manualshive.com logo in svg

One Identity SPS T1, Руководство по установке, Страница: 30 / 34

Поделиться
Скачать
One Identity SPS T1 Скачать руководство пользователя страница 30

 2. 

Complete the SPS Welcome Wizard

Complete the SPS Welcome Wizard (for details, see 

"Configuring One Identity 

Safeguard for Privileged Sessions (SPS) with the Welcome Wizard" in the 
Administration Guide

). Note the following points specific for Azure deployments. 

When configuring the network settings of SPS note the following points.

CAUTION: 

Do not export or import configuration between a physical SPS 
deployment and a virtual one. Because of the differences and 
limitations between physical and virtual appliances, configure the 
virtual appliance from scratch to ensure proper functionality. When 
you migrate a virtual SPS to another one, you can export and import 
the configuration.

 a.  Into the 

Physical interface EXT or 1 — IP address

 field, enter the static IP 

address of the SPS VM that you set on the Azure portal.

 b. 

Default GW

: The default gateway is usually the first address in a subnet (for 

example, if your subnet is 

10.7.0.0/24

, then the gateway will be 

10.7.0.1

).

 c. 

Hostname

: Use the hostname you have configured for the SPS VM on the 

Azure portal.

 d. 

DNS server

: You can use any DNS server that the SPS VM can access, even 

public ones.

 3. 

Configure SPS

Login to SPS and configure it.

 a.  Configure backups for SPS. For backup and archiving purposes One Identity 

recommends the built-in file shares of Azure. For details on configuring 
backups, see 

"Data and configuration backups" in the Administration Guide

.

 b.  Configure archiving for SPS. For backup and archiving purposes One Identity 

recommends the built-in file shares of Azure. For details on configuring 
backups, see 

"Archiving and cleanup" in the Administration Guide

. Configuring 

Archiving policy is highly recommended: because if the disk of the VM fills up, 
SPS stops working.

 c.  Configure a server: set up a host that is on the same subnet as SPS, and enable 

Remote Desktop (RDP) or Secure Shell (SSH) access to it.

 d.  Configure a connection on SPS to forward the incoming RDP or Secure Shell 

(SSH) connection to the host and establish a connection to the host. See 

"Logging in to One Identity Safeguard for Privileged Sessions (SPS) and 
configuring the first connection" in the Administration Guide

 for details.

 e.  Replay your session in the browser. See 

"Replaying audit trails in your browser 

in Search (classic)" in the Administration Guide

 for details.

SPS 6.0 Installation Guide

Deploying One Identity Safeguard for Privileged Sessions from the Azure

Marketplace

30

Содержание SPS T1

Страница 1: ...One Identity Safeguard for Privileged Sessions 6 0 Installation Guide...

Страница 2: ...TY TO USE THIS DOCUMENT EVEN IF ONE IDENTITY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES One Identity makes no representations or warranties with respect to the accuracy or completeness of the...

Страница 3: ...SX 17 Limitations of SPS under VMware 18 One Identity Safeguard for Privileged Sessions Hyper V Installation Guide 20 Limitations of SPS under Hyper V 20 Installing SPS under Hyper V 21 Installing One...

Страница 4: ...High Availability 31 Virtual appliance maintenance 32 Modifying the disk size of a SPS virtual appliance 32 About us 34 Contacting us 34 Technical support resources 34 SPS 6 0 Installation Guide 4...

Страница 5: ...e hardware specifications of the SPS appliance One Identity Safeguard for Privileged Sessions Software Installation Guide describes how to install SPS on certified hardware One Identity Safeguard for...

Страница 6: ...the re installation of the product Note that the contents of this document were previously included in the Administration Guide This standalone guide was created to l Improve how information is organi...

Страница 7: ...nstalled with the latest One Identity Safeguard for Privileged Sessions firmware l One Identity Safeguard for Privileged Sessions accessory kit including the following l One Identity Safeguard for Pri...

Страница 8: ...install a single SPS unit see Installing the SPS hardware l For details on how to install a two SPS units in high availability mode see Installing two SPS units in HA mode Installing the SPS hardware...

Страница 9: ...ccess to all data stored on the SPS appliance Data on the appliance can be unencrypted or encrypted and can include sensitive information for example passwords decryption keys private keys and so on F...

Страница 10: ...te console add the DNS name or the IP address of the IPMI interface to the exception list whitelist of the Java console For details on how to do this see the Java FAQ entry titled How can I configure...

Страница 11: ...4 4 Power on the second unit 5 Change the BIOS and IPMI passwords on the second unit The default password is ADMIN or changeme depending on your hardware 6 Connect to the SPS web interface of the fir...

Страница 12: ...R Xeon R E5 2630V2 2 6GHz 8 x 4 GB 13 x 1 TB LSI 2208 1GB cache Yes Safeguard Sessions Appliance 3000 Yes 1x Intel Xeon E3 1275 3 60GHz 8Core 2 x 16 GB 4x2 TB NLSAS LSI MegaRAID SAS 9361 4i Single Ye...

Страница 13: ...ster communication for example in case of high data load you can connect up to two 10Gbit network cards These cards are not shipped with the original package and have to be purchased separately SPS 6...

Страница 14: ...isites When installing SPS on a physical hardware make sure that you use a One Identity supported appliance and that every hard disk required for the particular appliance is inserted Installing SPS wi...

Страница 15: ...Depending on the size of the disks the installation process takes from a few minutes to an hour to complete CAUTION Hazard of data loss All data on the disks will be deleted 8 The installer displays t...

Страница 16: ...0 24 subnet for example 192 168 1 10 see The initial connection to One Identity Safeguard for Privileged Sessions SPS in the Administration Guide NOTE For details on the supported web browsers and ope...

Страница 17: ...bit l Allocate memory for the virtual machine SPS requires a minimum of 4 GiB 8 GiB is recommended of memory The recommended size for the memory depends on the exact environment but consider the follo...

Страница 18: ...de by default Therefore make sure you enable but do not attach the fourth eth3 network card to a network 2 After creating the virtual machine edit the settings of the machine Set the following options...

Страница 19: ...ncrease the size of the virtual disk see Modifying the disk size of a SPS virtual appliance on page 32 l If High Availability HA operation mode is required in a virtual environment use the HA function...

Страница 20: ...may display inaccurate information for example display degraded RAID status l When running SPS under Microsoft Hyper V ensure that the network interfaces are actually connected to the network When run...

Страница 21: ...t in RAID support of SPS for some reason use two hard disks and SPS will automatically use them in software RAID CAUTION Hazard of data loss When you install or reinstall SPS in a virtual environment...

Страница 22: ...ou have to use more than one NICs we recommend using only Legacy NICs 2 Login to your support portal and download the latest One Identity Safeguard for Privileged Sessions installation ISO file Note t...

Страница 23: ...S under significant load contact One Identity for recommendations l Guest operating system Linux Ubuntu 64 bit l Allocate memory for the virtual machine SPS requires a minimum of 4 GiB 8 GiB is recomm...

Страница 24: ...figure unused network cards at least the fourth eth3 to use internal NAT l To index connections without significant delay add two CPU cores to the virtual machine Note that these settings are suitable...

Страница 25: ...k space assigned to the virtual host it is not possible to use on demand disk allocation scenarios l If High Availability HA operation mode is required in a virtual environment use the HA function pro...

Страница 26: ...ons license When deployed from the Microsoft Azure Marketplace the One Identity Safeguard for Privileged Sessions uses the Bring your own license model Note that to deploy two active SPS nodes as an a...

Страница 27: ...ces in SPS For details see VM with multiple NICs l The Seal the box functionality is not available l The High Availability support of SPS was designed to work between two physical SPS appliances This...

Страница 28: ...s are compromised you still have an authentic copy of the original logs l For security reasons disable SSH access to SPS when it is not needed Accessing the SPS host directly using SSH is not recommen...

Страница 29: ...onfigure in the SPS Welcome Wizard c Choose a size for the VM If you want to use this machine in production and need help about sizing or architecture design contact your One Identity sales representa...

Страница 30: ...S VM can access even public ones 3 Configure SPS Login to SPS and configure it a Configure backups for SPS For backup and archiving purposes One Identity recommends the built in file shares of Azure F...

Страница 31: ...is stored in 3 copies For details see Locally redundant storage in the Azure Storage replication document and Service Healing Auto recovery of Virtual Machines High Availability If a hardware failure...

Страница 32: ...isk size of a SPS virtual appliance 1 Hazard of data loss Modifying the disk size is a risky operation Create a full system backup configuration and data backup to avoid data loss For detailed instruc...

Страница 33: ...fix the GPT to use all of the space an extra 4194304 blocks or continue with the current setting Fix Ignore fix Partition number 4 Warning Partition dev sda4 is being used Are you sure you want to co...

Страница 34: ...ble to One Identity customers with a valid maintenance contract and customers who have trial versions You can access the Support Portal at https support oneidentity com The Support Portal provides sel...

Отзывы:

Нет отзывов