The document discusses CyberArk PAM (Privileged Account Management) which includes a master policy, platform, and safe components. It describes how CyberArk improves security over direct remote access to privileged accounts by implementing centralized management of credentials, session isolation and monitoring, and threat analytics. Key CyberArk components include the vault server, private ark client, password vault web access, central policy manager, privileged session manager, and privileged threat analytic tools.
The document discusses CyberArk PAM (Privileged Account Management) which includes a master policy, platform, and safe components. It describes how CyberArk improves security over direct remote access to privileged accounts by implementing centralized management of credentials, session isolation and monitoring, and threat analytics. Key CyberArk components include the vault server, private ark client, password vault web access, central policy manager, privileged session manager, and privileged threat analytic tools.
The document discusses CyberArk PAM (Privileged Account Management) which includes a master policy, platform, and safe components. It describes how CyberArk improves security over direct remote access to privileged accounts by implementing centralized management of credentials, session isolation and monitoring, and threat analytics. Key CyberArk components include the vault server, private ark client, password vault web access, central policy manager, privileged session manager, and privileged threat analytic tools.
The document discusses CyberArk PAM (Privileged Account Management) which includes a master policy, platform, and safe components. It describes how CyberArk improves security over direct remote access to privileged accounts by implementing centralized management of credentials, session isolation and monitoring, and threat analytics. Key CyberArk components include the vault server, private ark client, password vault web access, central policy manager, privileged session manager, and privileged threat analytic tools.
Download as PPTX, PDF, TXT or read online from Scribd
Download as pptx, pdf, or txt
You are on page 1/ 24
CyberArk PAM
Policy, Platform, Safe
Yan Nurindra Network Engineer Agenda • Master Policy • Platform • Safe • After CyberArk • Cyberark Component • Demo Lab Master Policy Master Policy Master Policy Contoh Privileged Account Before CyberArk Target Server
Administrator
Databases Security Appliances
Direct Remote Access :
- Remote Desktop User / Requestor - Putty - MSSQL Studio Network Servers Devices
Potential Problem : • Sharing Credential/Password Need : IP + Credential • Less controlling / No Tracking activity • Password target server managed manually • Account unmanage on Target Server • Potential Backdoor Account After PAM CyberArk User Access Target Server PRIVILEGED ACCOUNTS User vault encryption Management /Requestor
• Central Policy Manager • Privileged Session Manager • Privileged Threat Analytic Vault Server • Menjadi tempat semua data disimpan. • Berisi log vault (Italog). • Data yang disimpan berupa user password dan recording. • Dibagi ke dalam bagian-bagian yang disebut “safe”. • Logon menggunakan privateark client. • Ada service event notification engine PrivateArk Client Fungsi Privateark client: • Mengakses Vault • Kumpulan Safe • Membuat Users • Membuat Groups • Report License Capacity Password Vault Web Access • Web interface CyberArk • Diakses baik oleh user dan administrator. • Untuk Administrator dapat digunakan untuk create safe, edit safe, add account, create policy, dsb • Generate Report Password Vault Web Access Central Policy Manager • Komponen dalam CyberArk yang dapat mengubah password secara otomatis. • CPM dapat men-generate password acak dan mengganti password lama pada server. Quiz • Quiz 1 CyberArk Privileged Session Manager • Mengamankan, mengontrol, dan memonitor akses server. • Record session dan Live session ketika user mengakses ke server. Privileged Session Manager Privileged Session Manager Privileged Threat Analytic Menentukan Risk Scoring Untuk setiap Session yang berjalan Melakukan suspend, terminate dan resume untuk command tertentu Privileged Threat Analytic Privileged Threat Analytic Lab • Login Portal CyberArk University • Syarat sudah punya email berca • Lab PAM Administrator Quiz • Quiz 2 CyberArk TERIMA KASIH SOBAT BERCAONE!
