Uploaded by wakanda forever

POC Pre Requisite PAM (1)

advertisement
Predict | Protect | Prevent
Predict | Protect | Prevent
ARCON | PAM
POC Server Pre-requisite
www.arconnet.com | Copyright © 2017
1
Predict | Protect | Prevent
Predict | Protect | Prevent
Table of Contents
1. PoC ARCHITECTURE-----------------------------------------------------------------------------------------3
A. Hardware Requirements------------------------------------------------------------------------------- 4
B. Software Requirement-------------------------------------------------------------------------------------5
C. Port Opening Requirement--------------------------------------------------------------------------------6
2. Pre Requisites for End Users of ARCON PAM-----------------------------------------------------------8



ARCON PAM Plugin---------------------------------------------------------------------------------------------------------- 8
Browser Settings----------------------------------------------------------------------------------------------------------------- 8
Antivirus Exception-------------------------------------------------------------------------------------------------------------- 8
www.arconnet.com | Copyright © 2017
2
Predict | Protect | Prevent
1. PoC ARCHITECTURE
3
Predict | Protect | Prevent
A. Hardware Requirements

Application Server / Database Server & Gateway Component
Specification
Minimum Recommended
CPU Speed
2.4 GHz or Higher
Processor
Intel Xeon Processor (Minimum 8 Cores)
Memory / RAM
16 GB or higher
Hard Disk Space
C:\ - <size> 50 GB
D:\- <size> 60 - 100 GB (Application and Database
Components)
Class of Storage Required
ISCSI or SATA
4
Predict | Protect | Prevent
B. Software Requirement

Application Server / Database Server/Gateway Server
Specification
Minimum Recommended
Operating System
Windows Server 2016 OR above
Database Server
Microsoft SQL Server 2016 express Edition (with MS
SQL Management Studio) or Higher
Gateway Component
LINUX RHEL
Web Server
IIS 6.0 or Higher
Microsoft .net Framework
Microsoft .net Framework 2.0, 3.5 & 4.5, 4.7.2
Browser
IE 10.0 or Higher
Runtime Environment (Included in Setup)
2. Crystal Reports Basic 2008 Runtime
3. Microsoft Chart Controls for Microsoft .NET
Framework 3.5, 4.5
Note: All the above listed components can be installed in virtualized environment.
Windows Server 2019 comes with the capability of installing SSH server OR we could use BITVISE SSH
component.
Below is the Link to download Bitvse SSH component:
https://atspackages.s3.ap-south-1.amazonaws.com/BvSshServer-Inst.exe
Below is the link to download SQL Server and SSMS utility
https://arcondbqueries.s3.ap-south-1.amazonaws.com/SQLServer2017-SSEI-Expr.exe
https://arcondbqueries.s3.ap-south-1.amazonaws.com/SSMS-Setup-ENU.exe
5
Predict | Protect | Prevent
C. Port Opening Requirement
Sr.
No
Destination
Device
Port No
Description
ARCON PAM
Application
443 *
HTTPS Port
2
ARCON PAM
Users (Person
who will
manage PAM
Application)
ARCON PAM
Database Server
1450*
Server Manager
(ARCON
configuration)
3
ARCON PAM
Users (Person
who will
manage PAM
Application)
ARCON PAM
Database Server
8080
HTTP Port (View
Video Logs)
4
ARCON PAM
Users
ARCON PAM ATS
Server
444*
HTTPS Port
ARCON PAM
Secured Gateway
Server
22 *
SSH Port
Respective Target Devices/Port
Respective Target
Devices/Port (Eg:
For Windows 3389, Linux - 22,
Web Browsers 443/8080 etc.)
Source Device
ARCON PAM
Users (All
1
Users who will
access PAM
portal)
ARCON PAM
Users (All
5
Users who will
access PAM
portal)
6
ARCON PAM
Secured
Gateway Server
Respective Target
Devices/Port
7
ARCON PAM
Terminal Server
Respective Target
Devices/Port
Respective Target Devices/Port
Respective Target
Devices/Port (Eg:
For Windows 3389, Linux - 22,
Web Browsers 443/8080 etc.)
8
ARCON Secured
Server
(Gateway)
Windows Domain
Controller
Servers
137(TCP and
UDP),138(UDP),139(TCP),135(TCP),88(TCP
and UDP),53(TCP and UDP),45045(Custom)
To Domain Servers
so as to do
Password
Management of
Generic Domain
6
Predict | Protect | Prevent
account for
Windows
environment across
all projects
9
ARCON PAM
APPLICATION
Server
ARCON PAM
DATABASE
1450*
TCP Port (For
ARCON Application
to Connect to
ARCON Database.)
10
ARCON PAM
Secured Server
All Windows
Servers
6006 OR 45045
Port for Password
Change (Used by
ARCON PAM
Windows Password
Change Service)
11
ARCON PAM
Application
Server
LDAP Server
389
LDAP Port
12
ARCON PAM
Gateway Server
LDAP Server
389
LDAP Port (Use
Gaeway for
Password Change)
13
ARCON PAM
Database
Server
SMTP Server
25
LDAP Port
14
ARCON PAM
ADMIN
Target Devices/
Server
12,000 to 13,000
Real Time Session
Monitoring
15
ARCON
User/Admin
RDPS Server
9000 (Can be customize)
For User to
communicate to API
16
ARCON
User/Admin
RDPS Server
9001 (Can be customize)
For Remote Assist
communication
17
ARCON
User/Admin
RDPS Server
9002 (Can be customize)
For Remote Assist
file transfer
7
Predict | Protect | Prevent
2. Pre Requisites for End Users of ARCON PAM
Following are the prerequisites of ARCON to be run on local machine
Specification
Minimum Recommended
CPU Speed
2.0 GHz or higher
Processor
Intel Pentium Processor or Higher
Operating System and Version
Windows Operating System with IE10 or IE11
Memory / RAM
2 GB RAM (Minimum Recommended)
Microsoft .net Framework
Microsoft .net Framework 2.0, 3.5, 4.5 wherever applicable
 ARCON PAM Plugin
 ARCON PAM Plugin is required to be installed and configured to Login.
 For I.E 10 and above, under InternetExplorerSettings > compatibility view settings > Add ARCON URL.
 FIPS should bedisabled on Each End User machine and ARCON PAM Servers.
Note: The Client system would require Administrative rights to complete ARCON PAM Plugin installation.
 Browser Settings
 Browser setting needs to be modified post ARCON PAM Plugin installation. Steps are as follows.
Internet Options > Security Tab > Select Local Intranet > Click Sites > and Add the ARCON URL > Click Add
Make sure the following settings are also present. Internet Options> Security TAB> Click Custom Level.
Search: ActiveX Controls and Plug-ins > And Select Enable for Everything under ActiveX Controls and Plug- ins. Click OK > Click Yes.
 Antivirus Exception
 Antivirus Exception to be provided for ARCON folder in the following path
<Drive>:\Users\UserName\AppData\Local\Temp\ARCON PAM
<Drive>:\Users\UserName\AppData\Local\Temp\ARCOS
8
Predict | Protect | Prevent
Installation Packages
Note: SPOC email ID has to be shared to ARCON presales resource in order to get the latest updated
package.
Databases
https://arcondbqueries.s3.ap-south-1.amazonaws.com/ARCOSDB_Blank.bak
https://arcondbqueries.s3.ap-south-1.amazonaws.com/ARCOSRDPDB_blank.bak
Database Queries
https://arcondbqueries.s3.ap-south1.amazonaws.com/ARCOS%2BDBUpdates%2BFrom%2B4.8.1.0%2BTo%2B4.8.5.7%2B(3)+(1).zip
https://arcondbqueries.s3.ap-south-1.amazonaws.com/Auth_Query.zip
Privileged Access
Management
No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means such
as electronic, mechanical, photocopying, recording, or otherwise without permission.
9
Download