LogoLogo
3.1.6
3.1.6
  • Getting Started
    • What is Cymmetri?
    • Release Notes
      • 3.0.1-Beta
      • 3.0.2-Beta
      • 3.0.3-Beta
      • 3.0.4-Beta
      • 3.0.5-Beta
      • 3.0.6-Beta
      • 3.0.7-Beta
      • 3.0.8-Beta
      • 3.0.9-Beta
      • 3.0.10-Beta
      • 3.0.11-Beta
      • 3.0.12-Beta
      • 3.1.0 - Product Release
      • 3.1.1-Beta
      • 3.1.2 - Product Release
      • 3.1.3-Beta
      • 3.1.4-Beta
      • 3.1.5-Beta
      • 3.1.6 -Beta
      • 3.1.7 - Product Release
      • 3.0.x Consolidated
      • 3.1.x Consolidated
    • Starting your Cymmetri Trial
    • Admin Dashboard
    • Accessing Cymmetri
    • Supported Web Browsers
    • Cymmetri Error Codes
    • Help
    • Personalization
      • General Config
      • Admins
      • Masters in Cymmetri
      • Personalize Notification Templates
      • Tenant Branding
      • Custom Attributes
      • API Client
      • Batch Tasks
      • API Extension
    • Global Search
  • Identity Hub
    • Managing Users and Groups
      • User Management
      • User Detail
      • Create Users
      • Edit Users
      • Create Groups
      • Importing Users
      • Assigning Users to Groups
      • Delegation
        • Setting up Delegation
        • Delegating Work to Delegatee
        • Accepting Delegation
      • Suspended Users
      • Archived Users
      • All Users Session
    • Authentication
      • Identity Provider
        • Internal IDP
          • Introduction
          • Internal Identity Provider Configuration: Cymmetri
          • Internal Identity Provider Configuration: Active Directory
          • Internal Identity Provider Configuration: LDAP
        • External IDP
          • Introduction
          • External Identity Provider Configuration - Google IDP
          • External Identity Provider Configuration - Azure IDP
          • External Identity Provider Configuration - Salesforce IDP
      • Service Provider
      • Authentication Rules
      • Password Policy
      • Global Auth Policy
      • Adaptive
    • Attribute Setting
    • Password Filter
    • Logs
      • Audit Log
      • Import History
      • Scheduler History
  • Lifecycle Management
    • Application Management
      • Support for Application Management
      • Getting Started
        • Introduction to Application Management
        • Adding Applications to be managed by Cymmetri
        • Assigning Applications to End Users
        • Application Detail
        • Dynamic Forms
        • Configuring Connector Server
        • 360 Degree Recon
      • Provisioning How to
        • Cymmetri Connector List
        • Supported Provisioning Operations
        • Azure Provisioning
        • Active Directory (AD) Provisioning
        • Google Workspace Provisioning
        • LDAP Provisioning
        • Powershell Provisioning
        • REST Connector Provisioning
        • SCIM v2.0 Provisioning with Basic Authentication
        • SCIM 2.0 with Bearer Authentication
        • SCIM 2.0 with Fixed Bearer
        • Github Provisioning
        • ServiceNow Provisioning
        • AMAYA
        • HRMS
          • Darwin Box
        • Database Provisioning
        • CSV Directory (Flat-file)
        • Managing Manual Application Assignments
        • SOAP Connector (XML)
        • Integration with Service Desk Management Systems
      • Reconciliation How to
        • Configuring Reconciliation Process
      • Rules
        • Provisioning
        • Deprovisioning
    • Workflow Management
      • Workflow Configuration
      • Workflow Rules
      • Pending Workflows
      • Workflows List
    • Teams Config
    • Configuring Webhooks
    • On Demand Access
  • Single Sign On
    • Introduction
    • SSO Configuration
      • SAML 2.0 Based SSO
      • API Based SSO
      • OpenID Connect Based SSO
    • Multifactor Authentication(MFA)
      • Introduction
      • Cymmetri Authenticator
      • Push Authenticator
      • Google Authenticator
      • SMS Authenticator
      • Secret Questions
      • FIDO Authenticator
      • Admin MFA Setting
    • Passwordless
      • Introduction
      • TOTP Based
      • OTP Based
      • Consent Based
      • FIDO Based
  • My Workspace
    • Getting Started
      • Introduction
      • First Time User Registration
      • End User Login Process
      • Forgot Password & Unlock Account
      • User Settings
    • How to use the My Workspace
      • Dashboard
      • My Access
      • Inbox
      • Team
      • On Behalf
  • Privileged Access Management
    • PAM Administration
      • Introduction to Privilege Access Management (PAM)
      • How to Access PAM in Cymmetri
      • Sub-Sections of PAM
      • Steps to configure PAM Server
      • Adding a device/ server in PAM
      • Vault User
      • Vaulting Configuration
      • Break Glass Configuration
      • PAM Reports and PAM History
      • Dormancy Disable Config
    • PAM Usage
      • Assign a server to a user
      • Access the server
  • Governance
    • Compliance Management
      • IGA Policy Violations
    • Insights
      • Reports
      • Risk
      • Management Dashboards
        • CISO Dashboard
        • CRO Dashboard
      • Industry Compliance
    • Access Certification
      • Setting up and managing Access Reviews
    • Recommendation Engine
    • Role Management
      • Role Mining
      • Entitlements
      • Managing Roles in Cymmetri
    • Segregation Of Duties (SOD)
  • Self-Service App
  • Analytics
    • Cymmetri Analytics
Powered by GitBook

Cymmetri.com

On this page

Was this helpful?

Export as PDF
  1. Privileged Access Management
  2. PAM Administration

Adding a device/ server in PAM

Was this helpful?

A device or server represents the critical systems within an organization.Servers play a critical role in Privileged Access Management (PAM) solutions, as they are often the targets of unauthorized access by attackers seeking to gain control over critical systems and sensitive data.

PAM solutions manage and control privileged access to these systems. By leveraging PAM solutions to manage privileged access to servers, organizations can improve their security posture, reduce the risk of data breaches, and comply with regulatory requirements.

In Cymmetri it is the Actual Server(Windows or Linux) that the Privileged User will be connecting to using either RDP or SSH.

Cymmetri allows you to add this device/ server.

The steps to add a RDP device or server are as below:

  1. Click on the Devices sub-section on the PAM Page and click on the Add Server Button

  2. This opens up a new window for adding a server and it gives two options: RDP(Remote Desktop Protocol) and SSH(Secure Shell Protocol)., we need to select RDP for a Windows Server and SSH for a Linux Server. Currently we will select RDP as we want to add a Windows Server

  3. When you select RDP a pop up shows up on the right and it asks for 3 details i.e.

    1. Device Label

    2. Hostname and

    3. Username

  4. Device Label represents name of the device/ server and hence has to be unique.

  5. HostName is the actual server name or its ip.

  6. Username represents the actual server username to be used to connect to the server.

  7. We will change these details as given below:

    1. Device Name: Windows RDP Server

    2. Hostname: 65.0.122.207

    3. Username: Administrator

  8. And then click on Add Device button to add the server

  9. To check if the device is correctly added Click on Devices again and you can see the newly added server should be visible as shown below

The steps to add a SSH device or server are as below:

  1. Click on the Devices sub-section on the PAM Page and click on the Add Server Button

  2. Now from the two options available we need to select SSH

  3. A similar popup like in RDP opens up with Device Label prefilled.

  4. We need to change the Device Label, Hostname and Username as given below:

    1. Device Name: Linux SSH

    2. Hostname: 10.0.1.7

    3. Username: kiran

  5. We then click on Add Device to add the Server and it can be seen in list as shown below:

When a device is added it is added with minimum configuration, i.e. Device Label, Hostname and Username. You can further configure the connection and other device related information if it needs to be customized

For configuring the device further the steps are as follows:

  1. Click on the device you want to configure

  2. Click on Settings

  3. A Settings Page opens when you can find numerous options to configure as show below:

  4. Connection Attributes for any device are read-only as show here, but other attributes can be configured

  5. Shown below are the attributes of a device/ server that can be configured: