SlideShare ist ein Scribd-Unternehmen logo

Dell Password Manager Introduction

Aidy Tificate
Aidy Tificate

Dell Password Manager ( formerly Quest Password Manager). Password Manager Solution for Active Directory

Technologie
1 von 33
Dell Password Manager Formerly know as Quest Password Manager ( QPM )
Find us on Facebook: https://www.facebook.com/allidm Follow us on Twitter: https://twitter.com/aidy_idm Look for us on LinkedIn: http://www.linkedin.com/in/identityandaccessmanagement Visit our blog: http://www.allidm.com/blog Stay connected to Allidm
Disclaimer and Acknowledgments The contents here are created as a own personal endeavor and thus does not reflect any official stance of any Identity and Access Management Vendor on any particular technology
Contact Us On this presentation we’ll talk about some useful topics that you can use no matter which identity and access management solution or product you are working on. If you know one that make a big difference please tell us to include it in the future aidy.allidm@gmail.com
 Quest One Password Manager is a Web-based application that provides an easy-to- implement and use, yet highly secure, password management solution.  Users can connect to Password Manager by using their favorite browser and perform password self-management tasks  Eliminating the need for assistance from high-level administrators and reducing help desk workload.  Password Manager works with Windows domains, including domains operating in mixed mode.  Integration with Quest One Quick Connect facilitates cross-platform password synchronization that enables Password Manager to change user passwords across multiple connected data sources. Introduction
 Global access.  Password Manager provides 24x7x365 access to the Self-Service site from intranet computers as well as via Internet from any most common browser.  Strong data encryption and secure communication.  Cross-platform password synchronization.  Password Manager has been designed for use Quest One Quick Connect, which makes it possible to automatically synchronize users‘ passwords across multiple connected data sources.  Web interface for a helpdesk service.  x64 version of Password Policy Manager.  An x64 version of Password Policy Manager module has been designed for use on domain controllers running an x64 Microsoft Windows Server operating system. Features
 E-mail event notifications.  Advanced domain management. Password Manager is capable of managing domains across trust boundaries (no trust relationship required).  Powerful password policies.  Granular policy enforcement. Password policies are applied on a per-group or per OU basis.  Questions and Answers authentication mechanism.  Enhanced user name search options.  Users can be allowed to view their account attributes, such as user logon name, first name, display name, and SMTP address, when searching for their forgotten user names.  Fault tolerance and scalability.  Password Manager is designed to work with network load balancing clusters and in a Web farm environment. Features…
 The Web Interface allows multiple Web sites to be installed with individual, customizable configurations.  The following is a list of configuration templates that are available out-of- the box.  Administration site is for individuals who are responsible for implementing password self-management through performing administrative tasks, such as configuring site-specific settings and enforcing password policies, to suit the specific needs of their organization.  Helpdesk site handles typical tasks performed by helpdesk operators, such as resetting passwords, unlocking user accounts, assigning temporary passcodes, and managing users‘ Questions and Answers profiles.  Self-Service site provides users with the ability to easily and securely manage their passwords, thus eliminating the need for assistance from high-level administrators and reducing helpdesk workload. Sites & Roles
 The Password Manager license specifies the maximum number of user accounts enabled for management by Password Manager in all managed domains.  Launching the Administration site counts the actual number of user accounts, and compares it with the maximum number specified by the license.  If the actual number exceeds the maximum licensed number, a license violation occurs.  A warning message is displayed on every connection to the Administration site of Password Manager. Licensing
 In the event of a license violation, you have the following options:  Exclude a number of user accounts from the user accounts managed to bring your license count in line with the licensed value  Remove one or more managed domain to decrease the number of managed user accounts.  Purchase a new license with a greater number of user accounts, and then update your license using the instructions provided later in this section. Licensing…
 Password Manager requires a separate license for telephone verification feature that allows users to authenticate themselves via one-time PINs received as text messages or through automated voice calls.  License violation occurs in the following cases:  The actual number of users exceeds the maximum licensed number for the telephone verification service.  The license for the telephone verification service expired.  In case of a license violation, you will have a grace period of 30 days during which the telephone verification service is available. After this period, the service will be turned off Telephone Verification Feature License
 When installing Password Manager, you are prompted to specify two accounts:  Password Manager Service account  Password Manager Service account is an account under which Password Manager Service runs.  You can also use Password Manager Service account as a domain management account (the account that is necessary to add managed domains when configuring the user and helpdesk scopes).  Application pool identity.  Is an account under which the application pool's worker process runs.  The account you specify as the application pool identity will be used to run Password Manager Web sites. Password Manager Service Account and Application Pool Identity
 Password Manager to run successfully, the accounts you specify when installing Password Manager must meet the following requirements:  Password Manager Service account must be a member of the Administrators group on the Web server where Password Manager is installed.  Application pool identity account must be a member of the IIS_WPG local group on the Web server in IIS 6.0 or a member of the IIS_IUSRS local group on the Web server in IIS 7.0 and must have permissions to create files in the <Password Manager installation folder>App_Data folder.  Application pool identity account must the full control permission set for the following registry keys: HKEY_LOCAL_MACHINESOFTWAREQuest SoftwareQPM. Service account and application pool identity rights
 Strongly recommended use HTTPS with Password Manager.  The secure hypertext transfer protocol (HTTPS) is a communications protocol designed to transfer encrypted information between computers over the World Wide Web. HTTPS
 You can install all Password Manager components together on a single server or you can deploy the Self- Service and Helpdesk sites on a standalone server.  By default, Password Manager uses built-in certificates to encrypt traffic between Password Manager Web sites and Password Manager Service. After installing Password Manager, if the Web sites (Self-Service and Helpdesk) and the Password Manager Service are installed on different computers, it is recommended to replace these certificates with new ones. Install Password Manager
 After you installed Password Manager on your computer, you need to initialize an instance before you begin to configure a new Management Policy  You can choose one of the two options:  Create a unique instance  Replica of an existing instance.  When you create the replica of the existing instance, the new instance shares its entire configuration with the existing instance.  Password Manager instances sharing the same configuration are referred to as a Password Manager realm. Instance Initialization
 Password Manager allows you to install the Self-Service and Helpdesk sites on a standalone server.  You can use this installation scenario to deploy Password Manager in a perimeter network (DMZ).  When deploying Password Manager in a perimeter network:  Install the Password Manager Service and the sites in a corporate network at first (i.e. use the Full installation option in the Password Manager setup)  And then install only the Self-Service site in the perimeter network.  Use this installation scenario, only one port should be open in the firewall between the corporate network and the perimeter network  By default, port number 8081 is used Self-Service and Helpdesk Sites on a Standalone Server
 Several Password Manager instances sharing common configuration are referred to as a realm.  A realm is a group of Password Manager Service instances sharing all settings and having the same set of Management Policies  The same user and helpdesk scopes, Q&A policy, and workflow settings.  Password Manager realms provide for enhanced availability and fault tolerance. Multiple Instances of Password Manager
 It is not recommended to edit Password Manager settings simultaneously on multiple instances belonging to one realm.  Simultaneous modification of settings on multiple Password Manager instances may cause data loss.
 When the Password Manager Service is installed on one computer and the Self-Service and Helpdesk sites are installed on some other computers, certificate- based authentication and traffic encryption is used to protect traffic between these components.  By default, Password Manager uses built-in certificates issued by Quest Software. Custom Certificates for Authentication and Traffic Encryption
 To start using custom certificates for authentication and traffic encryption between Password Manager components complete the following steps: 1. Obtain and install custom certificates from a trusted Windows-based certification authority. 2. Provide certificate issued for a server computer to the Password Manager Service. 3. Provide certificate issued for client computers to the Self-Service and Helpdesk sites.
 After initializing the Administration site, you need to configure the default Management Policy to enable users to use the Self-Service site.  The required settings you need to configure for the Management Policy are :  User scope and  Secret questions Management Policy
 User Scope  To configure the user scope, add one or more domain connections.  Domain connections created for the user scope can also be used in the helpdesk scope and password policies.  After adding a domain connection to the user scope, you need to specify groups from the domain that will be able to access the Self-Service site.  By default, the group “Domain Users” is included in the scope when you add the domain connection to the user scope.  Secret Questions  Secret questions are the main part of the Questions and Answers policy that allows authenticating users on the Self-Service site before users can perform any self-service tasks.
 For the domain connection that you want to use in the user and helpdesk scopes, make sure the domain management account has the following minimum set of permissions:  Membership in the Domain Users group  The Read permission for all attributes of user objects  The Write permission for the following attributes of user objects: pwdLastSet, comment, and userAccountControl  The right to reset user passwords  The Write permission to create user accounts in the Users container  The Read permission for attributes of the organizationalUnit object and domain objects  The Write permission for the gpLink attribute of the organizationalUnit objects and domain objects  The Read permission for the attributes of the container and serviceConnectionPoint objects in Group Policy containers  The permission to create container objects in the System container  The permission to create the serviceConnectionPoint objects in the System container  The permission to delete the serviceConnectionPoint objects in the System container  The Write permission for the keywords attribute of the serviceConnectionPoint objects in the System container Permissions for Domain Management Account
 If you want to use the same domain connection in password policies as well, make sure the account has the following permissions:  The Read permission for attributes of the groupPolicyContainer objects.  The Write permission to create and delete the groupPolicyContainer objects in the System Policies container.  The Read permission for the nTSecurityDecriptor attribute of the groupPolicyContainer objects.  The permission to create and delete container and the serviceConnectionPoint objects inGroup Policy containers.  The Read permission for the attributes of the container and serviceConnectionPoint objects in Group Policy containers.  The Write permission for the serviceBindingInformation and displayName attributes of the serviceConnectionPoint objects in Group Policy containers.  The Write permission for the following attributes of the msDS-PasswordSettings object:  msDS-LockoutDuration  msDS-LockoutThreshold  msDS-MaximumPasswordAge  msDS-MinimumPasswordAge  msDS-MinimumPasswordLength  msDS-PasswordComplexityEnabled  msDS-PasswordHistoryLength  msDS-PasswordReversibleEncryption  msDS-PasswordSettingsPrecedence  msDS-PSOApplied  msDS-PSOAppliesTo  name Permissions for Domain Management Account…
 After adding a domain connection to the user scope, you need to specify groups from the domain that will be able to access the Self-Service site.  By default, the group “Domain Users” is included in the scope when you add the domain connection to the user scope.  specify groups that are allowed to access the Self-Service site  You can also restrict some domain groups from accessing the Self-Service site.  specify groups that are denied access to the Self-Service site Domain Connection
 Domain Controller  Selecting the domain controller allows you to specify what domain controller Password Manager should use when connecting to the managed domain.  By default, two options are available:  Domain controller used by user computer and  Default domain controller.  You can select several domain controllers to ensure fault tolerance in your environment.  By default, the first domain controller in the list will be used by Password Manager to connect to the domain.  If the first domain controller is not available, Password Manager will attempt to connect to the next domain controller in the list, and so on. Advanced Options for Domain Connection
 Domain controller used by user computer  Is a domain controller that a user computer connects to.  It may not be the same as the domain controller used by the computer running the Password Manager Service.  The information about this domain controller is passed to Password Manager in requests made by Secure Password Extension.  Default domain controller  Is a domain controller that is automatically identified as a preferred domain controller for the computer running the Password Manager Service.
 When Password Manager uses a domain controller other than the first one in the list of domain controllers, the Environment Health Checker scheduled task checks whether the first domain controller (with the highest priority) is available.  When it becomes available, Password Manager switches back to using this domain controller.
 By specifying Active Directory sites in the domain connection settings you select the site in which you want Password Manager to replicate changes as soon as they occur in other sites.  This reduces downtime that users may experience when your environment has several Active Directory sites and changes do not get immediately replicated between the sites.  When specifying the site, you can select either the default writable domain controller (automatically selected in Active Directory) or select several writable domain controllers from this site.  If you specify several domain controllers, changes will be propagated to the first available domain controller in the site. Active Directory Sites
 Changes Propagation  After you specify the Active Directory sites in which you want to push changes, you can also select what kind of changes to propagate.  The following options are available:  Propagate changes related to the user’s account in Active Directory  Propagate changes related to the user’s Questions and Answers profile  Propagate password-related changes
 Propagating account-related changes  Select this option to propagate information about unlocking and enabling user accounts in Active Directory.  Recommended to use this option when a managed domain has users in multiple Active Directory sites.  Propagating Q&A profile-related changes  Select this option to propagate information about editing, locking and unlocking Q&A profile, and passcodes issued by help desk.  It is recommended to use this option when users and Password Manager Service use domain controllers from different sites.  Propagating password-related changes  Select this option to propagate information about changing or resetting user password.  It is recommended to use this option in the following environment.  You have several Active Directory sites in your environment;  A user’s computer and Password Manager Service are located in different sites.  User authentication is performed via a read-only domain controller (RODC).
Dell Password Manager Formerly know as Quest Password Manager ( QPM )

Empfohlen

Metasploit El Kitabı
Metasploit El KitabıMetasploit El Kitabı
Metasploit El KitabıBGA Cyber Security
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewDavid J Rosenthal
 
Web Uygulama Pentest Eğitimi
Web Uygulama Pentest EğitimiWeb Uygulama Pentest Eğitimi
Web Uygulama Pentest EğitimiBGA Cyber Security
 
Benefits of Web Application Firewall
Benefits of Web Application FirewallBenefits of Web Application Firewall
Benefits of Web Application Firewalldavidjohnrace
 
MICROSOFT SQL SERVER SIZMA VE GÜVENLİK TESTİ ÇALIŞMALARI
MICROSOFT SQL SERVER SIZMA VE GÜVENLİK TESTİ ÇALIŞMALARIMICROSOFT SQL SERVER SIZMA VE GÜVENLİK TESTİ ÇALIŞMALARI
MICROSOFT SQL SERVER SIZMA VE GÜVENLİK TESTİ ÇALIŞMALARIBGA Cyber Security
 
BackTrack Linux-101 Eğitimi
BackTrack Linux-101 EğitimiBackTrack Linux-101 Eğitimi
BackTrack Linux-101 EğitimiBGA Cyber Security
 
Ücretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık EğitimiÜcretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık EğitimiBGA Cyber Security
 
Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)Forescout Technologies Inc
 

Empfohlen

Metasploit El Kitabı
Metasploit El KitabıMetasploit El Kitabı
Metasploit El KitabıBGA Cyber Security
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewDavid J Rosenthal
 
Web Uygulama Pentest Eğitimi
Web Uygulama Pentest EğitimiWeb Uygulama Pentest Eğitimi
Web Uygulama Pentest EğitimiBGA Cyber Security
 
Benefits of Web Application Firewall
Benefits of Web Application FirewallBenefits of Web Application Firewall
Benefits of Web Application Firewalldavidjohnrace
 
MICROSOFT SQL SERVER SIZMA VE GÜVENLİK TESTİ ÇALIŞMALARI
MICROSOFT SQL SERVER SIZMA VE GÜVENLİK TESTİ ÇALIŞMALARIMICROSOFT SQL SERVER SIZMA VE GÜVENLİK TESTİ ÇALIŞMALARI
MICROSOFT SQL SERVER SIZMA VE GÜVENLİK TESTİ ÇALIŞMALARIBGA Cyber Security
 
BackTrack Linux-101 Eğitimi
BackTrack Linux-101 EğitimiBackTrack Linux-101 Eğitimi
BackTrack Linux-101 EğitimiBGA Cyber Security
 
Ücretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık EğitimiÜcretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık EğitimiBGA Cyber Security
 
Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)Forescout Technologies Inc
 
Owasp top 10 inceleme
Owasp top 10 incelemeOwasp top 10 inceleme
Owasp top 10 incelemeCyber-Warrior.org
 
Siber Güvenlikte Yapay Zeka Uygulamaları - Webinar
Siber Güvenlikte Yapay Zeka Uygulamaları - WebinarSiber Güvenlikte Yapay Zeka Uygulamaları - Webinar
Siber Güvenlikte Yapay Zeka Uygulamaları - WebinarBGA Cyber Security
 
NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity frameworkShriya Rai
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUlf Mattsson
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxAmrMousa51
 
Analysis of web application penetration testing
Analysis of web application penetration testingAnalysis of web application penetration testing
Analysis of web application penetration testingEngr Md Yusuf Miah
 
ISO/IEC 27005 Bilgi Güvenliği Risk Yönetimi Eğitimi
ISO/IEC 27005 Bilgi Güvenliği Risk Yönetimi EğitimiISO/IEC 27005 Bilgi Güvenliği Risk Yönetimi Eğitimi
ISO/IEC 27005 Bilgi Güvenliği Risk Yönetimi EğitimiBTYÖN Danışmanlık
 
Bilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma TestleriBilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma TestleriBGA Cyber Security
 
Aruba WLANs 101 and design fundamentals
Aruba WLANs 101 and design fundamentalsAruba WLANs 101 and design fundamentals
Aruba WLANs 101 and design fundamentalsAruba, a Hewlett Packard Enterprise company
 
Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration TestingCheah Eng Soon
 
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware SaldırılarıBir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware SaldırılarıBGA Cyber Security
 
Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyNetwork Intelligence India
 
Owasp zap
Owasp zapOwasp zap
Owasp zapColdFusionConference
 
Conceptual security architecture
Conceptual security architectureConceptual security architecture
Conceptual security architectureMubashirAslam5
 
Cumhurbaşkanlığı Bilgi ve İletişim Güvenliği Rehberi
Cumhurbaşkanlığı Bilgi ve İletişim Güvenliği RehberiCumhurbaşkanlığı Bilgi ve İletişim Güvenliği Rehberi
Cumhurbaşkanlığı Bilgi ve İletişim Güvenliği RehberiSparta Bilişim
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
Bilgi Guvenligi Temel Kavramlar
Bilgi Guvenligi Temel Kavramlar Bilgi Guvenligi Temel Kavramlar
Bilgi Guvenligi Temel Kavramlar Fatih Ozavci
 
Nessus Kullanım Kitapçığı
Nessus Kullanım KitapçığıNessus Kullanım Kitapçığı
Nessus Kullanım KitapçığıBGA Cyber Security
 
Bilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma TestleriBilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma TestleriBGA Cyber Security
 
Web Servislerine Yönelik Sızma Testleri
Web Servislerine Yönelik Sızma TestleriWeb Servislerine Yönelik Sızma Testleri
Web Servislerine Yönelik Sızma TestleriBGA Cyber Security
 
Dell Password Manager Architecture - Components
Dell Password Manager Architecture - ComponentsDell Password Manager Architecture - Components
Dell Password Manager Architecture - ComponentsAidy Tificate
 
Dell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access ControlDell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access ControlAidy Tificate
 

Weitere ähnliche Inhalte

Was ist angesagt?

Siber Güvenlikte Yapay Zeka Uygulamaları - Webinar
Siber Güvenlikte Yapay Zeka Uygulamaları - WebinarSiber Güvenlikte Yapay Zeka Uygulamaları - Webinar
Siber Güvenlikte Yapay Zeka Uygulamaları - WebinarBGA Cyber Security
 
NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity frameworkShriya Rai
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUlf Mattsson
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxAmrMousa51
 
Analysis of web application penetration testing
Analysis of web application penetration testingAnalysis of web application penetration testing
Analysis of web application penetration testingEngr Md Yusuf Miah
 
ISO/IEC 27005 Bilgi Güvenliği Risk Yönetimi Eğitimi
ISO/IEC 27005 Bilgi Güvenliği Risk Yönetimi EğitimiISO/IEC 27005 Bilgi Güvenliği Risk Yönetimi Eğitimi
ISO/IEC 27005 Bilgi Güvenliği Risk Yönetimi EğitimiBTYÖN Danışmanlık
 
Bilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma TestleriBilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma TestleriBGA Cyber Security
 
Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration TestingCheah Eng Soon
 
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware SaldırılarıBir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware SaldırılarıBGA Cyber Security
 
Conceptual security architecture
Conceptual security architectureConceptual security architecture
Conceptual security architectureMubashirAslam5
 
Cumhurbaşkanlığı Bilgi ve İletişim Güvenliği Rehberi
Cumhurbaşkanlığı Bilgi ve İletişim Güvenliği RehberiCumhurbaşkanlığı Bilgi ve İletişim Güvenliği Rehberi
Cumhurbaşkanlığı Bilgi ve İletişim Güvenliği RehberiSparta Bilişim
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
Bilgi Guvenligi Temel Kavramlar
Bilgi Guvenligi Temel Kavramlar Bilgi Guvenligi Temel Kavramlar
Bilgi Guvenligi Temel Kavramlar Fatih Ozavci
 
Nessus Kullanım Kitapçığı
Nessus Kullanım KitapçığıNessus Kullanım Kitapçığı
Nessus Kullanım KitapçığıBGA Cyber Security
 
Bilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma TestleriBilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma TestleriBGA Cyber Security
 
Web Servislerine Yönelik Sızma Testleri
Web Servislerine Yönelik Sızma TestleriWeb Servislerine Yönelik Sızma Testleri
Web Servislerine Yönelik Sızma TestleriBGA Cyber Security
 

Was ist angesagt? (20)

Owasp top 10 inceleme
Owasp top 10 incelemeOwasp top 10 inceleme
Owasp top 10 inceleme
 
Siber Güvenlikte Yapay Zeka Uygulamaları - Webinar
Siber Güvenlikte Yapay Zeka Uygulamaları - WebinarSiber Güvenlikte Yapay Zeka Uygulamaları - Webinar
Siber Güvenlikte Yapay Zeka Uygulamaları - Webinar
 
NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity framework
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External Threats
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptx
 
Analysis of web application penetration testing
Analysis of web application penetration testingAnalysis of web application penetration testing
Analysis of web application penetration testing
 
ISO/IEC 27005 Bilgi Güvenliği Risk Yönetimi Eğitimi
ISO/IEC 27005 Bilgi Güvenliği Risk Yönetimi EğitimiISO/IEC 27005 Bilgi Güvenliği Risk Yönetimi Eğitimi
ISO/IEC 27005 Bilgi Güvenliği Risk Yönetimi Eğitimi
 
Bilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma TestleriBilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma Testleri
 
Aruba WLANs 101 and design fundamentals
Aruba WLANs 101 and design fundamentalsAruba WLANs 101 and design fundamentals
Aruba WLANs 101 and design fundamentals
 
Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration Testing
 
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware SaldırılarıBir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
 
Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. Mookhey
 
Owasp zap
Owasp zapOwasp zap
Owasp zap
 
Conceptual security architecture
Conceptual security architectureConceptual security architecture
Conceptual security architecture
 
Cumhurbaşkanlığı Bilgi ve İletişim Güvenliği Rehberi
Cumhurbaşkanlığı Bilgi ve İletişim Güvenliği RehberiCumhurbaşkanlığı Bilgi ve İletişim Güvenliği Rehberi
Cumhurbaşkanlığı Bilgi ve İletişim Güvenliği Rehberi
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
Bilgi Guvenligi Temel Kavramlar
Bilgi Guvenligi Temel Kavramlar Bilgi Guvenligi Temel Kavramlar
Bilgi Guvenligi Temel Kavramlar
 
Nessus Kullanım Kitapçığı
Nessus Kullanım KitapçığıNessus Kullanım Kitapçığı
Nessus Kullanım Kitapçığı
 
Bilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma TestleriBilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma Testleri
 
Web Servislerine Yönelik Sızma Testleri
Web Servislerine Yönelik Sızma TestleriWeb Servislerine Yönelik Sızma Testleri
Web Servislerine Yönelik Sızma Testleri
 

Andere mochten auch

Dell Password Manager Architecture - Components
Dell Password Manager Architecture - ComponentsDell Password Manager Architecture - Components
Dell Password Manager Architecture - ComponentsAidy Tificate
 
Dell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access ControlDell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access ControlAidy Tificate
 
Identity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureIdentity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureAidy Tificate
 
LDAP Integration
LDAP IntegrationLDAP Integration
LDAP IntegrationDell World
 
Identity Manager OpenSource OpenIDM - introduction
Identity Manager OpenSource OpenIDM - introductionIdentity Manager OpenSource OpenIDM - introduction
Identity Manager OpenSource OpenIDM - introductionAidy Tificate
 
Password Manager
Password ManagerPassword Manager
Password ManagerEmpowerID
 
Common IDM How-To's
Common IDM How-To'sCommon IDM How-To's
Common IDM How-To'sTommy Docks
 
Case study using idm and a web portal as a gateway to the cloud june 2012
Case study using idm and a web portal as a gateway to the cloud june 2012Case study using idm and a web portal as a gateway to the cloud june 2012
Case study using idm and a web portal as a gateway to the cloud june 2012Steve Young
 
Directory Introduction
Directory IntroductionDirectory Introduction
Directory IntroductionAidy Tificate
 
Introduction to IDM
Introduction to IDMIntroduction to IDM
Introduction to IDMTommy Docks
 
AssureBridge - SSO to Many B2B Service Providers - Marketing presentation
AssureBridge - SSO to Many B2B Service Providers - Marketing presentationAssureBridge - SSO to Many B2B Service Providers - Marketing presentation
AssureBridge - SSO to Many B2B Service Providers - Marketing presentationAssureBridge
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCloudIDSummit
 

Andere mochten auch (20)

Dell Password Manager Architecture - Components
Dell Password Manager Architecture - ComponentsDell Password Manager Architecture - Components
Dell Password Manager Architecture - Components
 
Dell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access ControlDell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access Control
 
Identity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureIdentity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM Architecture
 
LDAP Integration
LDAP IntegrationLDAP Integration
LDAP Integration
 
Evaluating a password manager
Evaluating a password managerEvaluating a password manager
Evaluating a password manager
 
IAM Cloud
IAM CloudIAM Cloud
IAM Cloud
 
Identity Manager OpenSource OpenIDM - introduction
Identity Manager OpenSource OpenIDM - introductionIdentity Manager OpenSource OpenIDM - introduction
Identity Manager OpenSource OpenIDM - introduction
 
IAM Password
IAM PasswordIAM Password
IAM Password
 
IDM Introduction
IDM IntroductionIDM Introduction
IDM Introduction
 
Password Manager
Password ManagerPassword Manager
Password Manager
 
Presentation TPAM 1
Presentation TPAM 1Presentation TPAM 1
Presentation TPAM 1
 
Common IDM How-To's
Common IDM How-To'sCommon IDM How-To's
Common IDM How-To's
 
Case study using idm and a web portal as a gateway to the cloud june 2012
Case study using idm and a web portal as a gateway to the cloud june 2012Case study using idm and a web portal as a gateway to the cloud june 2012
Case study using idm and a web portal as a gateway to the cloud june 2012
 
Cloud introduction
Cloud introductionCloud introduction
Cloud introduction
 
Directory Introduction
Directory IntroductionDirectory Introduction
Directory Introduction
 
IDM & IAM 2012
IDM & IAM 2012IDM & IAM 2012
IDM & IAM 2012
 
Introduction to IDM
Introduction to IDMIntroduction to IDM
Introduction to IDM
 
Password Manager: Detailed presentation
Password Manager: Detailed presentationPassword Manager: Detailed presentation
Password Manager: Detailed presentation
 
AssureBridge - SSO to Many B2B Service Providers - Marketing presentation
AssureBridge - SSO to Many B2B Service Providers - Marketing presentationAssureBridge - SSO to Many B2B Service Providers - Marketing presentation
AssureBridge - SSO to Many B2B Service Providers - Marketing presentation
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
 

Ähnlich wie Dell Password Manager Introduction

Introduccion a la seguridad Windows 7
Introduccion a la seguridad Windows 7Introduccion a la seguridad Windows 7
Introduccion a la seguridad Windows 7EAE
 
Sever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsSever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsPortalGuard
 
Reverse password synchronization with ibm tivoli identity manager redp4299
Reverse password synchronization with ibm tivoli identity manager redp4299Reverse password synchronization with ibm tivoli identity manager redp4299
Reverse password synchronization with ibm tivoli identity manager redp4299Banking at Ho Chi Minh city
 
Magento security best practices magento's approach to pci compliance
Magento security best practices magento's approach to pci complianceMagento security best practices magento's approach to pci compliance
Magento security best practices magento's approach to pci complianceRitwik Das
 
Hybrid Identity Made Simple - Microsoft World Partner Conference 2016 Follow Up
Hybrid Identity Made Simple - Microsoft World Partner Conference 2016 Follow UpHybrid Identity Made Simple - Microsoft World Partner Conference 2016 Follow Up
Hybrid Identity Made Simple - Microsoft World Partner Conference 2016 Follow UpNicole Bray
 
SYMANTEC ENDPOINT PROTECTION Performing Server and Database Management
SYMANTEC ENDPOINT PROTECTION Performing Server and Database ManagementSYMANTEC ENDPOINT PROTECTION Performing Server and Database Management
SYMANTEC ENDPOINT PROTECTION Performing Server and Database ManagementDsunte Wilson
 
10 server security hacks to secure your web servers
10 server security hacks to secure your web servers10 server security hacks to secure your web servers
10 server security hacks to secure your web serversTemok IT Services
 
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesHitachi ID Systems, Inc.
 
Integrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO SystemsIntegrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO SystemsHitachi ID Systems, Inc.
 
Hitachi ID Password Manager Security Analysis
Hitachi ID Password Manager Security AnalysisHitachi ID Password Manager Security Analysis
Hitachi ID Password Manager Security AnalysisHitachi ID Systems, Inc.
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...CoLaboraDK
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Peter Selch Dahl
 
Windows Hardening RecommendationsScenarioAs a security adm.docx
Windows Hardening RecommendationsScenarioAs a security adm.docxWindows Hardening RecommendationsScenarioAs a security adm.docx
Windows Hardening RecommendationsScenarioAs a security adm.docxadolphoyonker
 
Configurable Password Management: Balancing Usability and Compliance
Configurable Password Management: Balancing Usability and ComplianceConfigurable Password Management: Balancing Usability and Compliance
Configurable Password Management: Balancing Usability and CompliancePortalGuard
 
DumpsCafe Microsoft-AZ-104 Free Exam Dumps Demo.pdf
DumpsCafe Microsoft-AZ-104 Free Exam Dumps Demo.pdfDumpsCafe Microsoft-AZ-104 Free Exam Dumps Demo.pdf
DumpsCafe Microsoft-AZ-104 Free Exam Dumps Demo.pdfDumps Cafe
 

Ähnlich wie Dell Password Manager Introduction (20)

Introduccion a la seguridad Windows 7
Introduccion a la seguridad Windows 7Introduccion a la seguridad Windows 7
Introduccion a la seguridad Windows 7
 
Sever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsSever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple Passwords
 
Reverse password synchronization with ibm tivoli identity manager redp4299
Reverse password synchronization with ibm tivoli identity manager redp4299Reverse password synchronization with ibm tivoli identity manager redp4299
Reverse password synchronization with ibm tivoli identity manager redp4299
 
Magento security best practices magento's approach to pci compliance
Magento security best practices magento's approach to pci complianceMagento security best practices magento's approach to pci compliance
Magento security best practices magento's approach to pci compliance
 
Hybrid Identity Made Simple - Microsoft World Partner Conference 2016 Follow Up
Hybrid Identity Made Simple - Microsoft World Partner Conference 2016 Follow UpHybrid Identity Made Simple - Microsoft World Partner Conference 2016 Follow Up
Hybrid Identity Made Simple - Microsoft World Partner Conference 2016 Follow Up
 
70 640 Lesson06 Ppt 041009
70 640 Lesson06 Ppt 04100970 640 Lesson06 Ppt 041009
70 640 Lesson06 Ppt 041009
 
SYMANTEC ENDPOINT PROTECTION Performing Server and Database Management
SYMANTEC ENDPOINT PROTECTION Performing Server and Database ManagementSYMANTEC ENDPOINT PROTECTION Performing Server and Database Management
SYMANTEC ENDPOINT PROTECTION Performing Server and Database Management
 
10 server security hacks to secure your web servers
10 server security hacks to secure your web servers10 server security hacks to secure your web servers
10 server security hacks to secure your web servers
 
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
 
Integrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO SystemsIntegrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO Systems
 
Hitachi ID Password Manager Security Analysis
Hitachi ID Password Manager Security AnalysisHitachi ID Password Manager Security Analysis
Hitachi ID Password Manager Security Analysis
 
Securing your Azure Identity Infrastructure
Securing your Azure Identity InfrastructureSecuring your Azure Identity Infrastructure
Securing your Azure Identity Infrastructure
 
Ecira CMS script
Ecira CMS scriptEcira CMS script
Ecira CMS script
 
Saas security
Saas securitySaas security
Saas security
 
Privileged Access Manager Product Q&A
Privileged Access Manager Product Q&APrivileged Access Manager Product Q&A
Privileged Access Manager Product Q&A
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
 
Windows Hardening RecommendationsScenarioAs a security adm.docx
Windows Hardening RecommendationsScenarioAs a security adm.docxWindows Hardening RecommendationsScenarioAs a security adm.docx
Windows Hardening RecommendationsScenarioAs a security adm.docx
 
Configurable Password Management: Balancing Usability and Compliance
Configurable Password Management: Balancing Usability and ComplianceConfigurable Password Management: Balancing Usability and Compliance
Configurable Password Management: Balancing Usability and Compliance
 
DumpsCafe Microsoft-AZ-104 Free Exam Dumps Demo.pdf
DumpsCafe Microsoft-AZ-104 Free Exam Dumps Demo.pdfDumpsCafe Microsoft-AZ-104 Free Exam Dumps Demo.pdf
DumpsCafe Microsoft-AZ-104 Free Exam Dumps Demo.pdf
 

Kürzlich hochgeladen

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 

Kürzlich hochgeladen (20)

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 

Dell Password Manager Introduction

  • 1. Dell Password Manager Formerly know as Quest Password Manager ( QPM )
  • 2. Find us on Facebook: https://www.facebook.com/allidm Follow us on Twitter: https://twitter.com/aidy_idm Look for us on LinkedIn: http://www.linkedin.com/in/identityandaccessmanagement Visit our blog: http://www.allidm.com/blog Stay connected to Allidm
  • 3. Disclaimer and Acknowledgments The contents here are created as a own personal endeavor and thus does not reflect any official stance of any Identity and Access Management Vendor on any particular technology
  • 4. Contact Us On this presentation we’ll talk about some useful topics that you can use no matter which identity and access management solution or product you are working on. If you know one that make a big difference please tell us to include it in the future aidy.allidm@gmail.com
  • 5.  Quest One Password Manager is a Web-based application that provides an easy-to- implement and use, yet highly secure, password management solution.  Users can connect to Password Manager by using their favorite browser and perform password self-management tasks  Eliminating the need for assistance from high-level administrators and reducing help desk workload.  Password Manager works with Windows domains, including domains operating in mixed mode.  Integration with Quest One Quick Connect facilitates cross-platform password synchronization that enables Password Manager to change user passwords across multiple connected data sources. Introduction
  • 6.  Global access.  Password Manager provides 24x7x365 access to the Self-Service site from intranet computers as well as via Internet from any most common browser.  Strong data encryption and secure communication.  Cross-platform password synchronization.  Password Manager has been designed for use Quest One Quick Connect, which makes it possible to automatically synchronize users‘ passwords across multiple connected data sources.  Web interface for a helpdesk service.  x64 version of Password Policy Manager.  An x64 version of Password Policy Manager module has been designed for use on domain controllers running an x64 Microsoft Windows Server operating system. Features
  • 7.  E-mail event notifications.  Advanced domain management. Password Manager is capable of managing domains across trust boundaries (no trust relationship required).  Powerful password policies.  Granular policy enforcement. Password policies are applied on a per-group or per OU basis.  Questions and Answers authentication mechanism.  Enhanced user name search options.  Users can be allowed to view their account attributes, such as user logon name, first name, display name, and SMTP address, when searching for their forgotten user names.  Fault tolerance and scalability.  Password Manager is designed to work with network load balancing clusters and in a Web farm environment. Features…
  • 8.  The Web Interface allows multiple Web sites to be installed with individual, customizable configurations.  The following is a list of configuration templates that are available out-of- the box.  Administration site is for individuals who are responsible for implementing password self-management through performing administrative tasks, such as configuring site-specific settings and enforcing password policies, to suit the specific needs of their organization.  Helpdesk site handles typical tasks performed by helpdesk operators, such as resetting passwords, unlocking user accounts, assigning temporary passcodes, and managing users‘ Questions and Answers profiles.  Self-Service site provides users with the ability to easily and securely manage their passwords, thus eliminating the need for assistance from high-level administrators and reducing helpdesk workload. Sites & Roles
  • 9.  The Password Manager license specifies the maximum number of user accounts enabled for management by Password Manager in all managed domains.  Launching the Administration site counts the actual number of user accounts, and compares it with the maximum number specified by the license.  If the actual number exceeds the maximum licensed number, a license violation occurs.  A warning message is displayed on every connection to the Administration site of Password Manager. Licensing
  • 10.  In the event of a license violation, you have the following options:  Exclude a number of user accounts from the user accounts managed to bring your license count in line with the licensed value  Remove one or more managed domain to decrease the number of managed user accounts.  Purchase a new license with a greater number of user accounts, and then update your license using the instructions provided later in this section. Licensing…
  • 11.  Password Manager requires a separate license for telephone verification feature that allows users to authenticate themselves via one-time PINs received as text messages or through automated voice calls.  License violation occurs in the following cases:  The actual number of users exceeds the maximum licensed number for the telephone verification service.  The license for the telephone verification service expired.  In case of a license violation, you will have a grace period of 30 days during which the telephone verification service is available. After this period, the service will be turned off Telephone Verification Feature License
  • 12.  When installing Password Manager, you are prompted to specify two accounts:  Password Manager Service account  Password Manager Service account is an account under which Password Manager Service runs.  You can also use Password Manager Service account as a domain management account (the account that is necessary to add managed domains when configuring the user and helpdesk scopes).  Application pool identity.  Is an account under which the application pool's worker process runs.  The account you specify as the application pool identity will be used to run Password Manager Web sites. Password Manager Service Account and Application Pool Identity
  • 13.  Password Manager to run successfully, the accounts you specify when installing Password Manager must meet the following requirements:  Password Manager Service account must be a member of the Administrators group on the Web server where Password Manager is installed.  Application pool identity account must be a member of the IIS_WPG local group on the Web server in IIS 6.0 or a member of the IIS_IUSRS local group on the Web server in IIS 7.0 and must have permissions to create files in the <Password Manager installation folder>App_Data folder.  Application pool identity account must the full control permission set for the following registry keys: HKEY_LOCAL_MACHINESOFTWAREQuest SoftwareQPM. Service account and application pool identity rights
  • 14.  Strongly recommended use HTTPS with Password Manager.  The secure hypertext transfer protocol (HTTPS) is a communications protocol designed to transfer encrypted information between computers over the World Wide Web. HTTPS
  • 15.  You can install all Password Manager components together on a single server or you can deploy the Self- Service and Helpdesk sites on a standalone server.  By default, Password Manager uses built-in certificates to encrypt traffic between Password Manager Web sites and Password Manager Service. After installing Password Manager, if the Web sites (Self-Service and Helpdesk) and the Password Manager Service are installed on different computers, it is recommended to replace these certificates with new ones. Install Password Manager
  • 16.  After you installed Password Manager on your computer, you need to initialize an instance before you begin to configure a new Management Policy  You can choose one of the two options:  Create a unique instance  Replica of an existing instance.  When you create the replica of the existing instance, the new instance shares its entire configuration with the existing instance.  Password Manager instances sharing the same configuration are referred to as a Password Manager realm. Instance Initialization
  • 17.  Password Manager allows you to install the Self-Service and Helpdesk sites on a standalone server.  You can use this installation scenario to deploy Password Manager in a perimeter network (DMZ).  When deploying Password Manager in a perimeter network:  Install the Password Manager Service and the sites in a corporate network at first (i.e. use the Full installation option in the Password Manager setup)  And then install only the Self-Service site in the perimeter network.  Use this installation scenario, only one port should be open in the firewall between the corporate network and the perimeter network  By default, port number 8081 is used Self-Service and Helpdesk Sites on a Standalone Server
  • 18.  Several Password Manager instances sharing common configuration are referred to as a realm.  A realm is a group of Password Manager Service instances sharing all settings and having the same set of Management Policies  The same user and helpdesk scopes, Q&A policy, and workflow settings.  Password Manager realms provide for enhanced availability and fault tolerance. Multiple Instances of Password Manager
  • 19.  It is not recommended to edit Password Manager settings simultaneously on multiple instances belonging to one realm.  Simultaneous modification of settings on multiple Password Manager instances may cause data loss.
  • 20.  When the Password Manager Service is installed on one computer and the Self-Service and Helpdesk sites are installed on some other computers, certificate- based authentication and traffic encryption is used to protect traffic between these components.  By default, Password Manager uses built-in certificates issued by Quest Software. Custom Certificates for Authentication and Traffic Encryption
  • 21.  To start using custom certificates for authentication and traffic encryption between Password Manager components complete the following steps: 1. Obtain and install custom certificates from a trusted Windows-based certification authority. 2. Provide certificate issued for a server computer to the Password Manager Service. 3. Provide certificate issued for client computers to the Self-Service and Helpdesk sites.
  • 22.  After initializing the Administration site, you need to configure the default Management Policy to enable users to use the Self-Service site.  The required settings you need to configure for the Management Policy are :  User scope and  Secret questions Management Policy
  • 23.  User Scope  To configure the user scope, add one or more domain connections.  Domain connections created for the user scope can also be used in the helpdesk scope and password policies.  After adding a domain connection to the user scope, you need to specify groups from the domain that will be able to access the Self-Service site.  By default, the group “Domain Users” is included in the scope when you add the domain connection to the user scope.  Secret Questions  Secret questions are the main part of the Questions and Answers policy that allows authenticating users on the Self-Service site before users can perform any self-service tasks.
  • 24.  For the domain connection that you want to use in the user and helpdesk scopes, make sure the domain management account has the following minimum set of permissions:  Membership in the Domain Users group  The Read permission for all attributes of user objects  The Write permission for the following attributes of user objects: pwdLastSet, comment, and userAccountControl  The right to reset user passwords  The Write permission to create user accounts in the Users container  The Read permission for attributes of the organizationalUnit object and domain objects  The Write permission for the gpLink attribute of the organizationalUnit objects and domain objects  The Read permission for the attributes of the container and serviceConnectionPoint objects in Group Policy containers  The permission to create container objects in the System container  The permission to create the serviceConnectionPoint objects in the System container  The permission to delete the serviceConnectionPoint objects in the System container  The Write permission for the keywords attribute of the serviceConnectionPoint objects in the System container Permissions for Domain Management Account
  • 25.  If you want to use the same domain connection in password policies as well, make sure the account has the following permissions:  The Read permission for attributes of the groupPolicyContainer objects.  The Write permission to create and delete the groupPolicyContainer objects in the System Policies container.  The Read permission for the nTSecurityDecriptor attribute of the groupPolicyContainer objects.  The permission to create and delete container and the serviceConnectionPoint objects inGroup Policy containers.  The Read permission for the attributes of the container and serviceConnectionPoint objects in Group Policy containers.  The Write permission for the serviceBindingInformation and displayName attributes of the serviceConnectionPoint objects in Group Policy containers.  The Write permission for the following attributes of the msDS-PasswordSettings object:  msDS-LockoutDuration  msDS-LockoutThreshold  msDS-MaximumPasswordAge  msDS-MinimumPasswordAge  msDS-MinimumPasswordLength  msDS-PasswordComplexityEnabled  msDS-PasswordHistoryLength  msDS-PasswordReversibleEncryption  msDS-PasswordSettingsPrecedence  msDS-PSOApplied  msDS-PSOAppliesTo  name Permissions for Domain Management Account…
  • 26.  After adding a domain connection to the user scope, you need to specify groups from the domain that will be able to access the Self-Service site.  By default, the group “Domain Users” is included in the scope when you add the domain connection to the user scope.  specify groups that are allowed to access the Self-Service site  You can also restrict some domain groups from accessing the Self-Service site.  specify groups that are denied access to the Self-Service site Domain Connection
  • 27.  Domain Controller  Selecting the domain controller allows you to specify what domain controller Password Manager should use when connecting to the managed domain.  By default, two options are available:  Domain controller used by user computer and  Default domain controller.  You can select several domain controllers to ensure fault tolerance in your environment.  By default, the first domain controller in the list will be used by Password Manager to connect to the domain.  If the first domain controller is not available, Password Manager will attempt to connect to the next domain controller in the list, and so on. Advanced Options for Domain Connection
  • 28.  Domain controller used by user computer  Is a domain controller that a user computer connects to.  It may not be the same as the domain controller used by the computer running the Password Manager Service.  The information about this domain controller is passed to Password Manager in requests made by Secure Password Extension.  Default domain controller  Is a domain controller that is automatically identified as a preferred domain controller for the computer running the Password Manager Service.
  • 29.  When Password Manager uses a domain controller other than the first one in the list of domain controllers, the Environment Health Checker scheduled task checks whether the first domain controller (with the highest priority) is available.  When it becomes available, Password Manager switches back to using this domain controller.
  • 30.  By specifying Active Directory sites in the domain connection settings you select the site in which you want Password Manager to replicate changes as soon as they occur in other sites.  This reduces downtime that users may experience when your environment has several Active Directory sites and changes do not get immediately replicated between the sites.  When specifying the site, you can select either the default writable domain controller (automatically selected in Active Directory) or select several writable domain controllers from this site.  If you specify several domain controllers, changes will be propagated to the first available domain controller in the site. Active Directory Sites
  • 31.  Changes Propagation  After you specify the Active Directory sites in which you want to push changes, you can also select what kind of changes to propagate.  The following options are available:  Propagate changes related to the user’s account in Active Directory  Propagate changes related to the user’s Questions and Answers profile  Propagate password-related changes
  • 32.  Propagating account-related changes  Select this option to propagate information about unlocking and enabling user accounts in Active Directory.  Recommended to use this option when a managed domain has users in multiple Active Directory sites.  Propagating Q&A profile-related changes  Select this option to propagate information about editing, locking and unlocking Q&A profile, and passcodes issued by help desk.  It is recommended to use this option when users and Password Manager Service use domain controllers from different sites.  Propagating password-related changes  Select this option to propagate information about changing or resetting user password.  It is recommended to use this option in the following environment.  You have several Active Directory sites in your environment;  A user’s computer and Password Manager Service are located in different sites.  User authentication is performed via a read-only domain controller (RODC).
  • 33. Dell Password Manager Formerly know as Quest Password Manager ( QPM )