- Created by Pavel Golubnichiy, last modified on Oct 25, 2021
Management server
Indeed Identity PAM Core
This is the central component that manages the logic of Indeed Identity PAM operation. It is a web application that operates on Internet Information Services (IIS) web server.
Consists of:
- ASP.NET Core applicatoin – core
Tasks:
- Providing centralized management of system users.
- Managing resource access credentials.
- Providing flexible settings through access policies.
- Storing privileged accounts data.
- Performing scheduled tasks.
Indeed Identity IdP
Identity Center, responsible for user authentication. It is a web application running on the Internet Information Services (IIS) web server.
Consists of:
- ASP.NET Core applicatoin - idp
Tasks:
- Training and verification of authenticators
- Providing user authentication data to other system components
Indeed Identity PAM Management Console
Indeed Identity PAM Management Console is a graphical shell for Indeed Identity PAM Core. It provides an interface for configuring, managing and auditing the system. It is a web application that operates on Internet Information Services (IIS) web server.
Consists of:
- AngularJS application – mc
Tasks:
- The task list is identical to Administration section.
Indeed Identity PAM User Console
Indeed Identity PAM User Console provides for interface to access the target resources. It is a web application that operates on Internet Information Services (IIS) web server.
Consists of:
- AngularJS application – uc
Tasks:
Displaying of available accounts and resources accessible for the end user.
Starting a privileged session.
Indeed Identity Log Server
This is a uniform event log that collects and stores the Indeed Identity PAM events. It is a web application that operates on Internet Information Services (IIS) web server.
Consists of:
- ASP.NET application - ls
Tasks:
- Collecting and storing of events
- Providing quick event query results
Indeed Identity PAM EventLog
An add-on for Indeed Identity Log Server, designed to record Indeed Identity PAM events to the Windows event log.
Task:
- Allows Indeed Identity Log Server to communicate with Windows Log.
Access server
Indeed Identity PAM Gateway
A set of components that are responsible for providing access to target resources, logging user sessions, saving logs to file storage, and processing file read operations on disks.
Consists of:
- Windows desktop application – ProxyApp.exe
- File System Driver – Pam.FsFilter
- Windows service for interacting with a file system filter – Pam.Service
- Modified SSH Client – Putty.exe
- mstsc extension
- A set of utilities and libraries - FFmpeg
- Component for controlling the executoin of processes - ProcessCreateHook
Tasks:
- Providing access to target resource via the RDP/SSH protocols and client application protocols
- Recording video and photo logs for RDP/SSH protocols and client application protocols
- Recording text logs for SSH sessions
- Monitoring and intercepting files transferred to the resource
- Saving all session logs to file storage
- Checking the status of Indeed Identity PAM client components
- Controls access to critical files and processes
Indeed Identity PAM SSH Proxy
The component is responsible for providing access to *nix target resources via SSH and logging user sessions.
Consists of:
- Windows service - Pam.SshProxy.Service
The component tasks are:
- Providing access to the target *nix resource
- Recording text logs
IndeedID ESSO Agent, IndeedID Admin Pack
A set of components that intercepts application authentication forms and fills them in with username and password.
Consists of:
- A set of applications, services, and tools for interacting with authentication forms and PAM components
- Extensions for Internet Explorer and Google Chrome browsers
Task:
- Interception and autofill of authentication forms for web-based applications and Windows desktop applications
Windows resources
Indeed Identity PAM Agent
The component is intended to track user activity at the target resource during RDP session.
Consists of:
- Windows application – Pam.Proxy.WindowsAgent.exe
Tasks:
- Keeping track of the names of running processes
- Keeping track of the names of active windows
- Logging keyboard input
- Sending heartbeat messages to Indeed Identity PAM Gateway to register its activity
Indeed Identity PAM Desktop Console
Application for connecting to target resources via Indeed Identity Pam.
Consists of:
- mRemoteNG.exe
Tasks:
- Lists the resources from the user's permissions.
- Provides the ability to run privileged sessions from a single application.
- No labels