Symantec Privileged Access Management

View Only

PAM license information

MARUBUN SUPPORT posted Jul 23, 2024 05:23 AM

I have a question about the system information file in the PAM UI license.

:
Licensed GK Devices: 500000
Licensed PA Devices: 500000
Licensed A2A Devices: 500000
Licensed ServerControl Devices: 10000
:
Used GK Nodes: 0
Used PA Nodes: 0
Used A2A Nodes: 0
Used ServerControl Nodes: 0
:

I think Nodes is the number of registered devices, and Devices is the number of licenses that can be registered, but is that correct?

I think GK and PA are either Access Devices or Password Devices, but which is it?

Does Server Control Devices indicate the number of PAMSC licenses registered in PAM, and does Server Control Nodes indicate the number of PAMSC EndPoints recognized by PAM?

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-access-manager/4-1-7/pam-server-control/install-and-configure-utility-appliances/License-PAM-To-Support-Server-Control.html

When registering a PAMSC EndPoint as a device, is it configured as an Access Device or a Server Control Device?

Thanks,

Broadcom Employee Ralf Prigl posted Jul 31, 2024 11:59 AM

GK stands for GateKeeper and represents the Device Access part of PAM.

PA stands for Password Authority and presents the Credential Management part of PAM.

Both were standalone products that were combined to create PAM many years ago.

A1: Correct.

A2: GK devices are access devices, see above.

A3: EndPoints registering with PAM are Server Control Devices.

A4: See A3. Additionally, if the device didn't exist in PAM yet, it will be created and in addition to being a Server Control Devices it should have the default types as specified on the Settings > Global Settings > Basic Settings page.

MARUBUN SUPPORT posted Aug 01, 2024 04:48 AM

I have an additional question.

Is the number of Server Control device licenses set when the PAMSC license is registered in PAM (Configuration > Licensing page > Install New License tab)?

If I register it as a GK device without registering this license, will it only be registered as a GK device?

Also, if I register the license and register PAMSC as a device in PAM, will it be registered as both a PAMSC device and a GK device?

Broadcom Employee Ralf Prigl posted Aug 02, 2024 02:05 PM

The PAM license includes the number of licensed end points (Server Control devices), there is no other license involved. The last question is covered in the previous update.