立即与支持人员聊天
与支持团队交流

Safeguard Remote Access Hosted - Administration Guide

Introduction Prerequisites Limitations Getting started Administrator-side use cases User-side use cases Appendix Glossary

Introduction

Intended audience

For Administrators, the Administration Guide contains information about how to set up One Identity Safeguard Remote Access (SRA) in One Identity Starling and how to integrate with One Identity Safeguard for Privileged Sessions (SPS).

For Users, the Administration Guide describes the usage and features of SRA.

Overview

SRA is a Cloud Software as a Service (SaaS) that provides a client-less, browser-based secure terminal access to servers via integration with the SPS product.

Figure 1: SRA architecture overview

Prerequisites

To use One Identity Safeguard Remote Access (SRA), you must meet the following prerequisites:

  • You are using an official One Identity-supported feature or LTS version of SPS. For more information, see Version-related limitations.

  • Basic network configuration is completed, and the web administrative interface is available.

  • A SPS Authentication and Authorization plugin (AA plugin) is selected. For more information, see Using plugins.

  • You have Administrator role under the SRA product in One Identity Starling.

Limitations

This section introduces the limitations of One Identity Safeguard Remote Access (SRA).

Version-related limitations

One Identity strongly recommends that you use either of the following SPS product versions:

  • The latest One Identity-supported feature version.

  • The latest One Identity-supported LTS version.

For more information about the latest One Identity-supported SPS feature and LTS versions, see the SPS Product Life Cycle table.

NOTE: SPS version 6.9.n CC is no longer supported.

Security-related limitations
  • End users are not required to periodically reauthenticate to a running session. Instead, once an end user logged in to a terminal session, they stay logged in to SRA.

  • The bandwidth usage of terminal connections is not limited.

Functionality-related limitations
  • Use Chrome-based browsers for the best user experience. Other browsers are supported on a best effort basis.

  • SRA provides full support for SSH and RDP protocols only.

  • No RDP remote application is supported at this time.

  • Only fixed and inband destination selection defined in One Identity Safeguard for Privileged Sessions (SPS) will be picked up by SRA.

  • SPS nodes are not monitored. If SPS fails or unjoins from One Identity Starling, the related target connections remain visible on SRA.

  • Some browser keyword shortcuts (for example, Ctrl+T and Ctrl+Shift+N) are not forwarded to the terminal session.

  • For Apple users, copy-pasting text in an active RDP remote session with Cmd+C and Cmd+V keyboard shortcuts does not work. Use (Copy to clipboard) and (Paste) on the control panel of the session window to copy-paste text to or from the server.

  • The following limitations apply to the file transfer functionality:

    • SSH file transfer in active remote sessions is not supported on touch devices.

    • File transfer interworking (Cancel, Pause and Resume) is applicable only to Chromium-based browsers (recommended: Google Chrome).

Getting started

This section and its subsections describe how to set up One Identity Safeguard Remote Access (SRA) from an Administrator point of view.

Before you can start using SRA, first you have to create a One Identity Starling account. After that, you must access One Identity Safeguard for Privileged Sessions (SPS) to perform preliminary configurations, for example, configuring the authentication and authorization plugin, creating local credential stores, setting up connection and usermapping policies and so on.

自助服务工具
知识库
通知和警报
产品支持
下载软件
技术说明文件
用户论坛
视频教程
RSS订阅源
联系我们
获得许可 帮助
技术支持
查看全部
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级