Iraje PAM Alerts manual V7.5
Iraje PAM provides Alerts which helps notifying the Super and Group admins and highlighting the users trying to do a specific activity on the devices or accessing the server outside PAM.
The functionality provides transparency to the super admins on identifying unauthorized access by users ensuring secure, authorized and controlled access to target systems. The solution minimizes the risk surface by providing deepest levels of granular control over data controllers and data processors.
The purpose of Alert is to have preventive measures in PAM and to identify the cause for the incident. Admin Options are the most critical settings for Iraje PAM. Every feature in Iraje PAM Solution is enabled or disabled from here.
Authentication Mode, 2Factor Authentication, Connection Access method, Warn Password Expiry, Enable Backup User, Allow Password and Connection Request, Setting Password Expiry days, Setting ACP scheduling period, Configuring Email and SMS gateways for alerts, Version path, Defining PAM server, Number Validation Enforced, Access level, Auto Log Cleanup period and various other tabs are configured here
Critical Module access is only for Admins which is enabled by Val codes provided Iraje PAM Solutions on request. The Settings are only applicable or saved when approved by maker-checker admins.
Super Admins | Information Security Team
Operating Procedure for Alerts
Step 1: Enter Username and Password, select Domain and Authentication method and click on Sign-In
Step 2: Click on 'Access Control Manager'
Step 3: Click on 'Directory Access'
Step 4: Select ‘ADMIN’ in select 'Group '
Step 5: Go to 'Admin 'Options
Step 6: Enable alert checkbox and as per client requirement enable SMS & email alerts.
Step 7 : The below window will pop up, displaying different type of alerts.
List of Critical Security Alerts in Iraje PAM
Devices marked as sensitive can be alerted when they are accessed through Iraje PAM.
2 Maker Checker All Maker Checker activities can be alerted when done through Iraje PAM.
All work flow approvals can be alerted when done through Iraje PAM.
Commands that are restricted in Iraje PAM when executed on the devices can be alerted.
The opening of passwords through Iraje PAM can be alerted.
Whenever a password is changed from Iraje PAM or Auto Change Password is triggered from Iraje PAM it can be alerted.
EMS [Element Management System]:
The critical elements of CPU, Storage and Memory can be alerted when the set thresholds are crossed.
PIM Login by Outside Agent:
Unauthorized access to target devices bypassing Iraje PAM can be alerted.
If the agent is tampered an alert will go to the super admins.
Any setting changes in the admin options can be alerted.
If Access Control Manager is tampered this alert is sent.
Whenever a replication service fails an alert goes out to the super admin
Sample Iraje PAM Alerts
Bypass Alerts (PIM Login by Outside Agent)
Work Flow Alerts