Symantec Privileged Access Management

  • Private Community
 View Only

  • 1.  Can I manage CIFS/SMB access using a socket filter?

    Posted Aug 14, 2019 01:40 AM
    Hi,

    My customer  wanted to manage to access to file servers (CIFS/SMB:Windows2012R2) using a socket filter.
    However it did not work.

       * We could access file servers after a following setting.
                   Socket filter setting : Blacklist / File server IP range / 1-65535
       * To access them using RDP(3389/TCP) could be blocked, so I believe SFA is working fine.

    Could you please let me know what should I do to manage them.

    Thank you in advance.

    Fumiko


  • 2.  RE: Can I manage CIFS/SMB access using a socket filter?
    Best Answer

    Broadcom Employee
    Posted Aug 14, 2019 04:16 AM

    Hello Fumiko,

     

    SFA only allows to control session initiation (e.g. RDP or SSH) from the SFA-host to a remote host.

    It does not provide any fine grained resource protection / access control.

     

    For this you would need the PAM Server Control Windows Endpoint.

    Here is the documentation which should give you ideas what options you have with this component:

    https://docops.ca.com/ca-privileged-access-manager-server-control/14-1/en/administrating/endpoint-administration-for-windows

     

    Best Regards,

    Andreas

     




    Original Message


  • 3.  RE: Can I manage CIFS/SMB access using a socket filter?

    Posted Aug 14, 2019 07:42 AM
    Hello Andreas,

    Thank you for replying so promptly.

    I understood what you said.
    That is unfortunate for my customer, but I will tell him that.

    Thank you for everything.
    Fumiko

    Original Message