Chat now with support
Chat with Support

One Identity Safeguard for Privileged Sessions 6.1.0 - Administration Guide

Preface Introduction The concepts of One Identity Safeguard for Privileged Sessions (SPS) The Welcome Wizard and the first login Basic settings
Supported web browsers and operating systems The structure of the web interface Network settings Configuring date and time System logging, SNMP and e-mail alerts Configuring system monitoring on SPS Data and configuration backups Archiving and cleanup Forwarding data to third-party systems Joining to One Identity Starling
User management and access control Managing One Identity Safeguard for Privileged Sessions (SPS)
Controlling One Identity Safeguard for Privileged Sessions (SPS): reboot, shutdown Managing Safeguard for Privileged Sessions (SPS) clusters Managing a High Availability One Identity Safeguard for Privileged Sessions (SPS) cluster Upgrading One Identity Safeguard for Privileged Sessions (SPS) Managing the One Identity Safeguard for Privileged Sessions (SPS) license Accessing the One Identity Safeguard for Privileged Sessions (SPS) console Sealed mode Out-of-band management of One Identity Safeguard for Privileged Sessions (SPS) Managing the certificates used on One Identity Safeguard for Privileged Sessions (SPS)
General connection settings HTTP-specific settings ICA-specific settings RDP-specific settings SSH-specific settings Telnet-specific settings VMware Horizon View connections VNC-specific settings Indexing audit trails Using the Search interface Advanced authentication and authorization techniques Reports The One Identity Safeguard for Privileged Sessions (SPS) RPC API The One Identity Safeguard for Privileged Sessions (SPS) REST API One Identity Safeguard for Privileged Sessions (SPS) scenarios Troubleshooting One Identity Safeguard for Privileged Sessions (SPS) Configuring external devices Using SCP with agent-forwarding Security checklist for configuring One Identity Safeguard for Privileged Sessions (SPS) Jumplists for in-product help LDAP user and group resolution in SPS Appendix: Deprecated features

Importing the configuration of One Identity Safeguard for Privileged Sessions (SPS)

The configuration of One Identity Safeguard for Privileged Sessions (SPS) can be imported from the Basic Settings > System page. Use the respective action buttons to perform the desired operation.

You also have the option to import configuration of SPS from a local file using the console. For details, see Exporting and importing the configuration of One Identity Safeguard for Privileged Sessions (SPS) using the console.

Figure 107: Basic Settings > System — Importing the SPS configuration

Caution:

It is not possible to import the configuration of an older major release (for example, 1.0) into a newer release (for example, 2.0).

To import the configuration of SPS

  1. Caution:

    Do not export or import configuration between a physical SPS deployment and a virtual one. Because of the differences and limitations between physical and virtual appliances, configure the virtual appliance from scratch to ensure proper functionality. When you migrate a virtual SPS to another one, you can export and import the configuration.

    Navigate to Basic Settings > System > Import configuration.

  2. Click Browse and select the configuration file to import.

  3. Enter the password into the Encryption password field and click Upload.

    NOTE:

    One Identity Safeguard for Privileged Sessions (SPS) accepts passwords that are not longer than 150 characters. The following special characters can be used: !"#$%&'()*+,-./:;<=>?@[\]^-`{|}

Managing the One Identity Safeguard for Privileged Sessions (SPS) license

Information of the current license of One Identity Safeguard for Privileged Sessions (SPS) is displayed on the Basic Settings > System > License page. The following information is displayed:

Figure 108: Basic Settings > System > License — Updating the license

  • Customer: The company permitted to use the license (for example Example Ltd.).

  • Serial: The unique serial number of the license.

  • Limit type:

    • Host: Limits the number of servers (individual IP addresses) that can be connected through SPS.

    • Session: Limits the number of concurrent sessions (parallel connections) that can pass through SPS at a time (for example 25). SPS will reject additional connection requests until an already established connection is closed.

  • Limit: The actual value of the session or host limit. To list which hosts SPS counts against this limit, click the on the value of the limit.

  • Valid: The period in which the license is valid. The dates are displayed in YYYY/MM/DD format.

The full text of the End User License Agreement is also displayed here.

SPS starts sending automatic alerts daily, 60 days before the license expires. An alert is sent also when the number of protected servers exceeds 90% of the limit set in the license.

Updating the SPS license

The SPS license must be updated before the existing license expires or when you purchase a new license.

Caution:

Before uploading a new license, One Identity recommends that you backup the configuration of SPS. For details, see Exporting the configuration of One Identity Safeguard for Privileged Sessions (SPS).

To update the license

  1. Navigate to Basic Settings > System > License.

  2. Click Browse and select the new license file.

    NOTE:

    It is not required to manually decompress the license file. Compressed licenses (for example .zip archives) can also be uploaded.

  3. Click Upload, then Commit.

  4. Caution:

    This step terminates all controlled connections going through SPS. Disconnect your clients from the protected servers before proceeding.

    To activate the new license, navigate to Traffic control > All services and click Restart.

Accessing the One Identity Safeguard for Privileged Sessions (SPS) console

The following topics describe how to use the console menu of One Identity Safeguard for Privileged Sessions (SPS), how to enable remote SSH access to SPS, and how to change the root password from the web interface.

Topics:
Related Documents