Symantec Privileged Access Management

  • 1.  CA PAM Support CA Client Automation

    Posted Mar 16, 2017 10:56 AM

    Hi, would like to know if with CA PAM, we support CA Client Automation (Remote Control Agent), if we don't, do we have intention to support it?

     

    Regards



  • 2.  Re: CA PAM Support CA Client Automation

    Broadcom Employee
    Posted Mar 16, 2017 12:14 PM

    Hi Farid,

     

    Currently there is no CA Client Automation client installed on CA PAM by default. Also, it would be impossible for a customer to install this client since CA PAM is a closed-box system.

     

    I have not heard of any plans to add this in the future.

     

    I would recommend creating an idea for this to be added if it is something that is needed or may be useful.

     

    -Christian



  • 3.  Re: CA PAM Support CA Client Automation

    Posted Mar 16, 2017 02:03 PM

    Maybe I did not expressed my self well.

     

    My question goes more if we will be able to support CA Client Automation (remote control) as a method in CA PAM as we support VNC and RDP, this is because we have some customers that already have CA Client Automation and just acquired CA PAM and would like to manage this remote connection with CA PAM.



  • 4.  Re: CA PAM Support CA Client Automation

    Broadcom Employee
    Posted Mar 17, 2017 07:57 AM

    Hello Farid,

     

    Please check with the CA Client Automation Team if the remote control utility allows to be launched by a single executable alike putty or vnc.

    Also it is necessary that the executable allows to take login credentials and destination address of the target box you want to connect to as a command line option.

    In this case you should not find any issue to configure the Viewer of the CA Client Automation as a TCP Service in CA PAM and assign relevant policies to transparently login to the remote box with the credentials configured.



  • 5.  Re: CA PAM Support CA Client Automation

    Posted Jul 25, 2017 02:44 PM

    Hi Andreas, I think it would not be a problem to execute the remote client defining a TCP Service, what I don't think we are able to do is record the session, and that is what the customer needs.