Symantec Privileged Access Management

 View Only
  • 1.  Website activity monitoring

    Posted Mar 31, 2020 04:46 PM
    Hi All,

    Need your help on some PAM setup. We have a requirement to record all activity some users perform on a website.

    Already tried with an HTML Web SSO TCP/UPD service and was able to authenticate into the application, but it doesn't record user activity.

    As an alternative I am trying now to setup a Transparent Login to a Windows Terminal server to open a web browser, have PAM inject the website credentials and record the entire session.

    I am following this guide: https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-2-4/implementing/configure-policies-to-provision-user-access-to-devices-and-applications/configure-devices/setting-up-transparent-login/set-up-transparent-login-for-rdp-servers.html

    I was able to connect to the target server, open the Learn Tool but I am having a hard time to create the transparent login configuration file. If anyone can provide an transparent login configuration file to interact with Internet Explorer I would appreciate that.

    Thank you,


  • 2.  RE: Website activity monitoring
    Best Answer

    Broadcom Employee
    Posted Mar 31, 2020 08:34 PM
    Edited by Christopher Hackett Apr 03, 2020 05:53 PM
    Pedro

    Have you tried setting recording on the policy. You can record "web sessions" in a similar manner we record things like RDP. Configuring Transparent login just to do the same may be over doing this.

    Additionally you may have to select "CA PAM Browser" to use our built in browser but you can use the same auto login method you selected in IE

    Joe


  • 3.  RE: Website activity monitoring

    Posted Apr 01, 2020 08:43 AM
    Great! Didn't know web sessions could be recorded. That's what I needed.


  • 4.  RE: Website activity monitoring

    Posted Apr 03, 2020 02:04 PM
    Edited by Pedro Fernandez Apr 03, 2020 02:05 PM
    I'm having some trouble using the automatic web login, I was able to configure it using the learning mode. Sometimes it works and injects the website credentials correctly and sometimes the browser gets stucked on the login page of the website and gives the error "Auto login timeout expired, possibly due to wrong credentials." Looks like it fails to inject the credentials on the login page, I have verified the credentials and they are correct.

    I have tested it with session recording enabled and disabled and get same results.

    I have configured the TCP Service like this:
    - Application Protocol: Web Portal
    - Auto Login Method: CA PAM HTML Web SSO
    - Browser Type: CA PAM Browser
    - Route Through CA PAM: yes (checked)
    - Access List: *

    Any thoughts about what could be causing this issue?




  • 5.  RE: Website activity monitoring

    Broadcom Employee
    Posted Apr 04, 2020 05:26 PM
    Pedro

    On your first post you mentioned "HTML Web SSO TCP/UPD service and was able to authenticate "  So I believe the "SAML2.0 SSO POST" authentication should work the same through the native browser as it does the PAM browser,, I would try that as it is a little different than "CA PAM HTML Web SSO" and even "CA PAM HTTP Web SSO" . If you cant get any working I would open a ticket with support.

    Joe Lutz