Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Device Integration: Iraje PAM

            Modified on Mon, 27 Apr at 8:35 PM

            TABLE OF CONTENTS


            Overview

            Iraje PAM (Privileged Access Management) is a cloud-based security solution that provides secure management of privileged accounts and sessions. Integrating Iraje PAM with ADR allows centralized ingestion of logs and events, enabling:

            • Comprehensive visibility into privileged activities.

            • Proactive detection of potential insider threats.

            • Compliance-ready reporting of privileged user actions.

            This document provides step-by-step guidance on integrating Iraje PAM with ADR using API-based configuration.


            Prerequisites

            Before beginning configuration, ensure the following:

            • Valid Iraje PAM credentials (username and password).

            • Access to the ADR CCE (Collection and Control Engine) IP.

            • Network connectivity between Iraje PAM and CCE.

            • Custom port information (if Iraje PAM is running on a port other than 443).


            Configuration Steps

            1. Log in to ADR UI and navigate to:
              Administration → Add-On Store → Iraje PAM.

            2. Enter Device Details:

              • Device Name: Provide a meaningful name (e.g., Iraje_PAM_Prod).

              • CCE Host: Enter the CCE IP address.

              • Access ID / Username: Enter the Iraje PAM username.

              • Password / Secret Key: Enter the Iraje PAM password.

            3. Enter JSON Configuration:

              • Add the Iraje PAM host and custom port (if applicable).

              • See examples in the next section.

            4. Click Save to complete integration.


            JSON Configuration Examples

            • Default Port (443):

            { "host": "<pam-host>" }

            • Custom Port (if applicable):

            { "host": "<pam-host>", "custom_port": "<iraje-custom-port>" }

            Replace <pam-host> with the actual Iraje PAM hostname or IP, and <iraje-custom-port> with the assigned port number.


            Verification (MSSP Only)

            From ADR UI

            1. Log in to the ADR UI.

            2. Navigate to: System → Logs and Flows Collection Status.

            3. Check if Iraje PAM appears in the list of integrated devices.

            4. Confirm that logs/events are being received.

            From CCE Server

            Run the following command to verify log flow from Iraje PAM:

            sudo tcpdump -i any host <pam-host>

            This ensures logs are reaching the CCE server


            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0