Management server

Indeed Identity PAM Core

This is the central component that manages the logic of Indeed Identity PAM operation. It is a web application that operates on Internet Information Services (IIS) web server. 

Consists of:

  • ASP.NET Core applicatoin – core

Tasks:

  • Providing centralized management of system users.
  • Managing resource access credentials.
  • Providing flexible settings through access policies.
  • Storing privileged accounts data.
  • Performing scheduled tasks.

Indeed Identity IdP

Identity Center, responsible for user authentication. It is a web application running on the Internet Information Services (IIS) web server.

Consists of:

  • ASP.NET Core applicatoin - idp

Tasks:

  • Training and verification of authenticators
  • Providing user authentication data to other system components

Indeed Identity PAM Management Console

Indeed Identity PAM Management Console is a graphical shell for Indeed Identity PAM Core. It provides an interface for configuring, managing and auditing the system. It is a web application that operates on Internet Information Services (IIS) web server.

Consists of:

  • AngularJS application – mc

Tasks:

Indeed Identity PAM User Console

Indeed Identity PAM User Console provides for interface to access the target resources. It is a web application that operates on Internet Information Services (IIS) web server.

Consists of:

  • AngularJS application – uc

Tasks:

  • Displaying of available accounts and resources accessible for the end user.

  • Starting a privileged session.

Indeed Identity Log Server

This is a uniform event log that collects and stores the Indeed Identity PAM events. It is a web application that operates on Internet Information Services (IIS) web server. 

Consists of:

  • ASP.NET application - ls

Tasks:

  • Collecting and storing of events
  • Providing quick event query results

Indeed Identity PAM EventLog

An add-on for Indeed Identity Log Server, designed to record Indeed Identity PAM events to the Windows event log.

Task:

  • Allows Indeed Identity Log Server to communicate with Windows Log.

Access server

Indeed Identity PAM Gateway

A set of components that are responsible for providing access to target resources, logging user sessions, saving logs to file storage, and processing file read operations on disks.

Consists of:

  • Windows desktop application – ProxyApp.exe
  • File System Driver – Pam.FsFilter
  • Windows service for interacting with a file system filter – Pam.Service
  • Modified SSH Client – Putty.exe
  • mstsc extension
  • A set of utilities and libraries - FFmpeg
  • Component for controlling the executoin of processes - ProcessCreateHook 

Tasks:

  • Providing access to target resource via the RDP/SSH protocols and client application protocols
  • Recording video and photo logs for RDP/SSH protocols and client application protocols
  • Recording text logs for SSH sessions
  • Monitoring and intercepting files transferred to the resource
  • Saving all session logs to file storage
  • Checking the status of Indeed Identity PAM client components
  • Controls access to critical files and processes

Indeed Identity PAM SSH Proxy

The component is responsible for providing access to *nix target resources via SSH and logging user sessions. 

Consists of:

  • Windows service - Pam.SshProxy.Service

The component tasks are:

  • Providing access to the target *nix resource
  • Recording text logs

IndeedID ESSO Agent, IndeedID Admin Pack

A set of components that intercepts application authentication forms and fills them in with username and password. 

Consists of:

  • A set of applications, services, and tools for interacting with authentication forms and PAM components
  • Extensions for Internet Explorer and Google Chrome browsers

Task:

  • Interception and autofill of authentication forms for web-based applications and Windows desktop applications

Windows resources

Indeed Identity PAM Agent

The component is intended to track user activity at the target resource during RDP session.

Consists of:

  • Windows application – Pam.Proxy.WindowsAgent.exe

Tasks:

  • Keeping track of the names of running processes
  • Keeping track of the names of active windows
  • Logging keyboard input
  • Sending heartbeat messages to Indeed Identity PAM Gateway to register its activity

Indeed Identity PAM Desktop Console

Application for connecting to target resources via Indeed Identity Pam.

Consists of:

  • mRemoteNG.exe

Tasks:

  • Lists the resources from the user's permissions.
  • Provides the ability to run privileged sessions from a single application.

  • No labels