Starling Identity Analytics & Risk Intelligence Hosted - User Guide

Starling Identity Analytics & Risk Intelligence Getting started Settings Collaborators Collector agents Licensing Rules Risk Verification Reports

Additional hardware and software requirements

Starling Identity Analytics & Risk Intelligence has additional requirements beyond those necessary for Starling overall (for more information, see the Starling User Guide).

Collector agent requirements

The Starling Identity Analytics & Risk Intelligence collector agent has some additional hardware and software requirements before it can be downloaded.

Table 2: Starling Identity Analytics & Risk Intelligence Collector Agent requirements

Operating System

Minimum requirements:

Windows Server 2008 R2 SP1 x64

Memory

8GB

Server Software

.Net Framework 4.6.1

Data source module requirements

Once a collector agent has been installed you can begin configuring data sources modules. The following table shows the requirements based on the type of data source module you are configuring.

Table 3: Starling Identity Analytics & Risk Intelligence data source module requirements
Type of data source module Requirements
Active Roles

Active Roles 6.9 to 7.x

IMPORTANT: Although supported, it is strongly recommended that a collector agent not be installed on a machine with an Active Roles server.

  • At minimum, a domain member account with read access delegated to the following three Active Roles nodes is required: Configuration, Managed Units, and Active Directory.

    The Active Directory template All Objects - Read All Properties contains these minimum permissions and can be used. Or you can create a custom template so long as it contains those minimum permissions. See the Active Roles documentation for information on configuring permissions within Active Roles.

NOTE: By default, Distributed COM Users should contain Authenticated Users. However, if this is missing then you will be unable to connect to Active Roles remotely. For more information, see this article on adding MinARSAdmin or the exact account in order to fix this issue.

  • If both 6.9 and 7.x ADSI providers are available, the ARS 7.x ADSI provider will take precedence followed by 6.9 unless the ActiveRolesAdsiVersion environment variable (in the collector configuration file) has been edited to indicate either 6.9 or 7.0 (which covers all 7.x versions) as the specific version. No other versions can be used as the ActiveRolesAdsiVersion environment variable.
  • If no ADSI providers are installed, 6.9 and 7.2.0 ADSI providers will be installed. If an ADSI provider is detected, the collector agent will attempt to use that ADSI provider without installing additional providers.
  • When a collector agent is removed, any ADSI providers that were originally installed by the collector agent will also be removed. Any additional dependencies that were installed will not be removed since they are standard Windows redistributables.
  • Should an Active Roles installation not fully meet the supported version requirements for all detected ARS Administration Services, this will cause a version compatibility problem and the collector agent will be unable to collect from that installation.
Active Directory
  • Active Directory credentials are required for configuring the data source module.
  • A global catalog must be available in order to resolve trustees outside of the domain.
  • A global catalog must be resolvable via its DNS name regardless of whether you are connecting directly to it or to a domain controller connected with a global catalog.
Safeguard

Safeguard 2.1.0.0 (or greater)

  • A Safeguard user with Auditor permissions is required for configuring the data source module.
  • The machine running the Safeguard data source module must have the proper SSL root certificate authority certificate(s) that are being used by Safeguard. For more information, see SSL Certificates in the One Identity Safeguard Administration Guide (Safeguard documentation).

Azure Active Directory

  • A user with App registration permissions is required to add the Starling Identity Analytics & Risk Intelligence application within Azure Active Directory before it can be added as a data source module. For more information, see Configuring Azure Active Directory.
  • An Azure Active Directory administrator is required to approve the Azure Active Directory configuration changes.

The Starling Identity Analytics & Risk Intelligence service

Once you have created a Starling organization, you can add the Starling Identity Analytics & Risk Intelligence service to that organization. The types of subscriptions available for Starling Identity Analytics & Risk Intelligence fall into different categories:

Paid subscription

A Starling Identity Analytics & Risk Intelligence subscription can be purchased by a Starling organization. A subscription to this service will provide you with full access to the product for the length of your contract. If you do not renew your subscription, you will lose access to Starling Identity Analytics & Risk Intelligence and data collection will stop. However, if you decide to renew your subscription at a later date, the Starling Identity Analytics & Risk Intelligence service will be restored in the same condition it was in when it expired. This includes all data that was collected prior to the expiration. For information on purchasing a subscription to the Starling Identity Analytics & Risk Intelligence service, use the More Information button associated with the service.

NOTE: Contact Sales or Support to cancel a paid subscription.

Trial subscription

The services available for trial can be subscribed to for a limited period of time before they require a full subscription. This allows you to view and test the product before making a longer term commitment to using the service. If you do not decide to upgrade your subscription, you will lose access to Starling Identity Analytics & Risk Intelligence and data collection will stop once the trial has ended. However, if you decide to upgrade to a paid subscription at a later date, the Starling Identity Analytics & Risk Intelligence service will be restored in the same condition it was in when it expired. This includes all data that was collected prior to the expiration.

Related Documents