Bomgar Privileged Access Management Admin Guide PDF
Preview Bomgar Privileged Access Management Admin Guide
Privileged Access Administrative Interface 16.1 ©2016BomgarCorporation.Allrightsreservedworldwide.BOMGARandtheBOMGARlogoaretrademarksofBomgarCorporation;othertrademarksshownarethepropertyoftheirrespectiveowners. TC:11/29/2016 PRIVILEGEDACCESSADMINISTRATIVEINTERFACE16.1 Table of Contents BomgarPrivilegedAccessAdminInterface 4 LogintothePAAdministrativeInterface 5 Status 6 Information:ViewBomgarPrivilegedAccessSoftwareDetails 6 Users:ViewLoggedInUsersandSendMessages 8 What'sNew:SeeSoftwareReleaseDetails 9 MyAccount:ChangePasswordandUsername,DownloadtheAccessConsoleand OtherSoftware 10 Configuration 13 Options:ManageConnectionOptions,RecordSessions,SpeedUpSessions 13 Teams:GroupUsersintoTeams 16 Jump 18 JumpClients:ManageSettingsandInstallJumpClientsforEndpointAccess 18 JumpPolicies:SetSchedules,Notifications,andApprovalsforJumpItems 24 Jumpoint:SetUpUnattendedAccesstoaNetwork 28 JumpShortcuts:MassImportShortcutstoJumpItems 34 EndpointAnalyzer:ReportonOpenPortsonEndpoints 35 AccessConsole 36 AccessConsoleSettings:ManageDefaultAccessConsoleSettings 36 CustomLinks:AddURLShortcutstotheAccessConsole 40 CannedScripts:CreateScriptsforScreenSharingorCommandShellSessions 41 SpecialActions:CreateCustomSpecialActions 43 UsersandSecurity 45 Users:AddAccountPermissionsforaUserorAdmin 45 UserAccountsforPasswordReset:AllowUserstoAdministerPasswords 54 AccessInvite:CreateProfilestoInviteExternalUserstoSessions 56 SecurityProviders:EnableLDAP,ActiveDirectory,RADIUS,andKerberosLogins 57 SessionPolicies:SetSessionPermissionandPromptingRules 68 [email protected]|866.205.3650(US)|+44(0)1628480210(UK/EMEA)BOMGAR.COM 2 ©2016BomgarCorporation.Allrightsreservedworldwide.BOMGARandtheBOMGARlogoaretrademarksofBomgarCorporation;othertrademarksshownarethepropertyoftheirrespectiveowners. TC:11/29/2016 PRIVILEGEDACCESSADMINISTRATIVEINTERFACE16.1 GroupPolicies:ApplyUserPermissionstoGroupsofUsers 73 KerberosKeytab:ManagetheKerberosKeytab 82 Reports:ReportonSessionActivity 83 Management 85 SoftwareManagement:DownloadaBackup,UpgradeSoftware 85 Security:ManageSecuritySettings 87 SiteConfiguration:SetHTTPPorts,EnablePrerequisiteLoginAgreement 90 EmailConfiguration:ConfiguretheSoftwaretoSendEmails 91 OutboundEvents:SetEventstoTriggerMessages 93 Failover:SetUpaBackupApplianceforFailover 96 APIConfiguration:EnabletheXMLAPIandConfigureCustomFields 99 Support:ContactBomgarTechnicalSupport 102 PortsandFirewalls 103 Disclaimers,LicensingRestrictionsandTechSupport 104 [email protected]|866.205.3650(US)|+44(0)1628480210(UK/EMEA)BOMGAR.COM 3 ©2016BomgarCorporation.Allrightsreservedworldwide.BOMGARandtheBOMGARlogoaretrademarksofBomgarCorporation;othertrademarksshownarethepropertyoftheirrespectiveowners. TC:11/29/2016 PRIVILEGEDACCESSADMINISTRATIVEINTERFACE16.1 Bomgar Privileged Access Admin Interface Thisguideoffersadetailedoverviewof/loginandisdesignedtohelpyouadministerBomgarusersandyourBomgarsoftware.The BomgarApplianceservesasthecentralpointofadministrationandmanagementforyourBomgarsoftwareandenablesyoutolog infromanywherethathasinternetaccessinordertodownloadtheaccessconsole. UsethisguideonlyafteranadministratorhasperformedtheinitialsetupandconfigurationoftheBomgarApplianceasdetailedin theBomgarApplianceHardwareInstallationGuide.OnceBomgarisproperlyinstalled,youcanbeginaccessingyourendpoints immediately.Shouldyouneedanyassistance,pleasecontactBomgarTechnicalSupportathelp.bomgar.com. [email protected]|866.205.3650(US)|+44(0)1628480210(UK/EMEA)BOMGAR.COM 4 ©2016BomgarCorporation.Allrightsreservedworldwide.BOMGARandtheBOMGARlogoaretrademarksofBomgarCorporation;othertrademarksshownarethepropertyoftheirrespectiveowners. TC:11/29/2016 PRIVILEGEDACCESSADMINISTRATIVEINTERFACE16.1 Log into the PA Administrative Interface Login Logintotheuseradministrativeinterfacebygoingtoyourappliance’sURLfollowedby/login.Theuseradministrativeinterface enablesadministratorstocreateuseraccountsandconfiguresoftwaresettings. Althoughyourappliance’sURLcanbeanyregisteredDNS,itwillmostlikelybeasubdomainofyourcompany’sprimarydomain (e.g.access.example.com/login). DefaultUsername:admin DefaultPassword:password Note:Forsecuritypurposes,theadministrativeusernameandpasswordusedforthe/applianceinterfacearedistinctfromthose usedforthe/logininterfaceandmustbemanagedseparately. Note:Iftwofactorauthenticationhasbeenenabledforyouraccount,entertheemailcodeyouhavereceived.Ifyouenterthe emailcodeincorrectlythreeconsecutivetimes,youwillhavetore-enteryourcredentialsandgetanewemailcode. Formoreinformation,seeLogintothePA. UseIntegratedBrowserAuthentication IfKerberoshasbeenproperlyconfiguredforsinglesign-on,youcanclickthelinktouseintegratedbrowserauthentication,allowing youtoenterdirectlyintothewebinterfacewithoutrequiringyoutoenteryourcredentials. Forgotyourpassword? Ifpasswordresethasbeenenabledfromthe/login>Management>Securitypage,thislinkwillbevisible.Toresetyour password,clickthelink,enteryourusername,andthencorrectlyansweryoursecurityquestion.Adminscannotresettheir passwordsusingthesecurityquestion. Login Agreement Administratorsmayrestrictaccesstotheloginscreenbyenablingaprerequisiteloginagreementthatmustbeconfirmedbeforethe loginscreenisdisplayed.Theloginagreementcanbeenabledandcustomizedfromthe/login>Management>Site Configurationpage. [email protected]|866.205.3650(US)|+44(0)1628480210(UK/EMEA)BOMGAR.COM 5 ©2016BomgarCorporation.Allrightsreservedworldwide.BOMGARandtheBOMGARlogoaretrademarksofBomgarCorporation;othertrademarksshownarethepropertyoftheirrespectiveowners. TC:11/29/2016 PRIVILEGEDACCESSADMINISTRATIVEINTERFACE16.1 Status Information: View Bomgar Privileged Access Software Details SiteStatus ThemainpageoftheBomgarPrivilegedAccess/logininterfacegivesanoverviewofyourBomgarAppliancestatistics.When contactingBomgarTechnicalSupportforsoftwareupdatesortroubleshootingpurposes,youmaybeaskedtoemailascreenshotof thispage. TimeZone Anadministratorcanselecttheappropriatetimezonefromadropdown,settingthecorrectdateandtimeoftheapplianceforthe selectedregion. Total JumpClientsAllowed ViewthetotalnumberofactiveandpassiveJumpClientswhichareallowedonyoursystem.Thisnumberisdeterminedbyyour BomgarAppliancehardwarecapacity. Maximum ConcurrentUsers Viewthemaximumnumberofuserswhocanbeloggedintotheaccessconsoleatthesametime.Thisnumberisdeterminedby yourBomgarAppliancehardwarecapacity. EndpointLicenses ViewthenumberofendpointlicensesavailableonyourBomgarAppliance.EndpointsincludeJumpClients,RemoteJump shortcuts,LocalJumpshortcuts,RDPshortcuts,andShellJumpshortcuts.Ifyouneedmoreendpointlicenses,contactBomgar Sales. EndpointsConfigured ViewthenumberofendpointsconfiguredonyourBomgarAppliance.EndpointsincludeJumpClients,RemoteJumpshortcuts, LocalJumpshortcuts,RDPshortcuts,andShellJumpshortcuts. DownloadLicenseUsageReport Downloadazipfilecontainingdetailedinformation(Englishonly)onyourBomgarlicenseusage.ThisfilecontainsalistofallJump Items(notcountinguninstalledJumpClients),dailycountsforJumpItemoperationsandlicenseusage,andasummaryforthe BomgarApplianceanditsendpointlicenseusageandchurn. [email protected]|866.205.3650(US)|+44(0)1628480210(UK/EMEA)BOMGAR.COM 6 ©2016BomgarCorporation.Allrightsreservedworldwide.BOMGARandtheBOMGARlogoaretrademarksofBomgarCorporation;othertrademarksshownarethepropertyoftheirrespectiveowners. TC:11/29/2016 PRIVILEGEDACCESSADMINISTRATIVEINTERFACE16.1 Restart YoucanrestarttheBomgarsoftwareremotely.RestartyoursoftwareonlyifinstructedtodosobyBomgarTechnicalSupport. ClientSoftwareIsBuilttoAttempt ThisisthehostnametowhichBomgarclientsoftwareconnects.Ifthehostnameattemptedbytheclientsoftwareneedstochange, notifyBomgarTechnicalSupportoftheneededchangessothatSupportcanbuildasoftwareupdate. ConnectedClients ViewthenumberandtypeofBomgarsoftwareclientsthatconnectedtoyourBomgarAppliance. FormoreinformationabouttheBomgarAppliance,seePrivilegedAccessApplianceOverview. [email protected]|866.205.3650(US)|+44(0)1628480210(UK/EMEA)BOMGAR.COM 7 ©2016BomgarCorporation.Allrightsreservedworldwide.BOMGARandtheBOMGARlogoaretrademarksofBomgarCorporation;othertrademarksshownarethepropertyoftheirrespectiveowners. TC:11/29/2016 PRIVILEGEDACCESSADMINISTRATIVEINTERFACE16.1 Users: View Logged In Users and Send Messages Logged In Users Viewalistofusersloggedintotheaccessconsole,alongwiththeirlogintimeandwhethertheyarerunninganysessions. Terminate Youcanterminateauser'sconnectiontotheaccessconsole. SendMessagetoUsers Sendamessagetoalllogged-inusersviaapop-upwindowintheaccessconsole. Extended AvailabilityUsers Viewuserswhohaveextendedavailabilitymodeenabled. Disable Youmaydisableauser'sextendedavailability. [email protected]|866.205.3650(US)|+44(0)1628480210(UK/EMEA)BOMGAR.COM 8 ©2016BomgarCorporation.Allrightsreservedworldwide.BOMGARandtheBOMGARlogoaretrademarksofBomgarCorporation;othertrademarksshownarethepropertyoftheirrespectiveowners. TC:11/29/2016 PRIVILEGEDACCESSADMINISTRATIVEINTERFACE16.1 What's New: See Software Release Details What'sNew EasilyreviewBomgarfeaturesandcapabilitiesnewlyavailablewitheachrelease.Learningaboutnewfeaturesastheybecome availablecanhelpyoumakethemostofyourBomgardeployment. ThefirsttimeyoulogintotheadministrativeinterfaceafteraBomgarsoftwareupgrade,theWhat'sNewpagewillreceivefocus, alertingyouthatnewfeaturesareavailableonyoursite.Youmustbeanadministratortoviewthistab. [email protected]|866.205.3650(US)|+44(0)1628480210(UK/EMEA)BOMGAR.COM 9 ©2016BomgarCorporation.Allrightsreservedworldwide.BOMGARandtheBOMGARlogoaretrademarksofBomgarCorporation;othertrademarksshownarethepropertyoftheirrespectiveowners. TC:11/29/2016 PRIVILEGEDACCESSADMINISTRATIVEINTERFACE16.1 My Account: Change Password and Username, Download the Access Console and Other Software Bomgar AccessConsole ChoosePlatform Choosetheoperatingsystemonwhichyouwishtoinstallthissoftware.Thisdropdowndefaultstotheappropriateinstallerdetected foryouroperatingsystem. BomgarPrivilegedWebConsole Launchtheprivilegedwebaccessconsole,aweb-basedaccessconsole.Accessremotesystemsfromyourbrowserwithout havingtodownloadandinstallthefullaccessconsole. DownloadBomgarAccessConsole DownloadtheBomgaraccessconsoleinstaller. Forsystemadministratorswhoneedtopushouttheconsoleinstallertoalargenumberofsystems,theMicrosoftInstallercanbe usedwithyoursystemsmanagementtoolofchoice.Inyourcommandprompt,whencomposingthecommandtoinstalltheconsole usinganMSI,changetothedirectorywheretheMSIwasdownloadedandenterthecommandincludedontheMyAccountpage. YoucanincludeoptionalparametersforyourMSIinstallation. INSTALLDIR=acceptsanyvaliddirectorypathwhereyouwanttheconsoletoinstall. l RUNATSTARTUP=accepts0(default)or1.Ifyouenter1,theconsolewillruneachtimethecomputerstartsup. l ALLUSERS=accepts“”or1(default).Ifyouenter1,theconsolewillinstallforallusersonthecomputer;otherwise,itwill l installonlyforthecurrentuser. SHOULDAUTOUPDATE=1Ifyouinstallforonlythecurrentuser,youcanchoosetohavetheconsoleautomaticallyupdate l eachtimethesiteisupgradedbyenteringavalueof1;avalueof0(default)willnotauto-update,andtheconsolewillneed tobemanuallyreinstalledwhenthesiteisupgraded.Ifyouinstalltheconsoleforallusers,itwillnotauto-update. Bomgar VirtualSmart Card Toattemptvirtualsmartcardauthentication,theBomgarusermusthavetheBomgarvirtualsmartcarddriverinstalled.The computerbeingaccessedmustberunninginelevatedmode.Also,eitheritmusthavetheBomgarendpointvirtualsmartcarddriver installed,oritmustbeaccessedbytheJumpTofunctionalityoftheaccessconsole.Formoredetailsandrequirements,seethe SmartCardsforRemoteAuthenticationdocument. [email protected]|866.205.3650(US)|+44(0)1628480210(UK/EMEA)BOMGAR.COM 10 ©2016BomgarCorporation.Allrightsreservedworldwide.BOMGARandtheBOMGARlogoaretrademarksofBomgarCorporation;othertrademarksshownarethepropertyoftheirrespectiveowners. TC:11/29/2016
Description:The list of books you might like
