PRE-REQUISITES DOCUMENT WALLIX

Wallix Bastion
Privileged Access Management
POC Pre-requisites V1.0
Lulu International Exchange

Location - AbuDhabi, United Arab Emirates

Date - 01-10-2019
PRIVILEGED ACCESS MANAGEMENT 1
PRE-REQUISITES DOCUMENT WALLIX

PRIVILEGED ACCESS MANAGEMENT 2

 PRE-REQUISITES DOCUMENT WALLIX

BASTION – “A PAM that adapts”

The WALLIX Bastion is a Privileged Access Management (PAM) solution made
up of three modules:

SES
SION MANAGER

This Component Monitors all activities & privileged users in real-time

Password Manager

Manages all passwords & SSH keys in a consolidated vault (fully encrypted & certified)

Access Manager

Centralized Privileged access through web administration console for vendors

PRIVILEGED ACCESS MANAGEMENT 3

 PRE-REQUISITES DOCUMENT WALLIX

Bastion Can be deployed on VMware or HyperV

The form factor can be OVF file or an ISO Image

Please download from below location: -

https://cloud.wallix.com/index.php/s/5eRM4ccfwf6Sq8n
Password: wallix2019
Note – password will be shared separately to download the link

Hardware Requirements for Bastion VM: -

RAM 4 GB
HDD 50 GB
CPU 4 core (Virtual)
Credentials Required: -

AD account required with read privileges for BASTION to authenticate users via AD

Network Requirements: -
Sr Source Destination Port Purpose
no.
1 User Machine Bastion 443 https
2 User Machine Bastion 3389 RDP
3 User Machine Bastion 22 SSH
4 Bastion RDS Server 3389 RDP
5 Bastion AD server 389 LDAP
6 Bastion SMTP Server 25 Alerts &
notifications

PRIVILEGED ACCESS MANAGEMENT 4

 PRE-REQUISITES DOCUMENT WALLIX

Access Manager can be downloaded from below Link: -

https://cloud.wallix.com/index.php/s/gBxySRaHdBZzDio

Password: wallix2019

Hardware Requirements for RDS & Access Manager: -

RDS server and Access Manager can be hosted on 1 server for
POC
RAM 4 GB
HDD 50 GB
CPU 4 core (Virtual)
OS Windows 2012 & above or Linux (Debian 8 or later)
DB MySQL 5.6 or 5.7 (MySQL should be installed on
Access manager server) Link to Download MySql

https://cloud.wallix.com/index.php/s/eKBkZs9DyPB3
2tM

https://cloud.wallix.com/index.php/s/qLLFodnEstkbXpE

Network Requirements for Access Manager: -

Sr Source Destination Port Purpose
no.
1 User / Admin Access 443 https
Machine Manager Server
2 Access Bastion 3389,22,443 RDP, SSH,
Manager HTTPs
Server
PRIVILEGED ACCESS MANAGEMENT 5
PRE-REQUISITES DOCUMENT WALLIX

Standard Test cases proposed from Wallix

Sr. no. Test case Result
(Pass \ Fail)
1 Access PAM from multiple workstation, OS’s etc.
2 AD integration
3 Local User creation
4 Third Party 2FA Integration
5 Browser independency
6 Access using native tools like Microsoft Windows
RDP,Putty etc.
7 Integration with multiple platforms like Windows, Linux
etc. for Single Sign On & access control
8 Integration with network devices like switches, Routers
etc. for single sign-on & access control
9 Integration with Security Devices like Firewall, web
portals like FortiGate etc.
10 Command & process restriction for windows & Linux
11 Ability to logically segregate environment via groupings
12 Ability to change passwords for all standard platforms
13 Ability to send alerts for critical events
14 Provide alternate means to login apart from Single-Sign
on like interactive logon etc.
15 Ability to integrate standard Databases like MSSQL,
MySQL, Oracle etc.
16 Ability to support workflows based on approvals
17 Ability to real time monitor user’s activity and control
them remotely
18 Ability to search within videos through text and images
19 Ability to download video \ text logs for forensics
20 Ability to view audit logs to understand who accessed
what at what time through which privilege ID with what
access level

PRIVILEGED ACCESS MANAGEMENT 6

 PRE-REQUISITES DOCUMENT WALLIX

Documentation Links for guides & manuals: -

All Guides –
https://cloud.wallix.com/index.php/s/iaz4KKottdsaAyo

These requirements will be enough to start the PoC.

Copyrights. 2019

PRIVILEGED ACCESS MANAGEMENT 7