CyberArk PAS(Privileged Account Security) V10.1 - Hands-On, Self Paced & Live Online Training
CyberArk PAS(Privileged Account Security) V10.1 – Hands-On, Self Paced & Live Online Training
CyberArk Privileged Account Security(PAS) is a leading Privileged Account Security Solution designed to discover, secure, rotate and control access to privileged account passwords throughout the enterprise IT environment.
Approach to the Course:
- Complete 100% practical approach, right from explaining concepts, pre-requisites, installation of each component, environment, services and integration with full suite.
- Access to Curriculum (Total 5 Virtual Box Images for hands on, Videos, Running Notes) of the course for the life time. Click to Access Curriculum.
- Topic Explanation followed by practical demonstration.
- Components Covered are – EPV Standalone, EPV 2 node Cluster with Storage, DR Vault, CPM, PVWA, PSM, PSMP, OPM, AIM, Upgrade, Integration (AD, Exchange, Splunk), Targets(Linux, DB, Windows, MS SQL Server Mgmt. Studio), Troubleshooting and support.
- Course will cover latest CyberArk PAS version 10.1 (with new UI & features)
Privilege Account Security and CyberArk Offerings or Product Overview:
Download Course Contents PDF =>
- Understand the CyberArk PAS architecture
- Overview of All CyberArk Products
- Security Layers of Enterprise Password Vault
- Pre-requisites for Installation of CyberArk Digital Vault
- Standalone Installation of CyberArk Digital Vault
- Installation Of PrivateArk Client
- Walk-through CyberArk Digital Vault, safes, configuration and log files, services, Built in Users & Groups, Safes and Vault Level Permissions, Locations, Network Areas, File Categories, PrivateArk Reports and Encryption Mechanism of the Vault.
- High Availability(cluster) deployment of CyberArk Digital Vault
- Pre-requisites – Network, AD DS and DNS, OS Level Clustering, SAN Storage and adding storage to Cluster.
- Cluster Topology
- Cluster installation on 2 nodes
- Configuration of CyberArk Vault Cluster Services – IP, Storage, Core Services
- Defining Dependencies
- Cluster Failover Testing – All Three Scenarios
- A. Node Crash
- B. Cluster Service or Network Failure
- C. Manual Migration of CyberArk Services from One node to another & vice-a-versa
- Vault High Availability using Cluster Vault Manager (CVM)
- On board new accounts of various types – Linux, Windows Local Accounts, Windows Domain Accounts, Oracle DB, Microsoft SQL Server Management Studio etc.
- Perform daily operation and maintenance tasks
- Understand features of Central Policy Manager (CPM)
- Pre-requisites and Installation of Central Policy Manager (CPM)
- Users and Safes created by CPM in the Vault
- Go-through CPM local Environment on CPM Server
- Understand features of the Password Vault Web Access (PVWA)
- Pre-requisites and Installation of the Password Vault Web Access (PVWA)
- Users and Safes created by PVWA in the Vault
- Go-through PVWA local environment on PVWA Server
- Understand features of the Privileged Session Manager (PSM)
- Pre-requisites and Installation of the Privileged Session Manager (PSM)
- Users and Safes created by PSM in the Vault
- Go-through PSM local environment on PSM Server
- LDAP(AD) integration and User management
- SMTP (Exchange), SIEM(SPLUNK), SNMP and RADIUS integration
- Manage all aspects of Master Policy (Password Management, )
- Create and Manage safes and accounts in the Vault
- Perform and test configuration at Platform level
- Understand On-Demand Privilege Manager (OPM) for Unix and the benefits it offers over the existing SUDO solution
- Understand OPM Architecture and flow
- Installation of On-Demand Privilege Manager (OPM) on a Linux Box
- On-Demand Privilege elevation using policies defined in PVWA
- Active Directory Bridging for Linux servers using OPM
- Observing Vault Configuration for OPM
- Execution of use cases for OPM (Privilege Elevation, Black-listing/White-listing Commands)
- OPM Service Management, logs and troubleshooting
- Understand Multiple Component Architecture: CPM, PVWA, and PSM
- Hands on with CPM Usages
- Hands on with DR Drill, Backup and Restore
- Privileged Session Manager SSH Proxy or PSMP – Installation and end to end Implementation with PSM SSH Proxy and AD Bridge
- Password Upload Utility
- Perform daily operation and maintenance tasks – start/stop, observe logs for various components, important configuration files and known issues with troubleshooting steps.
- Hands on in Administrative tasks like Creating and Managing Locations, Users, and Groups; Creating and Managing Safes and Owners; Transparent User Management by Managing Directory Maps, modifying External User Accounts, managing Safe Ownership for LDAP Users and Groups; Working with Master Policy and Managing Platforms.
- Observe the various types of reports like the reports generated in the Private Ark Client and the PVWA as well as the permissions needed to generate the reports and various options.
- Understand the safe design and how to build Access Control also understand how to assign permissions to various safes in order to implement the relevant level of access control for safes in the Vault.
- Account On-Boarding of large number of Accounts to the Vault in an automatic manner using Accounts Discovery Utility as well as the Password Upload Utility.
- Hands on in implementing Logon Accounts (Linux) and Reconciliation Accounts (Windows) using CPM.
- Security Architects
- Security Consultants
- IT Administrators
- IT Engineers
- Vault Administrators
- Support Engineers
Pre-requisites: Basic understanding of Linux and Windows
Market : The global privileged identity management (PIM) market will grow impressively during the forecast period and will post a CAGR of almost 20% by 2020. Source: https://www.technavio.com/report/global-it-security-privileged-identity-management-market
Gartner positions CyberArk in Leaders and Visionary section within Privileged Access Management Solutions. Source – https://www.gartner.com/reviews/market/privileged-access-management-solutions/vendor/cyberark/ratings