Symantec Privileged Access Management

  • 1.  PAM Server Control -

    Posted Jul 23, 2018 12:28 PM

     Pre-Requisites - I cannot find a detailed list of pre-requisities to provide to a client for a new install of PAM SC. DocOps only has high-level....anyone have this? Thanks in advance!



  • 2.  Re: PAM Server Control -
    Best Answer

    Posted Jul 25, 2018 09:00 AM

    Hi Elizabeth,

     

    We have this in our documentation so we need to understand what is missing or not low level. We list packages required for the product and other items (e.g., https://docops.ca.com/ca-privileged-access-manager-server-control/14-1/en/implementing/install-ca-privileged-access-mana…)

     

    You can see we show how to verify system architecture, modifying the /etc/hosts file for routing, allowing inbound and outbound traffic by enabling the relevant ports on the firewall, and we also provide a detailed list of RPM packages that are needed before applying PAMSC.

     

    Is there a particular request that needs added clarification?

     

    Thanks,

    Eric



  • 3.  Re: PAM Server Control -

    Posted Aug 02, 2018 02:15 PM

    H Eric, 

     

    Thank you very much. For some odd reason, I cannot get to your link....it says "forbidden" However, I think it is the same as what is in DocOps....which I have reviewed. Here is what Mihajlo put together to provide to the client. This was what I was looking for. Something that could be easily digested by the client to prepare for installation. 

     

     

     PAM SC Installation Checklist - Core Setup

     

    CA PAM SC Software

     

    * Software Version:

    14

    * Software Downloaded:

    3rd Party Components

    PAM SC Server Install

    PAM SC Endpoints Windows

    PAM SC Endpoints UNIX

    PAM SC Report Server

    CA Directory

    * License Obtained:

     N/A

     

     

    CA PAM SC ENTM Database

     

    * DB Host Server Provisioned (FQDN)

    * DB Server Installed and configured

    * DB user for PAM SC provisioned

    * PAM SC database name

    * PAM SC account name

     

    * PAM SC account password

     

    CA PAM SC Report Server Database

     

    * DB Host Server Provisioned (FQDN)

    * DB Server Installed and configured

    * DB user for PAM SC RS provisioned

    * PAM SC RS database name

    * PAM SC RS account name

     

    * PAM SC RS account password

     

     

     

    Firewall Ports

     

    * PAM SC Distribution Server to PAM SC Endpoints

    * PAM SC Server Connections

    ENTM to DB

    ENTM to DS

    ENTM to Report Server

    Active Directory / LDAP

     

    * Domain Controller / Server Name:

     

    * Port: 389/636

    * Bind User Name (full DN):

     

    * Bind User Password:

     

    * ENTM Admin User Name – System Manager(full DN):

     

    * ENTM Admin User Password:

     

    * Domain Name:

     

    PAM SC ENTM Server

    * Host Server Provisioned

    * Location:

    * Hostname:

     

    * IP Address:

     

    * Installation drive and folder name:

    JDK

    ActiveMQ

    JBOSS

    ENTM

     

    PAM SC Distribution Server 1

    * Host Server Provisioned

    * Location:

    * Hostname:

     

    * IP Address:

     

    * Installation drive and folder name:

    JDK

    ActiveMQ

    JBOSS

    DS

     

    PAM SC Distribution Server #N (copy for additional DS servers)

    * Host Server Provisioned

    * Location:

    * Hostname:

     

    * IP Address:

     

    * Installation drive and folder name:

    JDK

    ActiveMQ

    JBOSS

    DS

     

    PAM SC Report Server

    * Host Server Provisioned

     

    * Location:

     

    * Hostname:

     

    * IP Address:

     

    * Installation drive and folder name:

     

    CA Directory Server

    * Host Server Provisioned

    * Location:

    * Hostname:

     

    * IP Address:

     

    * Installation drive and folder name:

     

     

     PAM SC Configuration Checklist – Advanced Configuration

     

    SYSLOG / SIEM / splunk

     

    * Server Name:

     

    * Port:

     

     

     

    1.1.                    PAM SC Configuration Checklist – Managed Endpoints

     

    Managed Endpoint / Server Name / IP

    Device Type/OS

     

    UNIX

     

    Windows