How to prevent the "View Credential" feature once a Secure Tunnel is established

book

Article ID: 193312

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM) CA Privileged Access Manager - Cloakware Password Authority (PA) PAM SAFENET LUNA HSM CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction

Upon launching a TCP Service (WinSCP) a dialog pops up allowing the user to View Credential.
What controls this feature? How can this be suppressed?

Cause

 

Environment

Release : 3.4

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

the "View Credential" link in PAM's Secure Tunnel feature always appear when for the underlying TCP Service the Application Protocol is set to Disabled.

There is no way to eliminate this.

Please see the Note in the documentation.

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-4/implementing/configure-policies-to-provision-user-access-to-devices-and-applications/configure-devices/set-up-access-to-a-target-device/create-tcp-udp-services-to-access-a-device.html

which recommends to utilise a relevant Password View Policy to basically generate a one-time password.

Additional Information

For RDP Proxy, see another article 197338.
https://knowledge.broadcom.com/external/article?articleId=197338

Attachments