Skip to content

SecretZero PAM Architecture

The following diagram provides an overview of the secretzero PAM solution which uses ephemeral Certs to provide privileged access solution

HA

SecretZero Architecture: Connection Overview

The SecretZero architecture is designed to ensure secure and scalable privileged access management by utilizing the SecretZero appliance and connector servers. This architecture follows a modular approach, where key components handle specific responsibilities while adhering to the principles of security and scalability.

Architecture Components

1. End User Desktop Zone

  • This zone consists of the devices used by end users to request and establish privileged sessions.
  • End users interact with the SecretZero Appliance through their desktop applications or web browsers to initiate secure connections to target systems.

2. SecretZero Appliance

  • The central component of the architecture, responsible for managing all access workflows, generating ephemeral certificates, and brokering connections securely.
  • Primary Functions:
  • Acts as the central hub for managing privileged access.
  • Handles ephemeral certificate generation and JIT provisioning for secure access.
  • Routes session requests to the appropriate connector server for further processing.
  • Security:
  • The appliance is hardened and does not directly expose endpoints to the user, adding an extra layer of security.

3. SecretZero Connectors

  • Role:
  • Connector servers act as brokers between the SecretZero Appliance and the target systems (on-premises or cloud).
  • These are Windows-based servers configured to facilitate secure connections using RDP for Windows and SSH for Linux/Unix.
  • Scalability:
  • Multiple connector servers can be deployed across the environment to ensure high availability and scalability.
  • Load balancing across multiple connectors enables seamless handling of large-scale environments.
  • Security:
  • Connectors have exclusive access to the target systems, and users never connect directly to endpoints.
  • This segmentation ensures that target systems are not exposed to external access, improving overall security.
  • All connections from the connector to the target systems are managed through secure protocols (e.g., RDP, SSH).

4. On-Premises/Cloud Servers

  • These are the target systems, such as:
  • Linux/Unix servers accessed using SSH.
  • Windows servers accessed using RDP.
  • Databases (e.g., Oracle) or other application servers.
  • The target systems reside behind a firewall, and only the connector servers are permitted to communicate with them. This ensures that the target systems remain isolated from external threats.

Security Benefits

  1. Segmentation and Isolation:
  2. End users do not directly access the target systems. Instead, all sessions are brokered through the connector servers.

  3. This isolation ensures that target systems remain protected from unauthorized access.

  4. Scalability:

  5. Multiple connector servers can be deployed to handle a high volume of session requests, ensuring reliable and uninterrupted access in large-scale environments.

  6. Adding new connector servers is seamless and does not disrupt existing operations.

  7. Access Control:

  8. Only connector servers have access to the target systems, ensuring that unauthorized access is minimized.

  9. All access is logged and auditable, providing complete visibility into user activities.

  10. Dynamic Certificate Management:

  11. Ephemeral certificates are generated and managed by the appliance, ensuring that access credentials are short-lived and cannot be reused.

Workflow Example

  1. Requesting Access:
  2. An end user initiates a session request via the SecretZero Appliance.

  3. The appliance validates the user's permissions and generates ephemeral credentials.

  4. Routing via Connector:

  5. The session request is routed to an available connector server.

  6. The connector server establishes a secure connection to the target system (e.g., using SSH or RDP).

  7. Target System Access:

  8. The connector server accesses the target system on behalf of the user.
  9. The user interacts with the system securely without any direct connection.

Summary

The SecretZero architecture leverages connector servers to ensure secure and scalable privileged access management. By isolating target systems and managing all sessions through connector servers, the solution eliminates direct exposure of endpoints and ensures compliance with modern security standards. This design supports large and complex environments while maintaining robust security and flexibility.