The PK is used to authenticate against the CyberArk Vault.When a Privileged Account is required to launch a supported technology, RDM obtains the appropriate PK from the workstation (the PK must be held in the certificate store for the user).This gives the user a view into RDM content as per the permissions set in Role-Based Access Control. The user is authenticated to RDM with a Least Privilege Account.The following diagram illustrates this system:
Once you have implemented CyberArk’s AAM, you will need to authenticate to RDM, regardless of which data source you are using. This module allows for Private Key (PK) authentication, which means that the whole Identification/Authentication phase is managed by your IT Department - thus rendering passwords completely unnecessary. To create a passwordless system, the only requirement is that you must implement CyberArk's Application Access Manager (AAM) as part of your organization’s CyberArk deployment. This completes the current round of improvements, and essentially allows organizations to go passwordless for their day-to-day workflows.
Today, I’m happy to announce that the third entry type has been refreshed in RDM 2020.3.
In Remote Desktop Manager (RDM) 2020.2, we refreshed two out of three CyberArk entry types in order to take advantage of their improved API. During the last few months, you may have noticed a heightened level of collaboration between Devolutions and CyberArk.
0 kommentar(er)
