This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Entitlement filtering to endpoints under one security system

aundreb
Regular Contributor
Regular Contributor

‎06/07/2023 07:17 AM

What is the best practice for filtering entitlements when it comes to using multiple endpoints under one security system?

1) Some applications don't have an endpoint filter, in this case for something like an Oracle database where you have a privileged and non-privileged endpoint under one security system, how can you filter entitlments to each endpoint in a way that is scalable and not manual.

2) Is it a Saviynt best practice that you should always use 1 security system and 1 endpoint even if the security systems point to the same connection?

Thanks,

Aundre

Labels:
0 Kudos
5 REPLIES 5

Darshanjain
Saviynt Employee
Saviynt Employee

‎06/09/2023 07:39 AM

Hi @aundreb 

Endpoint filter is used mostly for logical applications such as AD. Now when you say how to filter entitlements can you be more clearer on this.

You can have multiple endpoints under one security system as well.

 

Thanks

Darshan

0 Kudos

aundreb
Regular Contributor
Regular Contributor
In response to Darshanjain

‎06/09/2023 08:01 AM

So when you do a recon for a particular security system via an Application data import job. How do you achieve filtering entitlements/accounts to different endpoints under 1 security system?

For example Entitlement 1 that is a regular privilege goes to Endpoint 1 and Entitlement 2 for privileged accounts goes to Endpoint 2.

0 Kudos

Darshanjain
Saviynt Employee
Saviynt Employee
In response to aundreb

‎06/27/2023 06:02 AM

Hi @aundreb 

For AD, there is option called endpoint_filter in Connection Json.

For more details you can check the below link 

https://docs.saviyntcloud.com/bundle/AD-v55x/page/Content/Configuring-the-Integration-for-Importing-...

 

Thanks

Darshan

 

 

0 Kudos

aundreb
Regular Contributor
Regular Contributor
In response to Darshanjain

‎06/27/2023 06:20 AM

Hi @Darshanjain , I'm aware of the AD endpoint filter, however my question is more so across multiple applications like SAP, Oracle, etc as they do not have an endpoint filter. In this case is the best practice to use a single security system and endpoint vs 1 security system and multiple endpoints under the 1 security system?

0 Kudos

Darshanjain
Saviynt Employee
Saviynt Employee
In response to aundreb

‎06/30/2023 07:11 AM

Hi @aundreb 

For the other connectors, you need to manage it as separate Security system and connections.

 

Thanks

Darshan

0 Kudos
Copyright © 2023 Khoros, LLC