Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 7.4.1 - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home page Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Global Services External Integration Real-Time Reports Safeguard Access Appliance Management Settings
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms Importing objects
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings
User Management Reports Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions

SNMP

Simple Network Management Protocol (SNMP) is an Internet-standard protocol for managing devices on IP networks. One Identity Safeguard for Privileged Passwords allows you to configure SNMP subscriptions for sending SNMP traps to your SNMP console when certain events occur.

Go to SNMP:

  • web client: Navigate to External Integration > SNMP.

The SNMP pane displays the following about the SNMP subscribers defined.

Table 52: SNMP: Properties
Property Description
Network Address The IP address or FQDN of the primary SNMP network server.
Port The UDP port number for SNMP traps.
Version The SNMP version being used.
Description The description of the SNMP subscriber.
Community The SNMP community string being used by the SNMP subscriber.

Authentication Type

The type of authentication.

Encryption Type

The type of encryption.

# of Events The number of events selected to be sent to the SNMP console.

Use these toolbar buttons to manage the SNMP subscriptions.

Table 53: SNMP: Toolbar
Option Description
Add Add a new SNMP subscription. For more information, see Configuring SNMP subscriptions..
Remove

Remove the selected SNMP subscription.

Edit Modify the selected SNMP subscription.
Copy SNMP Template Clone the selected SNMP subscription.
Refresh Update the list of SNMP subscriptions.

Configuring SNMP subscriptions

It is the responsibility of the Appliance Administrator to configure SPP to send SNMP traps to your SNMP console when certain events occur.

You can create a test to verify the SNMP configuration. For more information, see Verifying SNMP configuration..

To download SPP MIB-module definitions from your appliance, enter the following URL into your web browser; no authentication is required:

https://<Appliance IP address>/docs/mib/SAFEGUARD-MIB.mib

To configure SNMP subscriptions

  1. Go to SNMP:
    • web client: Navigate to External Integration > SNMP.
  2. Click Add to open the SNMP subscription configuration dialog.
  3. Provide the following information:
    • Network Address: Enter the IP address or FQDN of the primary SNMP network server. Limit: 255 characters
    • UDP Port: Enter the UDP port number for SNMP traps. Default: 162
    • Description: Enter the description of the SNMP subscriber. Limit: 255 characters
    • Subscribe to All Events: Select this check box to subscribe to all events.
    • Events: Available when Subscribe to All Events is not selected, click Browse to select one or more SNMP event types. Use the Clear icon to remove an individual event from this list and select Remove All to clear all events from the list. The SNMP pane displays the number of events that you select, not the names of the events.
    • Version: Choose the SNMP version. Default: Version 2c. Depending on the version selected, the following fields appear:
      • Version 1 and Version 2c:
        • Community: Enter the SNMP community string, such as public. The SNMP community string is like a user ID, password that allows access to a device's statistics, such as a router. A PRTG Network Monitor sends the community string along with all SNMP requests. If the community string is correct, the device responds with the requested information. If the community string is incorrect, the device simply discards the request and does not respond.
      • Version 3:
        1. Engine ID: Enter the Engine ID that is used as a unique identifier for SNMPv3 entities.
        2. Authentication User Name: Enter the user name that will be used to establish a connection.
        3. Authentication Type: Select the type of authentication to use: None (if selected there is no additional configuration required), MD5, or SHA1.
        4. Authentication Password: Enter the password associated with the user entered in the Authentication User Name field.
        5. Encryption Type: Select the type of encryption: None (if selected there is no additional configuration required), DES, AES128, AES192, AES256, or TripleDES.
        6. Encryption Password: Enter the password associated with the selected Encryption Type.
  4. Click OK.

Verifying SNMP configuration

Use the Send Test Event link located under the SNMP table to send a test event to verify the SNMP configurations.

To validate your setup

  1. Go to SNMP:
    • web client: Navigate to External Integration > SNMP.
  2. When configuring your SNMP subscription, on the SNMP dialog, add the test event to your event subscription. For more information, see Configuring SNMP subscriptions..
  3. On the SNMP settings pane:
    1. Select the SNMP configuration from the table.
    2. Click Send Test Event. SPP sends a test event notification to your SNMP console.

Starling

SPP can join with the cloud platform One Identity Starling. By joining with One Identity Starling, SPP customers can take advantage of companion features from multiple Starling services. In addition, once SPP has joined with Starling, a Starling Identity and Authentication provider will automatically be added to Safeguard. However, there won't be any users or groups available until an administrator adds a Microsoft Azure Active Directory tenant to their Starling organization via the Directories settings page in Starling. For more information, see the following sections:

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating