How to deploy VM Ware tools to CA PAM Virtual Server

book

Article ID: 194285

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM) CA Privileged Access Manager - Cloakware Password Authority (PA) PAM SAFENET LUNA HSM CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction

We want to deploy VMtools to CA PAM virtual host, which is deployed in ESX server. Is this possible or not?

Cause

Privileged Access Manager is delivered as a self-contained, hardened appliance in the following forms:

Physical hardware instance
VMware - OVA
AWS - AMI
Azure - VHD

A single appliance contains all the necessary components to control privileged access in an environment.
Each appliance is a hardened appliance, which means that security measures are implemented to prevent any access to the appliance.

CA PAM is a Blackbox appliance with no console access being provided, the only way to access the application is either using a Web Browser or using CA PAM client.

Environment

Release: 2.8.x, 3.x till 3.4

Component: PRIVILEGED ACCESS MANAGEMENT

Resolution

Currently, it is not possible to deploy any tools or OS hotfixes to the CA PAM appliance.

There are certain tools such as TCPDUMP can be deployed only for troubleshooting purpose by the Technical Support Team only.

Applying VMtools would not improve the user experience since the only option to connect to CA PAM either using Internet Explorer or using the CA PAM Client.

Additional Information

If deploying VMtools is a feature which is required with a proper business justification and technical impact of not being able to deploy VMtools, please do file this as a product enhancement idea, in the Broadcom communities under the 'ideation' tab.

VMtools are generally deployed on hosts that have a Graphic console for better user experience since CA PAM does not have a Graphic console or gives access to the OS.