Nowadays it’s not an easy task to maintain identity management and unstructured data governance. To overcome this type of hurdle, we have come up with new technology that is known as “SailPoint”. This type of tool is mainly used to bring more users, data, and applications together to form an effective software product. This SailPoint application is also available for cloud-based and on-premise applications. Today we are going to discuss SailPoint integration. Sailpoint integrates with ServiceNow and OKTA software tools. In this SailPoint integration tool, we are going to explain the important steps involved to integrate SailPoint. Are you excited to learn how to integrate SailPoint software? Then let’s begin.
SailPoint is an identity security management platform for various digital transformations. The SailPoint Corporation is an Austin Texas tech-based company and mainly developed to provide identity management and unstructured data access governance. The SailPoint software is a fully-featured and cloud management identity governance solution that provides access requests, delivers passwords, access application features for mobile, cloud, and on-premise software applications. SailPoint is an Identity and access management software solution and offers an integrated approach to various software applications.
Below are the major features of SailPoint:
1. Offers compliance controls and certifications.
2. Helps users with self-service access based and password management.
3. Provide access management:
a. Authentication or MFA
b. Single-sign-on service.
4. Supports automated software lifecycle management.
5. Policy and role based access controls.
6. Cloud and data access governance management.
7. Offers identity analytics and recommendations.
With the help of privileged access manager integrates the SailPoint tables (You can consider users, current roles, and user group assignments). Privileged access managers can also consist of roles and job assignments. In SailPoint both the user group and access manager roles can be identified as entitlements.
1. Set Up:
We already know that SailPoint integrates with the help of privileged access manager licensing options. SailPoint also integrates with the method called SailPoint STI (simple table integration). SailPoint also uses port number 3306 for communications.
The steps involved are:
1. First go to the privileged access manager -> then select the third point -> then choose “SailPoint”.
2. Now you need to enter the “Database user” and “Database password”, here you need to mention the password which is used for SailPoint configuration.
3. Now it’s time to set up the update interval -> so the Access privileged manager always checks for the incoming SailPoint data requests, and exports the relevant data to the SailPoint.
4. Enter at least one SailPoint server address. These addresses act as connections to perform SailPoint integration. This consists of a valid IP address, FQDN, and SailPoint configuration hostname.
5. Then click on the Save button to save the SailPoint configuration settings.
6. Click on the install button to set up the SailPoint table integration. Here the installation can be done only once at a time. This button will be enabled if the SailPoint is licensed and disable the installation button once you finish up the process.
7. Now select the Download which is stored in the Zip file to access the Privileged access manager application. Use this type of file during the time of configuration to integrate the SailPoint application. Now unzip the file and save the configuration set up, here the file type used is XML.
8. Use the Import button which is an optional step and privileged access manager to read the provisioning queues. Importing can be done automatically and also update the interval settings.
9. Here the export button is also an optional one and uses the privileged access manager to populate the SailPoint tables.
2. SailPoint configuration:
Before you performing integration with SailPoint, you need to install the below software,
1. First install the Life cycle manager (LCM) module for SailPoint integration.
2. Then install the STI (simple table integration).
Now it’s time for the SailPoint configuration:
1. Go to the SailPoint identity IQ -> then click on the configuration gear icon-> then choose settings.
2. Now import from the file option which is available in the left side corner.
3. Now you need to choose the file that comes under Import objects. Here the file type should be of an XML file format; this should be downloaded during the time of privileged access manager configuration.
4. Now choose the import option.
5. Then go to the application option, in that application definition -> select the CAPam application. This displays the Edit CAPam application page.
6. Select the configuration file.
7. Under settings enter the correction connection password ->this is not available in the form of XML file format.
8. Now you need to enter the objects and attributes like a user group, role, and user group.
9. Select the test connection -> if the connection is established successfully, then you will get the message like the test is successful. -> if not edit the password and cross check it.
10. Then click on the save button to save the settings.
3. SailPoint IdentityIQ configuration:
1. Under configuration section -> choose the privileged manager policy.
2. Under object type -> choose account type to create type and user.
3. Now select the attribute -> select the last name.
4. Select the value settings -> here the last name can be mentioned as a static value.
5. Save the settings.
6. on the “edit application CAPam, policy password page, configuring default password, and privileged access manager details.
4. Steps involved creating the user:
Here you need users with local Auth type and creating parameters also required. Below are the few attribute types:
a. First name: Defines user first name.
b. Last name: Defines user last name.
c. Email: Defines user mail id.
d. Password: this specifies the authenticate user password.
e. Auth type: Users need to specify local or CAC. (Maybe smart card users).
f. IIQdisabled: true if a user is disabled or false if a user is enabled.
g. Roles and user groups: which are assigned as entitlements.
5. Aggregate tasks:
Aggregate tasks are defined in SailPoint to collect the users and Entitlement from the privileged access managers.
Below are the steps to aggregate tasks:
1. Go to the menu SailPoint tab -> Choose the setup tasks.
Here the two tasks are set up with the help of the initial configuration.
a. CAPam Account aggregation: this task regularly reads the privileged access manager and helps to keep in sync with the entitlements and users.
b. CAPam group aggregation: this task helps to read the privileged access manager user-defined roles and groups and that creates the SailPoint entitlement.
2. To schedule a task, right-click on the privileged access manager task -> then schedule it from the drop down approach to display the new scheduled task manager.
3. Here select the tab of the scheduled task to edit the schedules -> then select the run box to edit the next task schedule tab -> this will automatically run the task immediately.
4. If you want to see a list of SailPoint entitlements -> go to the main menu -> applications and entitlement catalog.
6. Activity log to set up the SailPoint integration:
This activity log is mainly used to display information about SailPoint integration. In this, you have to perform activities like create, update, delete actions, results, and time schedule. To view the activity log in the SailPoint integration.
1. First go to the configuration tab -> then select 3rd party -> choose SailPoint.
2. Then select the activity log button.
3. The log table will be sorted by clicking on the column headings -> with the help of this heading you can filter the data and control it.
4. The info columns offer the error notification if required.
In this SailPoint integration blog, we have explained the important steps to configure the SailPoint integration. You may be thinking about why we need SailPoint integration. It provides compliance resolution, also supports inappropriate access triggered inside the threat preventions, and also supports risk management. The SailPoint integration can also be used by ServiceNow and OKTA. In SailPoint integration, the success factor is considered to be an authentic source and helps to create identity policies and access the company resources. Due to all these reasons, business enterprises need to integrate the SailPoint process to create and manage access tools.
Batch starts on 22nd May 2021, Weekend batch
Batch starts on 26th May 2021, Weekday batch
Batch starts on 30th May 2021, Weekend batch