One Identity Safeguard 2.5 - Administration Guide

Introduction System requirements Installing the One Identity Safeguard for Privileged Passwords desktop client Setting up Safeguard for Privileged Passwords for the first time Getting acquainted with the console Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Directories Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Access settings Sessions settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions
How do I access the API How do I audit transaction activity How do I configure external federation authentication How do I manage accounts on unsupported platforms How do I modify the appliance configuration settings How do I prevent Safeguard for Privileged Passwords messages when making RDP connections How do I see which assets and/or accounts are governed by a profile How do I set the appliance system time How do I setup discovery jobs How do Safeguard for Privileged Passwords database servers use SSL What are the access request states What do I do when an appliance goes into quarantine What is required for One Identity Safeguard for Privileged Passwords, embedded sessions module What is required to integrate with Starling Identity Analytics & Risk Intelligence What needs to be set up to use Application to Application What role-based email notifications are generated by default When does the rules engine run for dynamic grouping and tagging Why did the password change during an open request Why join Safeguard for Privileged Passwords to One Identity Starling
Safeguard Desktop Player Appendix: Safeguard ports

Configuring a syslog server

It is the responsibility of the Appliance Administrator to configure Safeguard for Privileged Passwords to log event messages to a syslog server.

To configure a syslog server

  1. Navigate to Administrative Tools | Settings | External Integration | Syslog.
  2. Click New to display the Syslog dialog.
  3. In the Syslog dialog, enter the following:

    1. Network Address: Enter the IP address or FQDN of the syslog server.

      Limit: 255 characters

      Required

    2. UDP Port: Enter the UDP port number for the syslog server.

      Default: 514

      Range: between 1 and 32767

      Required

    3. Description: Enter a description for the syslog server configuration.

      Limit: 255 characters

    4. Events: Click Browse to select the events to be included in the syslog.

      On the Event selection dialog, select the events to be included, then click OK.

    5. Facility: Choose the type of program to be used to log syslog messages.

      Default: User-level messages

  4. Click OK to save your selection and add the syslog server configuration.

Verifying syslog server configuration

Use the Send Test Event link located below the Syslog configuration table on the Syslog pane to verify your syslog server configuration. Navigate to Administrative Tools | Settings | External Integration | Syslog.

To validate your setup

  1. When configuring your syslog server, on the Syslog dialog add the "test" event.
  2. Back on the Syslog pane, select the syslog server configuration from the table, then select Send Test Event.

    Safeguard for Privileged Passwords logs a test message to the designated syslog server.

Note: To log event messages to a syslog server, you must configure Safeguard for Privileged Passwords to send alerts. For more information, see Configuring alerts.

Ticketing

Safeguard for Privileged Passwords allows you to integrate with your company's external ticket system such as ServiceNow or Remedy.

ServiceNow integration workflow example

ServiceNow is a cloud-based issue tracking system. Safeguard for Privileged Passwords can exchange incident ticket (INC) data with ServiceNow. At this time, change (CHG) and request (RITM) tickets are not supported.

To use ServiceNow, an SSL Certificate must be installed in Safeguard for Privileged Passwords.

  1. For more information, see SSL Certificates.
  2. Complete these steps: Installing an SSL certificate

The incident ticket workflow follows.

  1. The Policy Administrator creates an access request policy that requires the requester to provide a ticket number when creating an access request. For more information, see Creating an access request policy
  2. When the requester makes a request, they must enter the existing ServiceNow ticket number on the New Access Request dialog, Request Details tab, Ticket Number field. For more information, see Requesting a password release and Requesting session access.
  3. Safeguard for Privileged Passwords queries all configured ticket systems to see if that ticket number represents an incident ticket that exists and is in an open state. For ServiceNow, Safeguard checks the "Active" property of the incident returned from the ServiceNow API and considers the ticket number valid if the "Active" property is not "false" for that incident.
    1. If the ticket is not active, the request is denied.
    2. If the ticket is active, the access workflow continues.
Remedy integration workflow

The details in the ServiceNow integration workflow example apply to Remedy ticket systems except Remedy will have a different certificate and ticket types. Safeguard checks the "Status" property of the incident returned from the Remedy API. The ticket is considered valid if "Status" is not "Closed" or "Cancelled".

Ticketing Properties

Navigate to Administrative Tools | Settings | External Integration | Ticketing. The Ticketing pane displays the following about the ticket systems defined.

Table 203: Ticketing: Properties
Property Description
Name The name assigned to the ticket system when it was added to Safeguard for Privileged Passwords.
URL The web site address of the ticket system.

Use these toolbar buttons to manage the ticketing systems defined to integrate with Safeguard for Privileged Passwords.

Table 204: Ticketing: Toolbar
Option Description
New Add a new ticket system.
Delete Selected

Remove the selected ticket system from Safeguard for Privileged Passwords.

Refresh Update the list of ticket systems.
Edit Modify the selected ticket system configuration.

Configuring integration with external ticket system

It is the responsibility of the Appliance Administrator to configure Safeguard for Privileged Passwords to integrate with your company's external ticket system. The Security Policy Administrator configures the access request policy to require that users provide a ticket number when requesting an account password or session access. For more information, see Installing an SSL certificate.

To configure Safeguard for Privileged Passwords to integrate with an external ticket system

  1. Navigate to Administrative Tools | Settings | External Integration | Ticketing.
  2. Click  Add to open the Ticket System dialog.
  3. Provide the following:
    1. Name: Enter the name of your ticketing system.

    2. Type: Select the type of ticketing tracking system:

      • ServiceNow: A cloud-based issue tracking system.
      • Remedy: A request-for-service problem tracking system.
    3. URL: Enter the web site address to the ticketing system.

    4. User Name: Enter an account for Safeguard for Privileged Passwords to use to access the ticketing system.

    5. Password: Enter the user account's password.

    6. Client Identifier: Enter the ServiceNow Client ID.
    7. Client Secret: Enter the ServiceNow secret key.
    8. Authentication String: Enter the authentication credential for the Remedy AR (Action Request) system server.
Related Documents