Symantec Privileged Access Management

 View Only
  • 1.  CA PIM - Installation prerequisites

    Posted Jul 29, 2016 12:19 PM

    Hello All,

     

    GM!

     

    I am trying a POC on CA PIM.

    How do I plan it. What all supporting software's required other than CA PIM 12.9?

    Of that component, what all can get in to a same machine/server?

     

    Cheers,



  • 2.  Re: CA PIM - Installation prerequisites
    Best Answer

    Broadcom Employee
    Posted Jul 29, 2016 04:58 PM

    Hello mrcm,

     

    Most of the information you are looking for can be found in the 'Implementing' section of the PIM Reference guide, link below. As for what can be installed on the same server; For Enterprise Management (ENTM) you will need to install the pre-reqs of Java JDK & JBoss on the same server (these come in the third party software download) and it is recommended that you ONLY install ENTM and its pre-reqs, nothing more. For the endpoints there are no additional requirements, just install the endpoint software and you are good to go. The endpoint software is made to run on any server and you can run any software you want on those systems.

     

    Reference guide:

    Implementing - CA Privileged Identity Manager - 12.9.02 - CA Technologies Documentation

     

    Compatibility information:

    https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=c318b417-e0ac-4949-b876-ff3e7bc680a2&productID=154

     

    Hope this helps,

    -Christian



  • 3.  Re: CA PIM - Installation prerequisites

    Posted Aug 01, 2016 09:53 AM

    Thanks Chris!

    Btw, are the below components mandatory for full functionality...if yes, what all can be group in the same server?

    1. Distribution Server

    2. MSSQL DB Server

    3. UARM (User Activity Reporting Module)

    4. ObserveIT Session Recording Server

    5. Report Server ( CA Business Intelligence)



  • 4.  Re: CA PIM - Installation prerequisites

    Broadcom Employee
    Posted Aug 01, 2016 10:14 AM

    Hi mrcm,

     

    It really depends on what you mean by "full functionality". Please see individual explanations below.

     

    1. Distribution servers are used to distribute policies and help with various tasks, they are only needed when your environment is too large to be handled by just the one ENTM server.

    2. You do need either and MSSQL DB or an Oracle SQL DB in order to install ENTM. For more info, see 'Server' section of the compatibility matrix link from my first post.

    3. UARM is used to monitor user activity and provides reports on 'who used what'.

    4. ObserveIT is used for session recordings of Windows RDP sessions. This is no longer "needed" in 12.9+ because of the new PROXY_RDP functionality which can replace it without the need for the additional licensing and install requirements of ObserveIT.

    5. The reporting server is used to generate reports on things like 'who has access to what'.

     

    We would not recommend grouping any of these together on the same server.

     

    -Christian



  • 5.  Re: CA PIM - Installation prerequisites

    Posted Aug 01, 2016 10:40 AM

    Thanks Again Chris!

    3. Does UARM works only on Cent OS

    4. When you say PROXY_RDP, does that need an Apache proxy

     



  • 6.  Re: CA PIM - Installation prerequisites

    Broadcom Employee
    Posted Aug 01, 2016 11:07 AM

    Hi again mrcm,

     

    3. Yes, when you download UARM you will also get CentOS as part of it. You must use the provided CentOS.

    4. No. Starting with 12.9 Proxy_RDP is built into ENTM and does not require any additional software. Proxy_RDP is a feature that allows you to open RDP sessions directly in the browser which can be recorded. You can find more information about this in the reference guide.

     

    -Christian