Scribd
Upload
446 views

CyberArk Cookbook - Lesson 1a

This document provides an overview of the Cyber-Ark Vault system. It discusses the vault concept as a secure storage and sharing platform protected by multiple security layers. Key terminology is explained such as safes for organizing passwords, owners for setting permissions on safes, and network areas for grouping systems. The PrivateArk client is covered as the tool for remotely managing the vault. The document outlines what is included in the vault software package, such as the operator CD needed to start the vault server. It also differentiates between installing the vault software versus using the pre-configured appliance. Hands-on exercises are mentioned to get practical experience with the vault.

Uploaded by

Gary Fung
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
446 views

CyberArk Cookbook - Lesson 1a

This document provides an overview of the Cyber-Ark Vault system. It discusses the vault concept as a secure storage and sharing platform protected by multiple security layers. Key terminology is explained such as safes for organizing passwords, owners for setting permissions on safes, and network areas for grouping systems. The PrivateArk client is covered as the tool for remotely managing the vault. The document outlines what is included in the vault software package, such as the operator CD needed to start the vault server. It also differentiates between installing the vault software versus using the pre-configured appliance. Hands-on exercises are mentioned to get practical experience with the vault.

Uploaded by

Gary Fung
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 20

Cyber-Ark lesson

Vault
Objectives

• What is the Vault Server


• Terminology: Safes, Owners, Users…
• PrivateArk client
• In the Box – Master and Operator CD
• Vault Environment
• Software vs. Appliance
• Exercise

2
Digital Vault – The Concept

A safe haven, highly


secured regardless of
overall network security

3
Tightly Coupled Layers of Security

• US Patent #6,356,941
• Unparalleled centralized secure storage and sharing platform
• Securing data from end-to-end using multiple security layers

Cyber-Ark
LAN, WAN,
Vault Server INTERNET

4
Terminology - Users

Vault Server

Location Location Location

Location User User Group

User

5
Terminology - Safes

Vault Server Owner Owner

Safe Safe Safe

Folder Folder Folder

Password/File Password/File

Password/File Password/File

• Users can be owners of safes with different


level of permissions (read only, read/write..)
6
Terminology

Vault Server

Network Area Network Area Network Area

Examples:
• London Office - 192.168.x.x
• Administrator room – 192.168.42.12 -
192.168.42.19
• Backup Server – 192.168.47.6
7
Vault Management’s client

• PrivateArk Client
• End-to-end Security, High-Performance,
Worldwide Accessibility

8
Why I need it?

• Administer The Vault

9
How to install

Two Methods :
• Windows Install (Normal Or silence Installation)
• ActiveX

10
Vault Environment
Vault Environment

12
Vault Config Files

• DBParm.ini
–Main Configuration file of the vault

• Passparm.ini
–Configure password policy of the vault

• PARagent.ini
–Configure Remote Control in the vault

13
Vault Log Files

• Italog.log
–Main log file of the vault server
–It is detailed according to the debug level
configured in the dbparm.ini

• PARAgent.log
–Log file of the remote control agent

14
In the Box

• Software CD
• Unique Operator CD (2 sets)
–Encryption Keys for the
Vault server to start
–Should be kept in a physical safe
• Unique Master CD (2 sets)
–Encryption Keys for the
Vault server to start
–Encryption Keys for the Master User to logon
–Should be used only in case of a disaster
–Should be kept in a physical safe

15
Installing the Vault Server

• Make all preparations:


–Backup decisions
–Authentication decisions
–Static IP
–Encryption keys
–Make sure the hardware and SW requirements
were met (Clean OS, no anti-virus etc.)
• Installation
–Make sure the customer keeps Master password
• Following Installation
–Check that Vault is up and running

16
Software vs. Appliance

• Cyber-Ark is a software company


• Based on DELL hardware which are pre-
installed and configured with the Cyber-
Ark Enterprise Password Vault
• Basic/Advanced Appliance specs
• Vault Appliance only (not all-in-one)

17
Hands on Lab

• Cyber-Ark Vault Exercise

18
Summary

• Vault – “Island of Security”


• Terminology: Vault , Safes, User,
Network Area
• Powerful Management Client
• Enterprise Password Vault Box
• Appliance (Pre Installed Server)
• Additional Info can be found in the
Implementation Guide.

19
Q&A

You might also like