NOTE: If one or more Safeguard Sessions Appliances are joined to Safeguard for Privileged Passwords, X1 is not available in Safeguard for Privileged Passwords.
- Log in to the desktop client using the Appliance Administrator account.
If you are using both the Privileged Passwords and embedded sessions module, ensure the Network Interface X0 (primary interface) and Network Interface X1 (sessions interface) information is configured. (Navigate to Settings | Appliance | Networking.) After one or more Safeguard Sessions Appliances have been joined, only the Network Interface X0 is used. Navigate to Settings | Appliance | Networking and set the following:
- IP address
- Default gateway
- DNS servers
For more information, see Networking.
- Ensure the access request and password management features are enabled (Settings | Access Request | Enable or Disable Services). For more information, see Enable or Disable Services (Access and management services).
- (Optional) Enable or disable Application to Application (A2) and audit data sharing with Safeguard for Privileged Sessions (SPS) via Settings | Appliance | Enable or Disable Services. For more information, see Enable or Disable Services .
- Configure the External Integration settings that apply (Settings | External Integration):
- Email: Configure the SMTP server to be used for email notifications. Safeguard for Privileged Passwords provides default email templates for most events, which can be customized.
- Identity and Authentication: Configure directory services such as Active Directory and LDAP servers to be used as identity and authentication providers for Safeguard for Privileged Passwords users. Configure Safeguard for Privileged Passwords as a relying party that uses SAML 2.0 to integrate with external federation services to authenticate users. Create a RADIUS server to be used as a primary or secondary authentication provider.
- SNMP: Configure SNMP subscriptions for sending SNMP traps to your SNMP console when certain events occur.
- Starling: Join Safeguard for Privileged Passwords to Starling to take advantage of other Starling services, such as Starling Two-Factor Authentication.
- Syslog: Configure the syslog servers where event notifications are to be sent.
- Ticketing: Add external ticketing tracking system or track tickets not tied to an external ticketing system.
- If you are using the embedded sessions module, Safeguard ships with default certificates and default SSH algorithms for the Unix and Linux platforms. However, you can replace the certificates to use or add new algorithms.
- To specify different certificates to be used, see Certificate settings.
To add new SSH algorithms, use the API endpoint: