Symantec Privileged Access Management

Hi,
We are planning to deploy CA PAM in VMware platform.What will be the most recommended deployment(DMZ or behind a VPN or anything else).
Also we are buying 5 CA PAM appliance.What will be best practice for placing the appliance(eg: [DC1-4 (Pre-prod(1), Prod(3)], DC2-1(Prod)).

Original Message------

Hi,
We are planning to deploy CA PAM in VMware platform.What will be the most recommended deployment(DMZ or behind a VPN or anything else).
Also we are buying 5 CA PAM appliance.What will be best practice for placing the appliance(eg: [DC1-4 (Pre-prod(1), Prod(3)], DC2-1(Prod)).

Thanks Andreas for the help.
Original Message:
Sent: 11-26-2019 11:17 AM
From: Andreas Müller
Subject: Product Deployment and cluster recommendation

Hello Inbaselvan,

 

Deployment very much depends how users connect to the PAM appliance, e.g. if PAM runs on-premises it is typically placed Behind a Firewall.

All communication from Clients to the appliance go over a single communication port (https) while the firewall blocks all other ports to prevent access to the target systems in any other way than via PAM.

 

Please see also our documentation

 

Product Deployment Infrastructure

 

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-3-1/deploying.html

 

Best Regards,

Andreas

 

Original Message------

Hi,
We are planning to deploy CA PAM in VMware platform.What will be the most recommended deployment(DMZ or behind a VPN or anything else).
Also we are buying 5 CA PAM appliance.What will be best practice for placing the appliance(eg: [DC1-4 (Pre-prod(1), Prod(3)], DC2-1(Prod)).