Iraje iwar Manual Version 8

Introduction


Iraje PAM provides iwar. The term "iWAR" stand for “Iraje Windows Advanced Restrictions. This feature emphasizes on enforcing restrictions on any windows server which exist in PAM Perimiter in order to secure it. The restriction can be enforced on applications as well as particular commands which can be executed by the PowerShell/command prompt/batch files etc.the iwar agent should be installed on the target server so that restrictions can be enforced on it. The agent can be installed either manually or directly through PAM application. when i-WAR is installed it opens port 1300 and listens to it.

Purpose


Control: iwar agent helps PAM admins to restrict applications on window devices ensuring the application accessed are within the organizations policy. Monitor: PAM admins can monitor the critical assets of the organization and also the users who are trying to execute application that are restricted.. Security: This module makes the environment safe and secure as the users are restricted to using only those application that they are eligible.

Target Audience


Admins Using Iraje PAM | Auditors | Information Security Team

Operating Procedure for Iwar agent


  • Manually

    Contact PAM admin for the istallation setup file configurtion.installation the iwar setup on the target server where we want to allow restriction on application access.check the services of iwar are in running state in cmd with cmd services.msc

  • Though PAM application

    To direct install iwar connection should be admin connection.go to PAM access control master module go to admin group and go to configure acm option go to manage agent option then theconnection on the which u want to install iwar agent will be visible if its is the admin connection. now right click on the connection and install agent automatically.status will be shown in the agent installation column

Work flow of i-war


Go to the group in which the connection is present then got access control master then go to the connection in which we want to restrict the application. then right click on the connection and select windows command controller then page will be open in which there will be predefine application name which we can restrict and on top of that we can also add application commands which we want to restrict. once the restriction is applied a blue tick mark will appear in the windows command controller column of Access control master page. use case: to restrict on demand windows application based on the privialeged user.

Reports


Agent Reports are critical to security to identify the outliers who are bypassing PAM solution to take direct access on the critical assets. This is to identify the people violating security policies of the organization. This is one of the most critical reports for the Audit and Compliance of the organization. These reports are unique to Iraje PAM as i-war access report on Windows.