Appearance

Differences and limitations compared to on-prem solution

Differences

The WALLIX One PAM architecture implies that:

  • WALLIX One PAM Access Manager is compatible only with the WALLIX One PAM Bastion of the same tenant
  • WALLIX One PAM Access Manager supports only one organization
  • WALLIX Bastion sessions are stored in the service and cannot be stored remotely on-premises

Limitations

The following features are not available in WALLIX One PAM compared to on-premises WALLIX Bastion and WALLIX Access Manager:

  • Session invite
  • RDP remote control (4-Hands)
  • X509 user authentication
  • Access to IPv6 targets
  • Session on on-prem devices using a public IP address
  • Transparent Mode
  • Service mapping to network interfaces ("user & audit", "administration")
  • Custom plugins and scripts cannot be uploaded and used on the WALLIX One PAM Bastion (built-in plugins remains available). This applies to:
    • Secrets rotations plugins
    • External ticketing system scripts for approval workflow
    • External vault plugins

Pages

The following pages of the Web interface are accessible by the customer, but must under no circumstances be modified by the customer, with the exception of modifications directly discussed with WALLIX Support.

WALLIX Bastion

  • Configuration > License
  • System > Network except DNS part
  • System > Time service
  • System > Remote storage
  • System > SIEM Integration : do not remove the existing provisioning
  • System > SNMP
  • System > Backup/Restore : Backup actions are allowed, but restorations should only be performed with approval from WALLIX support. Note that backups are natively managed as part of WALLIX One PAM service, therefore you do not need to manage backups on your own.

WALLIX Access Manager

  • Settings > Application Settings > Server Certificate
  • Settings > Database
  • Settings > Database Settings
  • Bastions

Documentation to be disregarded

In the documentation guides of WALLIX Bastion and WALLIX Access Manager, the following elements do not apply to WALLIX One PAM and must be disregarded.

  • All references to SSH connections on port 2242 (to connect to the Bastion or the Access Manager), including the Specific Commands for SSH Connections
  • In the WALLIX Bastion administration guide, the following chapters:
    • Positioning of WALLIX Bastion in the network architecture
    • Infrastructure strategy
  • In the WALLIX Access Manager administration guide, the following chapters:
    • Multi-tenancy and organizations
    • Bastions
    • Licenses
    • SNMP
    • Metric measurement tool
    • Database backup and restore
    • Database settings
    • Scalability and High-availability
    • Parameters for the global configuration
    • Troubleshooting