How Does Securonix Integrate with Sailpoint ?
asked 15 Oct '14, 09:59
Securonix has out of the box ability to integrate with Sailpoint.
To source information for Sailpoint, it is important to understand how Sailpoint stores entitlements in its table. As of today, Sailpoint stores entitlements in xml format in its tables. Once it correlates an account to an identify, the link between the 2 is stored in the links table.
The queries listed below should help identify the different account and the entitlements for the account for that specific application
Query to view account and entitlement names in Sailpoint select grp.native_identity, grp.attributes from spt_entitlement_group grp,spt_application app where app.id = grp.application and app.name='[App Name]'
The different application present in Sailpoint can be identified using the query below Select * from spt_application.
To Make sure that the application has the latest ResourceParsers for it : Run the query below on your DB
Notify the product team if you update any of the parsers out of the box
Step 1: Identifying the application to bring into Securonix from Sailpoint
Identify the application of interest by using the query Select * from sti_application.
Note the application name from Sailpoint from the results of the query.
Step2: Creating Datasources within Securonix Follow hte path Configure > Tasks > Actions > Import > Access Entitlements Add a new Data source Provide the name of the application as is from Sailpoint.
Step 3: Make sure the Device type selected is Sailpoint
Step 4: Create a new connection type under Access Connection Details Create a new connection The connectionType will be sailpoint The DB Type is mySQL : Provide the jdbc url , and connection credentials Step 5: Click Save and next and review the attributes for Sail point created Securonix creates 2 attributes - the account name and attributes Step 6: Click Save and next and proceed to add additional graphs as per requirement
We have added a new Datasource which is present in Sailpoint into Securonix. We can now pull in data from Sailpoint into Securonix.
Step 7 : Sourcing Access entitlements Once a new datasource is added, Securonix will redirect you to the screen to source in entitlements as any other access import. Clicking on next will take you to the mapping of the attributes
The attributes column is multivalues as a single account can have multiple entitlement. Change the seperator to a ";" from a "," .
Step 8: Specifiy correlation rules You can specify a correlation rule under "Add Correlation Rule" to correlate the account with the identities in Securonix.
Step 9: Fire Import Click save and next , provide a job name and fire the import.
The entitlements from Sailpoint will be sourced into Securonix.
Things to note:
Sometime the Name_Identity column in Sailpoint will have a full DN instead as the account name used. They additionally store a different name for the display. In such scenario.. use the query below
select grp.display_name, grp.attributes from spt_entitlement_group grp,spt_application app where app.id = grp.application
answered 15 Oct '14, 10:30