A single-host installation is typically appropriate for evaluations, proof of concept, and demonstrations of Privilege Manager. This configuration example installs all of the components on a single UNIX/Linux host, with protection offered only within this single host. All logging and auditing takes place on this host.
The medium business model is suitable for small organizations with relatively few hosts to protect, all of which may be located within a single data center.
This configuration example comprises multiple UNIX/Linux hosts located within the SME space and one or more web servers located in a DMZ.
Multiple policy server components (pmmasterd) are installed in a failover configuration, with groups of plugin hosts balanced between the policy servers. If a policy server is unavailable for any reason, the plugin hosts will failover to the alternative policy server.
Figure 3: Medium business implementation
This is an example of how a large business might deploy Privilege Manager. Some global companies prefer to fragment their requirement and deploy multiple instances as shown in the medium-sized business model.
Figure 4: Large business implementation
This is an overview of the steps necessary to set up your environment to use Privilege Manager software:
To configure a primary policy server
To configure a secondary policy server
To install the Sudo Plugin on a remote host
The following topics walk you through these steps.