CyberArk PIM Suite Integration

CyberArk PIM Suite must be installed and properly configured. Be sure to check network connectivity between the scanner appliance and the safe which contains the system login credentials.

Click here to find out how how it works

 

Account Requirements

Add a dedicated account within your CyberArk PIM Suite environment with access to the safe which contains the system login credentials to be used for scanning. When creating this account, be sure to assign these settings:

Clear (uncheck) the check box "User Must Change Password at Next Logon".

Grant the privilege "Retrieve files from safe" for the safe containing the login credentials.

For compliance scans to Cisco devices, you must configure the user account in such a way that the "enable" command enters the privileged shell automatically without prompting for a 2nd password.

 

Authorized Interface "PAPI" is Required

The "PAPI" authorized interface must be enabled for your CyberArk license. This interface allows your CyberArk PIM Suite environment to accept external API calls from our security service. Follow these steps to confirm "PAPI" is enabled:

1) Go to Tools > Administrative Tools > Users and Groups.

2) Select the user account and click the "Update" button.

3) Next to the "User type" field, click the "Authorized Interfaces" button to view the authorized interfaces for the user type displayed.

4) Check to be sure "PAPI" is included in the list of authorized interfaces. If not, please contact your CyberArk representative to enable PAPI support for your license.

 

Required Safe Ownership Permissions

The following permissions for safe ownership are required. Follow these steps to check the safe ownership permissions and update if needed:

1) Go to Tools > Administrative Tools > Users and Groups.

2) Select the user account and click the "Safe Ownership" button.

3) Select the relevant safe from the "Available Safes" list and check the permissions. These permissions must be checked: "Monitor Safe" and "Retrieve files from Safe".

4) Move the safe to the "Owner Of" list on the left. You'll notice the authorizations at the bottom of the popup: List, Retrieve, View, Audit, View Owners, User Password.