Soffid 4 reference guide
Soffid 4 reference guide
🔎 Overview
Introduction The Soffid 4 reference guide wants to present all the functionality contained in ve...
Resources
Resources
Users
Description The user is the core object of the system. In Soffid, a user means an identity (usua...
Groups
Description Groups are a convenient way to apply policies to a collection of users. Groups allow...
Accounts
Description An account is the way an user is presented on a target system. There can be user ac...
Information systems
Description Information systems are the systems that Soffid will protect granting and revoking r...
Roles
Description Soffid allows you to create roles to specify permissions that can be assigned to a u...
Role assignment rules
Description Soffid console provides an option that allows you to customize policies to assign or...
Segregation of Duties
Description The segregation of duties (SoD) is a fundamental element of internal controls, defin...
Networks
Description Operators can define the subnets that compose the internal network, in order to mana...
Hosts
Description The host screen lets the administrator manage a static IP address assigned to any ho...
Detected browsers
Description The Browsers Detected screen allows the administrator to view the browsers and versi...
Printers
Description Soffid lets administrator users manage system printers. A printer must always be att...
Mail Domains
Description The mail domains identify each single mail domain that is going to be managed and us...
Mail Lists
Description The mail lists identify addresses that are going to be delivered to one or more user...
Application access tree
Description The entry points could be to connect to information systems defined on Soffid, or to...
Password vault
Description Soffid provides a protected storage, to save and manage accounts for multiple applic...
Custom objects
Description The custom objects are the objects created by the administrator to extend the Soffid...
Tools
Tools
Clear redundant roles
Description A high level profile can contain or grant application permissions. On the other side...
Disable inactive users
Description Probably there are some users that do not need access to any information system. Usi...
Disable inactive accounts
Description Probably there are some accounts that are no longer used. Using this tool you will b...
Configuration > Global Settings
Configuration > Global Settings
Tenants
Definition Soffid is multi tenant. This means that one can configure many differente tenants to ...
License and plugin
Definition License Soffid 4 requires a valid licence to enable its features. The licence token...
Look & feel
Definition Soffid's Look & feel page allows you to adjust the Console styles to your organizatio...
Soffid parameters
Definition Soffid allows you to customize the configuration of some attributes of the Console, S...
User types
Description User type is the way to categorize users and allows configuring different password p...
Group types
Description Companies are organized in different business units, departments or workgroups. In S...
Metadata
Description The Metadata functionality allows expanding the Soffid objects, their attributes, an...
Network intelligence
Description Two extended Soffid features are activated on this page. Network intelliegence On ...
Configuration > Integration engine
Configuration > Integration engine
Smart engine settings
Description This page gathers several mechanisms related to soffid's smart engine. Administrato...
Agents
Description Soffid agents are the tool that allows the connection between Soffid and the target ...
Synchronization servers
Description Sync server is the engine responsible for connecting Soffid with data sources or man...
Account naming rules
Definition Account naming rules define how to generate account names for target systems. The nor...
Attribute translation tables
Definition Soffid provides an easy to use mechanism to translate references or external codes in...
Network discovery
Description The Network discovery tool will be in charge to scan the networks to find the hosts ...
Configuration > Workflow settings
Configuration > Workflow settings
Configure Workflow engine
Description This page groups together several features related to the workflow engine. Document...
Business process definition
Description Soffid includes a BMP (Business Process Management) in its Smart Engine to provide u...
BPM editor (addon bpm)
Description BPM is a technology that allows modeling, implementing, and executing processes auto...
Configuration > Security settings
Configuration > Security settings
Authorizations
Definition Soffid console provides a granular access control system. That granular control syste...
Authentication
Definition This page gathers different types of settings that may affect user authentication in ...
Password policies
Definition On this page, you can configure the password policies that will be applied when assig...
Configure PAM session servers
Definition Soffid provides the functionality that allows you to configure the Jump servers. To ...
PAM policies
Definition Privileged Access Management (PAM) policies are a set of guidelines and controls that...
PAM rules
Definition Soffid allows you to define rules to detect commands executed on a server. When a use...
Issue policies
Definition Soffid has defined automatic events by default. For each of these events, it is possi...
Digital certificates
Definition Soffid includes Digital certificate functionality as a security enhancement. You coul...
OTP settings (addon otp)
Definition The OTP settings allow the administrator users to configure the available OTP options...
Password recovery configuration (addon recovery)
Description Soffid provides you the functionality that allows to the users recover their passwor...
Configuration
Configuration
Configuration > Web SSO (addon federation)
Configuration > Web SSO (addon federation)
Attribute definition (addon federation)
Description The attribute definition page displays all the auto-generated user attributes. Those...
Attribute sharing policies (addon federation)
Description Soffid allows you to define security rules as policies that apply to any attribute t...
Identity providers (addon federation)
Description This screen allows you to define the most important components of a federation, whic...
Service Providers (addon federation)
Description This screen allows you to define the applications that will belong to the federation...
Shared signals & events members (addon federation)
Description Shared signals framework is a standard that enables the communication between applic...
Monitoring and reporting
Monitoring and reporting
Sync server monitoring
Description Soffid provides a monitoring functionality to consult all the information of the dif...
Scheduled tasks
Description Scheduled tasks display all the automatic tasks defined on Soffid, the scheduling of...
Scheduled jobs
Description Schedule jobs display all the asynchronous tasks generated for the workflows engine....
Audit
Description The audit trail page allows you to query for audit records for the different compone...
Access logs
Description The access log page allows querying all the information about the opened sessions. ...
Sessions
Description The sessions page displays the current open sessions made with the Console, ESSO, WS...
Privileged accounts dashboard
Description Soffid provides a monitoring functionality to consult all the information about the ...
Search in PAM recordings
Description Soffid provides the functionality that allows searching for information about the PA...
Console log
Description The Console log screen displays an extract of the console logs for the current day. ...
Issues
Definition The Issues screen provides a tool to manage all issues and allows you to perform the ...