CyberArk PAM Deployment
Learn how to deploy your CyberArk PAS environment with the EPV vault installation and CyberArk component servers such as the PVWA, CPM, PSM, among others.
Module 1: VMware Configuration and Server Installation.
Installation of VMware Workstation for virtualization
1.1. System Configurations for Your Virtual Lab
Setting up the necessary configurations to establish your virtual lab environment
1.2. VMware Workstation
Installation of VMware Workstation PRO
1.3. Windows Server Installation
Installing the Windows Server operating system for use in your lab
1.4. Windows Server Activation
Activating the Windows Server installation
Module 2: Vault Installation & Configurations
Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.
Module 3: PVWA (Password Vault Web Access) Installation & Configurations
3.1. PVWA Pre-requisites
– Identifying and ensuring the prerequisites for PVWA installation.
3.2. PVWA Installation
– Step-by-step installation guide for Password Vault Web Access.
3.3. PVWA Main Configurations
– Configuring PVWA for optimal performance and security.
3.4. PVWA In-built Safes Overview
– Understanding the built-in safes within PVWA.
3.5. PVWA In-built Users
– Managing built-in users within PVWA.
3.6. IIS Applications Overview
– Exploring IIS (Internet Information Services) applications in the context of PVWA.
3.7. Certificate Binding
– Configuring SSL certificates for secure PVWA access.
3.8. PVWA Interface
– Navigating and customizing the PVWA user interface.
3.9. PVWA Operational Tasks
– Performing essential operational tasks within PVWA.
3.10. CyberArk Safes, Master Policies, Platform Settings Overview
– Understanding safes, policies, and platform settings in the CyberArk ecosystem.
3.11. Changing the PVWA Login Screen Logo
– Customizing the PVWA login screen with your organization’s logo.
3.12. PVWA Login Message
– Configuring a custom or client-specific login message for PVWA
3.13. PVWA Hardening
– Enhancing security measures and hardening PVWA.
3.14. PVWA Services
– Managing and configuring services related to PVWA.
Module 4: CPM (Central Policy Manager) Installation & Configurations
4.1. CPM Pre-requisites
– Identifying and ensuring the prerequisites for CPM installation.
4.2. CPM Installation
– Step-by-step installation guide for Central Policy Manager (CPM).
4.3. CPM Main Configurations
– Configuring essential settings and options within CPM.
4.4. CPM In-built Safes
– Understanding and working with in-built safes in CPM.
4.5. CPM In-built User
– Managing and configuring users within the Central Policy Manager.
4.6. CPM Scanner Service Troubleshooting
– Troubleshooting common issues related to the CPM Scanner Service.
4.7. CPM Operational Tasks
– Performing essential operational tasks within CPM.
4.8. Safes & CPM Master Policies
– Understanding the role of safes and master policies in CPM.
4.9. Changing Accounts’ Password
– Demonstrating the process of changing accounts’ passwords using CPM.
4.10. CPM Hardening
– Implementing additional security measures and best practices to harden CPM.
4.11. CPM Services
– Managing and configuring services related to Central Policy Manager.
Module 5: PSM (Privileged Session Manager) Installation
5.1. PSM Installation
– Step-by-step guide for installing Privileged Session Manager (PSM).
5.2. PSM Pre-requisites
– Identifying and ensuring the prerequisites for PSM installation.
5.3. PSM In-built Safes
– Understanding and working with in-built safes in PSM.
5.4. PSM In-built Users
– Managing and configuring users within Privileged Session Manager.
5.5. Privileged Session Manager (PSM) Service
– Overview and configuration of the PSM service.
5.6. PSM Shadow User
– Configuring and using shadow user accounts for monitoring sessions.
5.7. PSM Ports
– Explanation of ports used by PSM and their configurations.
5.8. Pointing the Connection to One PSM in a Load Balanced Environment
– Ensuring session connections are directed to a specific PSM in a load-balanced setup.
5.9. PSM Workflow
– Understanding the workflow and processes involved in PSM.
5.10. Platform Policy
– Implementing platform-specific policies in PSM.
5.11. PSM Connect Password
– Configuring and managing connect passwords for sessions.
5.12. PSM Configuration
– Configuration options and settings within PSM.
5.13. PSM RDP Connection
– Establishing remote desktop protocol (RDP) connections through PSM.
5.14. PSM Session
– Managing and monitoring privileged sessions using PSM.
5.15. PSM Hardening
– Implementing additional security measures and best practices to harden PSM.
Module 6: Active Directory Installation
6.1. AD Users and Computers
– Navigating and managing Active Directory users and computers.
6.2. How to Promote a Server to a Domain Controller
– Step-by-step guide on promoting a server to a domain controller within Active Directory.
6.3. Adding a Computer to a Domain (Server 2012)
– Adding computers to an Active Directory domain on a Windows Server 2012 system.
– Managing Active Directory accounts and permissions within CyberArk.
Module 7: DR Vault Installation & Configurations
7.1. Disaster Recovery (DR) Vault Pre-requisites
– Identifying and ensuring the prerequisites for Disaster Recovery Vault installation.
7.2. DR Vault Installation
– Step-by-step guide for installing Disaster Recovery Vault.
7.3. DR Main Configurations Files
– Configuring essential settings and files within Disaster Recovery Vault.
7.4. Disaster Recovery (DR) Ports
– Understanding the ports used in Disaster Recovery Vault.
7.5. DR Full/Incremental Replication
– Implementing full and incremental replication for Disaster Recovery.
7.6. DR User Overview
– Managing users in the Disaster Recovery Vault.
7.7. Disaster Recovery (DR) Vault Concept
– Understanding the concept and purpose of Disaster Recovery Vault.
7.8. Production Vault & DR Vault Identical Settings
– Ensuring identical settings between Production Vault and Disaster Recovery Vault.
7.9. DR Vault Service
– Managing and configuring services in the Disaster Recovery Vault.
7.10. Routing the PVWA, PSM to DR Vault
– Configuring routing for PVWA and PSM to the Disaster Recovery Vault.
7.11. DR Padr.ini
– Understanding the Padr.ini configuration in Disaster Recovery.
7.12. How DR Vault Checks if Production Vault Server is Active or Inactive
– Explaining how Disaster Recovery Vault determines the status of the Production Vault Server.
7.13. DR Vault PADR Log Files
– Managing and interpreting PADR log files in the Disaster Recovery Vault.
7.14. Creating a new DR user for Production Vault
– Step-by-step guide on creating a new user for the Production Vault in Disaster Recovery.
Module 8: Disaster Recovery Failover
8.1. Failover and Failback
– Understanding the concepts of failover and failback in Disaster Recovery.
8.2. What is DR Drill
– Explaining the purpose and process of a DR drill.
8.3. DR Predefined or Manual Failover
– Differentiating between predefined and manual failover in Disaster Recovery.
8.4. DR Automatic Failover
– Understanding automatic failover in Disaster Recovery.
8.5. DR Partial Failover Concept
– Explaining the concept of partial failover in Disaster Recovery.
8.6. Why DR Failback is always Manual?
– Discussing the reasons behind manual failback in Disaster Recovery.
8.7. DR PVWA/PSM/CPM Failover Concept
– Understanding the failover concept for PVWA, PSM, and CPM in Disaster Recovery.
Module 9: Linux Server & PSMP Installations
9.1. Centos 7 Installation Step by Step
– Step-by-step guide for installing CentOS 7.
9.2. Centos Installation on VMware
– Installing CentOS on a VMware virtual machine.
9.3. PSMP Pre-requisites
– Identifying and ensuring the prerequisites for PSMP installation.
9.4. PSMP Installation or PSM for SSH Installation
– Installing PSMP or PSM for SSH.
9.5. PSMP Installation
– Detailed installation guide for Privileged Session Manager for SSH.
9.6. PSMP ADBridge
– Configuring the Active Directory Bridge in PSMP.
9.7. PSMP Repair Procedure
– Repair using command line scripting or PowerShell prompt
9.8. PSMP Configuration
– Configuration options and settings within PSMP.
9.9. PSMP Install Logs
– Examining installation logs for troubleshooting.
9.10. PSMPConsole Logs
– Analyzing console logs for diagnosing issues.
9.11. PSMPTrace Logs
– Reviewing trace logs for troubleshooting and auditing.
9.12. AD Bridge Configuration File
– Configuring the Active Directory Bridge configuration file.
9.13. PSMP Uninstall
– Uninstalling PSMP when necessary.
9.14. WinSCP File Transfer
– Using WinSCP for secure file transfers.
Module 10: AAM Installation
10.1. CP Installation
– Installing the Credential Provider (CP) for AAM.
10.2. Password SDK
– Understanding the Password Software Development Kit (SDK) used in AAM.
10.3. Types of Credential Providers – CP, CCP, ASCP
– Exploring different types of Credential Providers including CP, CCP, and ASCP.
10.4. CyberArk AIM Tool
– Introduction to the CyberArk Application Identity Manager (AIM) Tool.
10.5. AIM Installation Guide
– Step-by-step guide for installing the Application Identity Manager (AIM).
10.6. AIM Agent Installation
– Installing AIM agents for identity management.
10.7. AIM vs. AAM
– Comparing and contrasting Application Identity Manager (AIM) with Application Access Manager (AAM).
10.8. CCP vs. CP
– Understanding the differences between Central Credential Provider (CCP) and Credential Provider (CP).
Module 11: Install & Configure Vault Backup/Replicate Utility
11.1. Install the Vault Backup Utility
– Step-by-step guide for installing the Vault Backup Utility.
11.2. Replicate Utility
– Understanding the Replicate Utility for data replication.
11.3. Backup Key
– Managing backup encryption keys for data security.
11.4. Replicate Log File
– Exploring log files generated during the replication process.
11.5. Backup Script
– Creating and configuring backup scripts for automated backups.
11.6. Incremental Backup
– Performing incremental backups to save time and resources.
11.7. Full Backup
– Performing full backups for comprehensive data protection.
Module 12: Restore a Primary Vault
12.1. How To Restore a Full Vault using PA Restore
– Step-by-step guide for restoring a full vault using the PA Restore tool.
12.2. How To Restore a Single Safe using PA Restore
– Restoring individual safes using PA Restore.
12.3. Restore from Backup
– Initiating a restore process from a backup file.
12.4. Restore Deleted Account
– Recovering deleted accounts from backup.
12.5. Restore Safe
– Restoring specific safes from backup.
12.6. Full Vault Restore
– Performing a complete vault restoration.
12.7. Restore Database
– Restoring the vault database for data recovery.
Module 13: REST API and Postman
These topics will provide a foundational understanding of REST APIs and their application using the Postman tool, specifically within the context of CyberArk.
13.1. REST APIs using Postman
– Introduction to REST APIs and their usage with Postman.
13.2. REST API Calls using Postman
– Performing REST API calls using the Postman tool.
13.3. REST API Collections
– Understanding and working with REST API collections in Postman.
13.4. Overview of CyberArk REST API
– An overview of the RESTful API provided by CyberArk.
13.5. Get Platform Details using Rest API
– Demonstrating how to retrieve platform details using the CyberArk REST API.