Symantec Privileged Access Management

  • Private Community
 View Only

  • 1.  Some questions before a scenario of recovery before failure

    Posted Jul 16, 2019 03:47 PM
    Hi team

    L7 PAM has integrated 300 EndPoint of which controls the privileged accounts and in access to these EndPoint. In a scenario in which access to the virtual appliances is lost due to damage in the virtual machines.

    As it is possible to restore the backup generated by L7 PAM; this is because each virtual appliance has a unique encryption key and when restoring the backup the new appliance is not able to read the information of the recovered database.How is it possible to access endpoints if the keys are managed by L7 PAM, so they are unknown to EndPoint administrators?

    If in the PVP there are configured password change events when the user accesses the EndPoint or when the password is seen, is it possible to configure the database backup events so that they are more periodic, such as every hour? Currently, 1 backup can be generated per day, but if the PVP generates a key change, this backup may not be used to recover access to the machines.

    ------------------------------
    Julian Riano
    ------------------------------


  • 2.  RE: Some questions before a scenario of recovery before failure
    Best Answer

    Broadcom Employee
    Posted Jul 16, 2019 05:55 PM
    Hi Julian,
    DB backups can be configured daily only. If you have a PAM cluster, you can use different backup times on each node to effectively get multiple backups per day.​ You also should use syslog or splunk integration to get PAM events in real time. This would allow you to see which target accounts were updated since the last DB backup.
    Regarding DB restoration, please review our online documentation, e.g. page https://docops.ca.com/ca-privileged-access-manager/3-2-5/en/administrating/maintenance/configuration-and-database-backups/restore-the-database-to-a-new-appliance
    Original Message