Indeed PAM components

Indeed PAM Core

This is the central component that manages the logic of Indeed PAM operation. It is a web application that operates on Internet Information Services (IIS) web server. Indeed PAM Core uses Microsoft SQL Server as a data storage. All data is stored in encrypted form using the AES256 algorithm.

The component tasks are:

• To provide for centralized management of the users.

• To manage resource access credentials.

• To provide flexible settings via access policies.

• To store privileged account passwords.

Indeed PAM Gateway

The component provides for access to target resources and logging of user sessions. This is a combination of Windows application, application published in RDS (Remote Desktop Services) collection and modified version of PuTTy client.

The component tasks are:

• To provide for access to target resource.
• Video and photo logging of RDP\SSH\Web sessions\Client app sessions.
• Text logging of SSH sessions.
• Checking status of client components.

Indeed PAM SSH Proxy

The component is responsible for providing access to *nix target resources via SSH and logging user sessions. It is a Windows service that accepts incoming SSH connections to the TCP port specified in the settings.

The component tasks are:

• Provides access to the target *nix resource without using RDS and using any SSH clients.
• Records text logs for SSH sessions.

Indeed-Id ESSO Agent

The component intercepts application registration windows and fills them in with username and password. It represents the Windows application and browser extension.

The component tasks are:

• Autofill of registration windows in web applications and Windows applications.

Indeed-Id Admin Pack

The component provides for access to Indeed-Id SSO Agent. It is a Windows application.

The component tasks are:

• Implementation of access interface for Indeed-Id SSO Agent.

Indeed PAM IdP

This is identification center, it provides user authentication. It is a web application that operates on Internet Information Services (IIS) web server. Indeed PAM IdP uses Microsoft SQL Server as a data storage. All data is stored in encrypted form using the AES256 algorithm.

The component tasks are:

• To provide for authenticator enrollment and verification.
• To provide user authentication data to other system components.

Indeed PAM Management Console

Indeed PAM Management Console is an interface to configure, control and audit the system and is a graphical interface for Indeed PAM Core. It is a web application that operates on Internet Information Services (IIS) web server.

The component tasks are:

• The task list is identical to Administration section.

Indeed PAM User Console

Indeed PAM User Console provides for interface to access the target resources. It is a web application that operates on Internet Information Services (IIS) web server.

The component tasks are:

• Display of available accounts and resources accessible for the end user.

• To provide for starting a privileged session.

Indeed Log Server

This is a uniform event log that collects and stores the Indeed PAM events. It is a web application that operates on Internet Information Services (IIS) web server.

The component tasks are:

• To provide for event collection and storage.
• To provide for a fast event query results. 

Indeed PAM EventLog

The component is required for Indeed Log Server to work.

The component tasks are:

• Allows Indeed Log Server to communicate with Windows Log.

Indeed PAM Agent

The component is intended to track user activity at the target resource during RDP session. It is a Windows application.

The component tasks are:

• To track processes launched.
• To track active windows.
• To log keyboard input data.
• To send heartbeat messages to Indeed PAM Gateway in order to confirm its own activity.