Welcome to the One Identity Safeguard for Privileged Sessions 6.3 Administrator Guide.
This document describes how to configure and manage the One Identity Safeguard for Privileged Sessions (SPS). Background information for the technology and concepts used by the product is also discussed.
Configuring the internal indexer has been updated.
Modifying the disk size of a SPS virtual appliance has been simplified.
If you do not specify the username or the address in nontransparent SSH and Telnet connections, One Identity Safeguard for Privileged Sessions (SPS) displays an interactive prompt where you can enter the username and the server address.
Kerberos-based authentication in SSH sessions has been improved. For details, see Kerberos authentication settings.
Transferring files between the target server and the client host using the Clipboard can now be audited. The transferred files can be extracted from the audit trail using a command-line tool. For details, see "Export files from an audit trail after RDP file transfer via clipboard" in the Safeguard Desktop Player User Guide.
Using SPS with SPP has been restructured and extended with information about sessions-initiated workflows.
Collecting logs and system information of the boot process for error reporting has been added to the document.
Trend analysis allows you to use the timeline to find changes over time. For more information, see Specifying time ranges.
The Search interface has been extended with the Basic view, which allows you to select the filters that you need from the appropriate columns. For more information, see Using search filters.
Creating a new authentication policy on SSH has been simplified. For more information, see Creating a new authentication policy.
The WebSocket channel is now supported. For more information, see Supported HTTP channel types.
The document has been updated with information about how you can configure your SPS cluster to enable Configuration synchronization without a central search or Central search with configuration synchronization.
Added information about joining your One Identity Safeguard for Privileged Passwords (SPP) deployment to your One Identity Safeguard for Privileged Sessions (SPS) deployment. For more information, see Using SPS with SPP.
This section introduces One Identity Safeguard for Privileged Sessions (SPS) in a non-technical manner, discussing how and why is it useful, and what additional security it offers to an existing IT infrastructure.
One Identity Safeguard for Privileged Sessions (SPS) is part of the One Identity Safeguard solution, which in turn is part of One Identity's Privileged Access Management portfolio. Addressing large enterprise needs, SPS is a privileged session management solution which provides industry-leading access control, session recording and auditing to prevent privileged account misuse and accelerate forensics investigations.
SPS is a quickly deployable enterprise device, completely independent from clients and servers - integrating seamlessly into existing networks. It captures the activity data necessary for user profiling and enables full user session drill down for forensic investigations.
SPS has full control over the SSH, RDP, Telnet, TN3270, TN5250, Citrix ICA, and VNC connections, giving a framework (with solid boundaries) for the work of the administrators. The most notable features of SPS are the following:
SPS acts as a centralized authentication and access-control point in your IT environment which protects against privileged identity theft and malicious insiders. The granular access management helps you to control who can access what and when on your critical IT assets.
SPS monitors privileged user sessions in real-time and detects policy violations as they occur. In case of detecting a suspicious user activity (for example entering a destructive command, such as the "rm"), SPS can send you an alert or immediately terminate the connection.
SPS audits "who did what", for example on your database- or SAP servers. Aware of this, your employees will do their work with a greater sense of responsibility leading to a reduction in human errors. By having an easily interpreted, tamper-proof record in encrypted, timestamped, and digitally signed audit trails, finger-pointing issues can be eliminated.
SPS makes all user activity traceable by recording them in high quality, tamper-proof and easily searchable audit trails. All data is stored in encrypted, timestamped and signed files, preventing any modification or manipulation. The movie-like audit trails ensure that all the necessary information is accessible for ad-hoc analyses or audit reports.
When something wrong happens, everybody wants to know the real story. Analyzing thousands of text-based logs can be a nightmare and may require the participation of external experts. The ability to easily reconstruct user sessions allows you to shorten investigation time and avoid unexpected cost.