:
• SPP 2.8 or lower: RDP, SSH
• SPP 2.9 or higher: RDP, SSH, or Telnet.
Some platforms may support more than one protocol. For example, a Linux (or Linux variation) platform supports both SSH and Telnet protocols.
For the embedded sessions module, platforms that support RDP and SSH protocols are generally supported.
| Platform | Version | Architecture (all versions unless noted) |
SPP |
SPS |
|---|---|---|---|---|
|
ACF2 - Mainframe |
r14, r15 |
zSeries |
True |
True |
|
ACF2 - Mainframe LDAP |
r14, r15 |
zSeries |
True |
False |
|
Active Directory |
|
|
True |
False |
|
AIX |
6.1, 7.1, 7.2 |
PPC |
True |
True |
|
Amazon Linux |
2 |
x86_64 |
True |
True |
|
Amazon Web Services (AWS) |
1 |
True |
False | |
| CentOS Linux |
6 7 |
(ver 6) x86, x86_64 (ver 7) x86_64 |
True |
True |
|
Cisco ASA |
7.x, 8.x |
|
True |
True |
| Cisco IOS | 12.X, 15.X |
True |
True | |
|
Debian GNU/Linux |
6, 7, 8, 9 |
x86, x86_64, MIPS, PPC, zSeries |
True |
True |
|
Dell iDRAC |
7, 8 |
True |
True | |
|
ESXi (VSphere) |
5.5, 6.0, 6.5, 6.7 |
|
True |
False |
|
F5 Big-IP |
12.1.2, 13.0, 14.0 |
True |
True | |
|
Facebook (deprecated) |
True |
False | ||
|
Fedora |
21, 22, 23, 24, 25, 26, 27, 28, 29, 30 |
x86, x86_64 |
True |
True |
|
Fortinet FortiOS |
5.2, 5.6 |
True |
True | |
|
FreeBSD |
10.4, 11.1, 11.2 |
x86, x86_64 |
True |
True |
|
HP iLO |
2, 3, 4 |
x86 |
True |
True |
|
HP iLO MP |
2, 3 |
IA-64 |
True |
True |
|
HP-UX |
11iv2 (B.11.23), |
PA-RISC, IA-64 |
True |
True |
|
IBM i |
7.1, 7.2, 7.3 |
PPC |
True |
True |
|
Junos - Juniper Networks |
12, 13, 14, 15 |
True |
True | |
|
macOS |
10.9, 10.10, 10.11, 10.12, 10.13 |
x86_64 |
True |
True |
|
MongoDB |
3.4, 3.6, 4.0 |
True |
False | |
|
MySQL |
5.6, 5.7 |
True |
False | |
|
OpenLDAP |
2.4 |
|
True |
False |
|
Oracle |
11g Release 2, 12c Release 1 |
True |
False | |
|
Oracle Linux (OEL) |
6 7 |
(ver 6) x86, x86_64 (ver 7) x86_64 |
True |
True |
|
Other |
|
|
False |
False |
|
Other Linux |
|
|
True |
True |
|
PAN-OS |
6.0, 7.0, 8.0, 8.1 |
True |
True | |
|
PostgreSQL |
9.6, 10.2, 10.3, 10.4, 10.5 |
|
True |
False |
|
RACF - Mainframe |
z/OS V2.1 Security Server, |
zSeries |
True |
True |
|
RACF - Mainframe LDAP |
z/OS V2.1 Security Server, z/OS V2.2 Security Server |
zSeries |
True |
False |
|
Red Hat Enterprise Linux (RHEL) |
6, 7, 8 |
(ver 6) x86, x86_64, PPC, zSeries (ver 7 and 8) x86, x86_64, PPC, zSeries |
True |
True |
|
SAP HANA |
2.0 |
Other |
True |
False |
|
SAP Netweaver Application Server |
7.3, 7.4, 7.5 |
True |
False | |
|
Solaris |
10, 11 |
(ver 10) SPARC, x86, x86_64 (ver 11) SPARC, x86_64 |
True |
True |
|
SonicOS |
5.9, 6.2 |
True |
False | |
|
SonicWALL SMA or CMS |
11.3.0 |
True |
False | |
|
SQL Server |
2012, 2014, 2016 |
True |
False | |
|
SUSE Linux Enterprise Server (SLES) |
11 12 |
(ver 11) x86, x86_64, PPC, zSeries, IA-64 (ver 12) x86_64, PPC, zSeries |
True |
True |
|
Sybase (Adaptive Server Enterprise) |
15.7, 16 |
True |
False | |
|
Top Secret - Mainframe |
r14, r15 |
zSeries |
True |
True |
|
Top Secret - Mainframe LDAP |
r14, r15 |
zSeries |
True |
False |
|
Twitter (deprecated) |
True |
False | ||
|
Ubuntu |
14.04 LTS, 15.04, 15.10, 16.04 LTS, 16.10, 17.04, 17.10, 18.04 LTS, 18.10, 19.04 |
x86, x86_64 |
True |
True |
|
Windows |
Vista, 7, 8, 8.1, 10 Enterprise (including LTSC and loT). |
True |
True | |
|
Windows Server |
2008, 2008 R2, 2012, 2012 R2, 2016, 2019 |
True |
True |
| Platform | Version |
|---|---|
|
Microsoft Active Directory |
Windows 2008+ DFL/FFL |
|
OpenLDAP |
2.4 |
Custom platforms
The following example platform scripts are available:
- Custom HTTP
- Linux SSH
- Telnet
- TN3270 transports are available
For more information, see Safeguard for Privileged Passwords Administration Guide,
|
|
CAUTION: Facebook and Twitter functionality has been deprecated. Refer to the custom platform open source script provided on GitHub. Facebook and Twitter platforms will be remove in a future release. |
Sample custom platform scripts and command details are available at the following links available from the Safeguard Custom Platform Home wiki on GitHub:
-
Command-Reference:
https://github.com/OneIdentity/SafeguardCustomPlatform/wiki/Command-Reference
-
Writing a custom platform script:
https://github.com/OneIdentity/SafeguardCustomPlatform/wiki/WritingACustomPlatformScript
-
Example platform scripts are available at this location:
https://github.com/OneIdentity/SafeguardCustomPlatform/tree/master/SampleScripts
|
|
CAUTION: Example scripts are provided for information only. Updates, error checking, and testing are required before using them in production. Safeguard for Privileged Passwords checks to ensure the values match the type of the property which include: a string, boolean, integer, or password (which is called secret in the API scripts). Safeguard for Privileged Passwords cannot check the validity or system impact of values entered for custom platforms. |
Product licensing
One Identity Safeguard for Privileged Passwords is made up of a core set of features, such as the UI and Web Services layers, and a number of modules.
Hardware appliance
The One Identity Safeguard for Privileged Passwords 2000 Appliance ships with the following module which requires a valid license to enable functionality:
- Privileged Passwords
- Privileged Sessions
You must install a valid license for each Safeguard for Privileged Passwords module to operate. More specifically, if any module is installed, Safeguard for Privileged Passwords will show a license state of Licensed and is operational. However, depending on which models are licensed, you will see limited functionality. That is, even though you will be able to configure access requests:
- If a Privileged Passwords module license is not installed, you will not be able to request a password release.
- If a Privileged Sessions module license is not installed, you will not be able to initiate a session access request from the embedded sessions module.
Virtual appliance licensing
The Safeguard for Privileged Passwords virtual appliance requires a valid Microsoft Volume License Agreement that includes licensing for Windows 10 Enterprise. Privileged sessions is available via a join to Safeguard for Privileged Sessions.
The virtual appliance will not function unless the operating system is properly licensed.
License expiration notice
As an Appliance Administrator:
- If you receive a "license expiring" notification, apply a new license using that module's Update License link in Administrative Tools | Settings | Appliance | Licensing.
- If all licensed modules have expired, you will be prompted to add a new license when logging into the Safeguard for Privileged Passwords desktop client.
- If only one of the licensed modules have expired, apply a new module license by clicking
in Administrative Tools | Settings | Appliance | Licensing.
As a Safeguard for Privileged Passwords user, if you get an "appliance is unlicensed" notification, contact your Appliance Administrator.
For more information on adding or updating a Safeguard for Privileged Passwords license, see Licensing.