Identity and Access Management Integrated Lab

Solution Overview

This lab demonstrates integration from several different Identity toolsets, including Lifecycle and Governance, Privileged Account Management and Single Sign-on. The integrations demonstrated in this lab show how a properly configured IAM infrastructure can allow an organization to create a new user in an HR system and automatically provision access to that user based on the user's department/job title. 

Goals & Objectives

By the end of the lab, the lab user should better understand how various products can be integrated to enhance and automate an organization's Identity posture. The lab user will get to create new employees in OrangeHRM, then follow the provisioning process for these new users. The lab user will then get to log in to CyberArk using the newly provisioned user accounts in order to see how each account's access differs based on the user's department. 

The lab will also provide details on the various products featured in the lab, including RSA's Identity Governance and Lifecycle platform, CyberArk's Privileged Account Management solution and Okta's Single Sign-On portal. 

Hardware & Software

  • Core Components
    • Jumpbox (Windows 10)
    • Active Directory Domain Controller (Windows 2016)
  • OrangeHRM HR System (Web and DB server both hosted on the Domain Controller)
  • CyberArk
    • Components Server (Windows 2016)
    • Vault Server (Windows 2016)
  • RSA Identity Governance and Lifecycle
    • RSA IGL App Server (SUSE Linux)
    • Oracle DB Server (CentOS 7)
  • Okta SSO Instance (Cloud hosted)
  • Demo Web Server (CentOS 8)