Iraje Time Based Access manual version 7.5
Iraje PAM supports Time Based Access module. Time-based Access is a special process in which user requests for access at a scheduled time of the day or within a scheduled time interval, which is then granted by the PAM admins if the request is valid and appropriate.
By providing users enough access at just the right times,organizations can reduce the attack surface by providing privileged access for no longer than necessary and also reduce operational overhead and management.
End Users | Admins Using Iraje PAM
Category of Time-Based Access
Iraje PAM offers two types of Time-Based Access module:
Iraje PAM provides facility where Super or Group admin PAM users are notified for below activities:
TBA for Devices or Connections:
Time-Based Access for devices is the process where the user sends request through Access Control Directory to access a particular device which is not allocated to him/her. It is the decision of the PAM admin whether to grant or reject the access to the user. If request is granted, then the user will be able to access the device for that time interval.
TBA for Users on the PAM Portal:
Time-Based Access to users on the portal, is the method where the PAM admin defines a time period for the user to access the Iraje PAM dashboard.
Request flow for Time Based Access for a Device
Step 1: Go to ‘Access Control Directory’
Step 2: Click on 'Directory Access'
Step 3: Select the 'Group' and Click on ‘Connection Request’
Step 4: Enter the required details in the fields and click on ‘Request’.
Step 5: Click on 'Request' and then on 'OK'
Step 6: Email or SMS alert is sent to the PAM Admins to approve the User request
Step 7: Once the PAM Admins approves the request, user will be able to view the connection & access the same via PAM
Request flow for Time Based Access for a Portal
Step 1: Go to ‘Access Control Manager’
Step 2: Click on ‘Directory Access’
Step 3: Select on ‘ADMIN ‘and click on ‘Connect’
Step 4: Click on ‘Manage User’ Option
Step 5: To enable TBA for Iraje Portal, we need to define 4 things