This is an example of how a large business might deploy Privilege Manager for Unix. Some global companies prefer to fragment their requirement and deploy multiple instances as shown in the medium-sized business model.
This example comprises three policy servers, two are balancing the load of multiple agents. This may be necessary if there is a high level of audit and/or a significant volume of requested elevated privilege. Further, there is an additional policy server configured as a failover should one or both policy servers become unavailable.
Figure 8: Large Business Implementation
This example is based on an organization with offices in London and New York. Again, as with the medium-sized business example, the web servers and corporate web-based applications reside in a DMZ. The requirement to execute commands at an elevated level from inside the firewall remains.
Access to the web server and web applications is predominantly, but not exclusively, from the London office. Privilege Manager for Unix tunnelling components are used to breach the firewall to the DMZ.
In addition, internal firewalls are located between the offices in London and New York, and tunnelling components are deployed to enable access from office to office and indeed from anywhere to the DMZ.
Within each office, multiple policy servers are configured for load balancing, with each policy server serving a number of agents.
Figure 9: Enterprise Deployment Implementation
You can extend each of the models described above by, for example, adding more policy servers, configuring additional load balancing, assigning dedicated audit, logging and reporting servers. The models provide a small indication of the flexibility and modular way in which you can configure and implement Privilege Manager for Unix to meet the precise requirements of any size business.
Download Privilege Manager for Unix Software Packages
Download Privilege Manager for Sudo Software Packages
Installing the Management Console
Uninstalling the Management Console
Configure a Primary Policy Server
Check the Server for Installation Readiness
Install the Privilege Manager Packages
Configure the Primary Policy Server for Privilege Manager for Unix
Configure the Privilege Manager for Sudo Primary Policy Server
Configure a Secondary Policy Server
Configuring a Secondary Server
Install PM Agent or Sudo Plugin on a Remote Host
Check PM Agent Host for Installation Readiness
Install a PM Agent on a Remote Host
Join the PM Agent to the Primary Policy Server
CheckSudo Plugin Host for Installation Readiness
Install a Sudo Plugin on a Remote Host
Join a Sudo Plugin to a Primary Policy Server
This is an overview of the steps necessary to set up your environment to use Privilege Manager software:
To configure a primary policy server
To configure a secondary policy server
To install the PM Agent or Sudo Plugin on a remote host
The following topics walk you through these steps.
To download the Privilege Manager for Unix software packages
Go to www.quest.com/privilege-manager-for-unix and click Support Services | Product Support. On the Product Support page, click Software Downloads, and then click Download to the right of the version to be downloaded.
|
NOTE: See Installation Packages for more information about Privilege Manager native platform install packages. |
Download the relevant package from the web page.
|
NOTE: The Privilege Manager server package includes the PM Agent and the Sudo Plugin components. |
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy