Iraje Dashboard manual version 8

Introduction

This document is the user manual for the Dashboard. It explains all the Dashboard modules and how to use them. The dashboard modules are all role based.
There are 3 roles in Iraje PAM.

  • Admin – Access Control Directory module [SSO module for users]

  • Group Admin – Access Control Directory & Access Control Manager modules [for group Admins]

  • Super Admin – All modules to manage the solution. [Overall PAM Admins]

The Dashboard is the point of entry which helps to securely access the Infrastructure post the 2 factor authentication. First is the AD authentication and the second is the 2FA.

Purpose

Train the users on how to use the Iraje PAM Dashboard and use the modules within the Dashboard. This manual will help the users get familiar with the Iraje PAM application and how to use it effectively in their environment.

Target Audience

End Users | Admins Using Iraje PAM

Iraje PAM Login Page

Iraje PAM supports web based login for user authentication. By default it runs on https & port is 443, we can customize the default port as per client’s wish list.

Domain Integration using LDAP protocol

Iraje PAM supports multiple domain integration without using any agent on client domain controller. that authenticates the vendor id using Iraje DC instead of creating the vendor id in client domain.

Multi Factor Authentication

Iraje supports multiple two factor authentication method to login into PAM application

For example: Mobile & Email OTP, Biometrics, Google Authentication, RSA & Digipass OTP.

Evidently, there are 2 Multi factor authentication methods

Mobile & Email OTP: End User will receive an OTP via email/SMS at Web based login or Application level.

Google Authenticator: For the first time the user needs to scan the QR Code for the registration of Google authentication

FAQ’s

On the login page we have help & support menu which provides a list of FAQs for te end user if they have any queries regarding PAM issue.

Iraje PAM Home Page

The user will login into the dashboard using his ID & Password, select the Domain & use Multi-Factor Authentication.

After login, the user will be redirected to Iraje Dashboard as seen below.

Iraje PAM has 3 levels of roles in PAM:

  • Admin

  • Group Admin

  • Super Admin

According to user’s role the dashboard is available to the User.

On the Right hand side of the user login, self-support options are available for the users.

Options

Help & Support

In this menu option, User can view Manuals & FAQs related to Iraje PAM.

In the case of operating systems and computer server software, patches have the particularly important role of fixing security holes. To facilitate updates, operating systems often provide automatic or semi-automatic update facilities.

Troubleshooter & Terminal-Logoff

Terminal-Logoff: By using this feature, users can logoff his/her own PAM websso session

Troubleshooter: This option is available to the Super Admin only; by using this option Admin can troubleshoot the PAM issue before logging the ticket to Iraje support team. This option is designed to provide self-support to the client. This reduces the support ticket @ OEM level.

  • Port Checker: It is used to check if a port is working or open on the server.

  • Host Checker: It is used to check host name for a specific IP address.

  • Reboot PAM: It is used to Restart PAM.

  • RDP Troubleshooting: It is used when any user faces RDP related issue while accessing servers.

  • Troubleshooting: It is used when client/s are facing OTP issues

  • DB Troubleshooting: It is used to restart the database services.

Access Control Directory

The main purpose of Access Control Directory is to get access to connections from PAM. We can also integrate 2nd factor authentication i.e. OTP at Access Control Directory Level.

This module is explained in detail in Access Control Directory (ACD) Manual. This is also called the 3rd Factor authentication at the device level.

Access Control Manager

The main purpose of ACM is as follows:

  • User Configuration

  • Group Mapping

  • Connection Configuration

  • Access Control to connections

  • Admin options configuration

  • Logs

This is explained in detail in Access Control Manager (ACM) Manual.

Admin Discovery

The main purpose of Admin Discovery is to get the details of admins which are configured (added in PAM) and not configured (which are not added). The functioning takes place in Access Control Manager > Discover ACM & the result is populated in Admin discovery on the dashboard.

This module helps discover hidden admin accounts in the organization that needs to be either deleted, disabled or onboarded in PAM. It maintains a history of the scans also, for audit purposes.

This module is critical to security and the discovery scans can be done on the fly or on demand to discover hidden admins in the organization

This module also helps in getting the inventory of admin IDs present on the devices.

Click on Admin discovery, it will display list of admins inside PAM & outside PAM.

This module is critical to security and is an agentless module in discovering hidden admin accounts on the target devices.

Video on Demand (VOD)

The main purpose of this module is to get video logs of users configured in PAM. This module helps to do audit and forensic in case of any incidents

When you click on video on demand, the below screen appears then Click on Open Remote app_launcher

There are 2 Tabs on the Top Left, Live Tab and the Gallery Tab.

  • Live Session Viewing:

    Displays videos of all users which are currently live/ active on PAM.

  • Recorded Sessions in Gallery module:

    Displays past videos of users who have accessed target devices through PAM. These videos are sorted by users and can be searched on PAM by using the filters below.

    • Username

    • Session Start Date

    • Session End Date

    • File Size

    • Source IP Address

There are many features within Video on Demand module like Command based searching, Live Termination, Video Indexing & Video replaying from the point of command entered.

Global Command Search Within Videos

In the screen below a command is put in the text search box. When the search button is pressed, it scans through the thousands of videos and displays list of videos where command was executed.

You can see the yellow highlighted row where is shows the command searched was executed. The video can now be played directly from the command executed time.

Live Termination

We can terminate live session of user’s by clicking on X. Once this button is pressed, the user session gets disconnected and the user is logged off. If required, the user can be further stop accessing any module by disabling his/her ID from the Access Control Manager module.

The admin will be asked to confirm if he/she is sure to disconnect the live user.

Once confirmed, the live user session will be terminated.

Video Replay from the point command has been entered

We can replay a video recording from the time the command is entered Clicking on the play button.

Auto Video Archival/ Scheduled Backups

All videos which are recorded get stored on the D drive of the server. This utilizes the storage of that drive and possibly there will be no empty space after some point of time. So Customer specifies a backup drive (also known as map drive), where all the video recording data is moved to free some space on D drive. This is automatically done by a scheduler where the retention period is configured.

As per the client’s requirement we move the video recording data onto the specified map drive provided by the client. The period of time for the data to be moved onto the map drive is also mentioned by the client. Example: Client wants last 90 day’s data to be moved on the map drive.

Cockpit

This is a 4 blocker for the CXO of the organization. Its for giving a LIVE dip stick of the status of their DC/DR being accessed through PAM.

This module gives the following data Live to the Executive

  • Live user status

  • Live usage details

  • Live command execution

  • Live CPU utilization

Live user status

It provides live details about users which are active and disconnected in the form of a pie chart. You can also have a look at the active users or the disconnected users by clicking on Active and Disconnected respectively.You can view live details in the form of a report as well. Click on Active users on the pie chart to view live report for Active users.

Live Usage Details

It provides live details about those devices that are accessed by different users at that point in time.

Live CPU Utilization

It provides Live details about CPU Utilization, RAM Usage, C Drive & D Drive Usage

Live Command Execution

It provides details about all the Commands executed on a connection by the user currently with timestamp. The latest command will come on the top and will keep going down as the new commands get executed. It will give and effect of a live stock ticker as the commands keep getting executed.

i–collab

i–Collab helps users to connect to a computer remotely. A secure tool is there to share and collaborate remote access of PAM session for IT admin users.

The Super Admins can select any user session the need to access from the ongoing session list. On clicking ‘Connect’, a request will be sent to the end user to Accept/Reject the session. The user can collaborate the end user session without using any remote tools.

It shows all the activities of the PAM admin user. If you want some specific data, then you can search and sort data as per request. You can even export this data into an Excel sheet by clicking on Excel button.

Access Control Master

This section is subdivided into two parts. They are as follows

    Access Control Master

    It shows the list of users which are mapped to a particular group and different privileges assigned to the user in that group.

    This module gives the details of who has what rights on the PAM solution. Who can add a user, who can add a new device, who can view the logs and who can do the change passwords from PAM.

    Connection Master

    This module is basically the entire role based access chart of the organization in the PAM solution. Every admin user configured in PAM and what all device accesses they have. The second column shows the list of devices and the horizontal header shows the list of users. The report can be downloaded in excel and used for further analysis. The report will give data in terms of who has access to what all devices from PAM. Once the solution is enforced in the organization, this report becomes the master report for all accesses within the organization.

Sync Center

The main purpose of this module is to sync the connections which are in sync and which are out of sync

  • Scan Status

  • Sync Status

  • On Demand Scan

  • Sync Center Setting

Scan Status

First the user clicks on the Sync Center module. Then the user clicks on the Scan Status Tab highlighted below. This shows status of connections, whether they are working or not. A green tick indicates that a connection is working. A red tick indicates that a connection is out of sync.

Sync Status

The second tab is the Sync Status. It displays the connections which were successfully synced.

On Demand Scan

The third tab is the On Demand Scan. This module scans the connections and allows the admin to either just do a scan or do a scan and sync automatically.

Sync Center Setting

The last tab is setting module. It lets you scan and sync connections on a daily, weekly or monthly basis. This ensures that all your devices are in sync all the time.

Reports

The main purpose of this module is to get detailed report which will be used for auditory purpose. You can export the data into an Excel sheet by clicking on Excel button. There are many reports generated for user and admin both. Some of the types of reports generated are as follows

  • Access Reports

  • System Reports

  • Audit Reports

  • Compliance Reports,etc.

The above are mentioned in detail in Reports Manual. A detailed manual on all the reports and its uses is available separately.