A client is using Terminal Servers to access their customer environments through an RDP connection.
Each customer is on a private VLan.
If they want to use PAM to take care of the privileged accounts and have the ability to monitor activity, do they need to enable a PAM appliance for each TS connection (VLAN) or can this be monitored by 1 single PAM appliance ?
Also in order to monitor further activities on the TS, which additonal components are required ? (PAM Server control)
I think if I am reading this correctly, you just need 1 appliance and the different VLANs would be different policies. I also would think you would need to setup separate user "Delegated Administrator" groups to separate the users/devices from each client.