Included Connectors - Hitachi ID Privileged Access Manager
Hitachi ID Privileged Access Manager comes with a rich variety of built-in connectors. These support both end user devices (e.g., PCs, laptops) and network attached infrastructure such as servers, routers, firewalls, network devices, databases and applications.
Routers, switches, firewalls, lights-out adapters
Privileged Access Manager can manage passwords to privileged accounts on a wide variety of network devices, from vendors such as Cisco, Juniper and F5. These are generally managed over SSH, where:
- A connector running on Privileged Access Manager nodes establishes SSH sessions to the managed device, to get a list of local admin IDs, randomize passwords, validate password values, etc.
- An ActiveX executed on user laptops can launch an SSH client such as PuTTY, inject credentials from the vault and so provide single sign-on for IT staff who need sign into network devices.
Optional client software
Privileged Access Manager does not require any client software to run, beyond a web browser. That said, Privileged Access Manager client software is provided for optional functions:
- To trigger privileged password changes on mobile laptops by
contacting one of the central Privileged Access Manager servers and request a
new, random password. This is done with a Service on Windows and
a cron job on Linux/Unix. Appropriate client software is provided
for the following, at any service pack / patchlevel:
- Windows 2000.
- Windows XP.
- Windows Vista/7/8.
Clients for other Unix variants are made available on demand.
- To launch automatic connections from an IT worker's Privileged Access Manager
login session to target systems, using Terminal Services, SSH
or other tools. This is accomplished using ActiveX controls
embedded in the Privileged Access Manager web portal and consequently only works with
the Internet Explorer web browser. The Privileged Access Manager UI works with
other browsers, but other browsers cannot launch automatic connections.
Nothing needs to be installed on the user's PC for this to work.
Included in price
Almost all Privileged Access Manager connectors are included in the base price. The sole exception is the native z/OS Mainframe Connector -- one of three methods used to integrate with RAC/F, ACF/2 and TopSecret -- which is licensed separately.