• Site Map
• Contact Us

• Home
• Our Company
  • Customers
  • Careers
  • Contact Us
  • RSS & Blogs
• Products
  • Identity Manager
  • Password Manager
  • Group Manager
  • Privileged Access Manager
  • Download evaluation
  • Releases
  • CCC
• Solutions
  • Security / GRC
  • Reducing IT support cost
  • Improve user service
• Support
  • Shipping products
  • Supported versions
  • Portal login
  • Report problem
• Services
  • Solution delivery
  • Methodology
  • Education
  • Upgrades
  • AdMax Program
  • Hitachi ID Systems-Managed IAM
  • Guarantee
• News &  Events
  • Press Releases
  • Press Coverage
  • Archived Webinars
• Resource Center
  • White Papers
  • Independent Reviews
  • Brochures
  • Slide Decks
  • Case Studies
  • Regulatory Compliance
  • Certifications
  • Community
• Partners
  • Technology Partners
  • Channel Partners
  • System Integrators and Consultants
  • Managed Service Providers
  • Public Sector
  • Partner Portal
  • Online partner application

Technology Included connectors

Included connectors - Hitachi ID Privileged Access Manager

Hitachi ID Privileged Access Manager comes with a rich variety of built-in connectors. These support both end user devices (e.g., PCs, laptops) and network attached infrastructure such as servers, routers, firewalls, network devices, databases and applications.

Operating systems and applications

Included connectors support managing passwords, groups and privilege escalation on a variety of systems, including:

(1)

Directories:	Servers:	Databases:
Any LDAP, AD, NDS, eDirectory, NIS/NIS+.	Windows 2000, 2003, 2008, Samba, Novell, SharePoint.	Oracle, Sybase, SQL Server, DB2/UDB, ODBC.
Unix:	Mainframes:	Midrange:
Linux, Solaris, AIX, HPUX, 24 more.	z/OS with RAC/F, ACF/2 or TopSecret.	iSeries (OS400), OpenVMS.
ERP:	Collaboration:	Tokens, Smart Cards:
JDE, Oracle eBiz, PeopleSoft, SAP R/3, Siebel, Business Objects.	Lotus Notes, Exchange, GroupWise, BlackBerry ES.	RSA SecurID, SafeWord, RADIUS, ActivIdentity, Schlumberger.
WebSSO:	Help Desk:	HDD Encryption:
CA Siteminder, IBM TAM, Oracle AM, RSA Access Manager.	BMC Remedy, BMC SDE, HP Service Manager, CA Unicenter, Assyst, HEAT, Altiris, etc.	McAfee, CheckPoint.

 

Routers, switches, firewalls, lights-out adapters

Privileged Access Manager can manage passwords to privileged accounts on a wide variety of network devices, from vendors such as Cisco, Juniper and F5. These are generally managed over SSH, where:

• A connector running on Privileged Access Manager nodes establishes SSH sessions to the managed device, to get a list of local admin IDs, randomize passwords, validate password values, etc.
• An ActiveX executed on user laptops can launch an SSH client such as PuTTY, inject credentials from the vault and so provide single sign-on for IT staff who need sign into network devices.

Optional client software

Privileged Access Manager does not require any client software to run, beyond a web browser. That said, Privileged Access Manager client software is provided for optional functions:

1. To trigger privileged password changes on mobile laptops by contacting one of the central Privileged Access Manager servers and request a new, random password. This is done with a Service on Windows and a cron job on Linux/Unix. Appropriate client software is provided for the following, at any service pack / patchlevel:
   1. Windows 2000.
   2. Windows XP.
   3. Windows Vista.
   4. Windows 7.
   5. Linux.

   Clients for other Unix variants are made available on demand.

2. To launch automatic connections from an IT worker's Privileged Access Manager login session to target systems, using Terminal Services, SSH or other tools. This is accomplished using ActiveX controls embedded in the Privileged Access Manager web portal and consequently only works with the Internet Explorer web browser. The Privileged Access Manager UI works with other browsers, but other browsers cannot launch automatic connections.

   Nothing needs to be installed on the user's PC for this to work.

Flexible connectors

(2)Privileged Access Manager includes a number of flexible connectors, each of which is used to script integration with a common protocol or mechanism. These connectors allow organizations to quickly and inexpensively integrate Privileged Access Manager with custom and vertical market applications. The ability to quickly and inexpensively add integrations increases the value of the Privileged Access Manager system as a whole.

There are flexible connectors to script interaction with:

API binding:	Terminal emulation:	Web services:	Back end integration:	Command-line:
C, C++ Java, J2EE .NET COM, ActiveX MQ Series	SSH Telnet TN3270, TN5250 Simulated browser	SOAP WebRPC Pure HTTP(S)	SQL Injection LDAP attributes	Windows Power Shell Unix/Linux

 

Organizations that wish to write a completely new connector to integrate with a custom or vertical market application may do so using whatever development environment they prefer (J2EE, .NET, Perl, etc.) and invoke it as either a command-line program or web service.

If Hitachi ID Systems customer develops their own integrations, an effort of between four hours and four days is typical. Alternately, Hitachi ID Systems offers fixed-cost custom integrations for a nominal fee.

© Hitachi ID Systems, Inc. . All rights reserved.