Skip to main content
Skip table of contents

Service Architecture Overview

Sectona Privileged Access Management (PAM) system is built on service-based architecture leveraging Internet Information Services (IIS) as a web server and supporting embedded or Microsoft SQL as a vault access option.

Enterprise edition is equivalent to embedded vaulting and Enterprise Plus allows external RDBMS vault deployments. All services or modules can be activated based on your licenses and additional modules must be activated for actual configuration.

With no options for native operating system dependent services, the web interface allows you to manage services within the solution. For more information on managing services, you may refer to documentation in the section Monitoring System Health & Service Status

Component Characteristics

Sectona PAM platform is a self-contained system based on .NET framework and related technologies. Sectona PAM platform uses the IIS web server and supports both embedded and external RDBMS to store passwords and configuration data. Multiple components of the system include:

Build Components

Component Name

Description

Built-In Web Access

Support for Distributed Setup

Sectona Web Access

Web-based interface for the users and administrator to communicate with the vault and leverage system services.

-

-

Vault Storage Host

Secure, encrypted, tamper-proof storage for passwords, certificates, and keys.

-

Yes

Sectona Jump Host

Performs hardening of the hosts, enables communication with the vault, single sign-on, and session recording.

-

Yes

Sectona Vault Session Proxy Host
Single Package with

  • Session Proxy

  • Web Session Proxy

  • SSH Direct Proxy

Provides gateway and proxy services for common protocols, web applications, and clients to communicate from client to target machine. This also enables a password at the proxy layer when web server does not have direct connectivity from web application.

Yes

Yes

RDP Direct Proxy

Provides gateway and proxy services for RDP access when accessed directly using native RDP clients.

Yes

Planned

Sectona Remote Access Publisher

It is an independent install-able component that receives requests from specified TCP Port to actual TCP Port

-

Yes

Sectona Satellite Vault

It is an external component built to offer alternate access to passwords in case of failure, breakdown or inaccessibility of the vault

-

Yes

Sectona File Synchronization

Provides sync services for object-level video log files between two servers.

-

Yes

Sectona Vault API Extension

Allows communication with the vault via APIs

-

Yes

Sectona Windows Credential Provider

Allows login to RDP Session via Sectona OTP

-

Yes

Client Components

Component Name

Description

Sectona Launcher

Independent component which communicates with the vault enables session recording and single sign-on services on the local machine.

Sectona Client App

Independent component which communicates with the vault and multi-tabbed browsing experience for RDP & SSH access.

Sectona Server Privilege Control

Enables monitoring of granular access in a privileged session initiated through Sectona Web Access.

This illustration shows the key components in a typical deployment and inter dependencies within the system.

Sectona Privileged Access Management (PAM) system is built on service-based architecture leveraging Internet Information Services (IIS) as a web server and supporting embedded or Microsoft SQL as a vault access option.

Enterprise edition is equivalent to embedded vaulting and Enterprise Plus allows external RDBMS vault deployments. All services or modules can be activated based on your licenses and additional modules must be activated for actual configuration.

With no options for native operating system dependent services, the web interface allows you to manage services within the solution. For more information on managing services, you may refer to documentation in the section Monitoring System Health & Service Status


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.