Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search instead for
Did you mean:
Summary
RSA IGL Data Reach is a simple, scalable solution developed by RSA Professional Services for governing and provisioning multiple databases, Windows & UNIX endpoints. It is a challenge for lot of organizations, both administratively and from a performance perspective to collect access information from large number of endpoints. RSA IGL Data Reach simplifies this by acting as a single system that collects this information that can be readily consumed by RSA IGL for performing access certification, access requests or automated joiner/ lever processes.
High level use cases which can be achieved with the help of this solution are:
The ability to audit/govern database administrative permissions for thousands of database endpoints.
The ability to audit/govern Windows or UNIX accounts and group permissions for thousands of endpoints.
Gracefully handle database connectivity failures (with reporting on such failures that can be used to alert DBA personnel).
Ability to automatically de-provision sensitive database, AWS, UNIX or Windows access from terminated personnel when they leave the organization or role.
Allow personnel to request additional access for themselves, a subordinate, or service account.
Collections
Here is an overview of how RSA Data Reach collections process works. Once the data is collected and staged, it can be consumed by RSA IGL to perform access requests, certifications and reporting.
Provisioning
Request a demo
Please contact your local Sales contact for more info and/or a demo.
Master Controller is the component responsible for serving as a central configuration point. All agent configurations, drivers, certificates and data to be collected are centrally managed on the Master Controller. The Master Controller is also responsible for collating the data collected by all the agents, error handling and piping data to the Oracle database.
Agents are responsible for collecting data from endpoints. These endpoints can be any JDBC compliant databases, AWS, UNIX or Windows systems.
Databasestores all the data and metadata collected from the target systems. All the pruning and data validation stored procedures are contained in this database. Data Reach requires an Oracle 11g or above database for staging the collected data. This can be a standalone Oracle database, or the database used by RSA IGL.
Pluginsprovide optional integrations with third party system for host configurations (CMDB), credentials (PAM) and ticketing systems for error handling. The plugin architecture allows Data Reach to maintain a small footprint and features added as needed.
Single Server In this scenario, all 3 components are installed directly on your IGL application server.
Agent, Local Database In this scenario, the master controller and the database are installed on the IGL application server, while agents are deployed throughout your environment.
Agent, Dedicated DatabaseIn this scenario, agents are deployed throughout your environment. The dedicated Oracle database instance separate from IGL must be provided by the organization. In this deployment, the master controller can be installed on any of the systems.
Feature Releases
Feb 2021 - Support for collecting AWS IAM information for multiple AWS accounts under multiple AWS Organizations.
Dec, 2020 - Out of the box collection package for MongoDB accounts.
Jul, 2020 - Out of the box collection package for Solaris accounts and group entitlements.
Jun, 2020 - Support for CyberArk Central Credential Provider (CCP) as a supported credential provide plugin.
Jan, 2020 - Out of the box collection package for AIX accounts and group entitlements.
Dec, 2019 - Multi Windows provisioning service.
Roadmap
Q1 2021
AWS Bulk Collections Support - Data Reach will support collection of IAM data from multiple accounts under a one or more organizations. This will allow accounts to be dynamically available for collections. The collections will support the following data elements
Accounts
Account Policies (Inline and Managed)
Groups
Group Policies (Inline and Managed)
Group Members
Roles
Role Policies (Inline and Managed)
Policies
Q2 2021
Support provisioning micro services
Support Model
RSA Datareach follows the Custom Application Support (CAS) model.
For more information please contact your local sales team
Data Reach is intended to be a complementing solution to OEM StealthAudit. While OEM StealthAudit mainly focuses on unstructured data, Data Reach handles structured data from databases, Windows and UNIX systems.
Is Data Reach included as part of RSA IGL?
No, Data Reach is a separately licensed product.
How long does it take to get started?
On average, anything from 2 days, you can be started and running
How will RSA Data Reach help me to reduce identity risk?
What version of RSA IGL is required to run RSA Data Reach?
Data Reach supports all version of RSA IGL currently supported by RSA.
What endpoints are supported with RSA Data Reach?
Data Reach supports any JDBC compliant database, an SSH enabled UNIX/Linux systems and Windows Remote Management (WinRM) enabled Windows Servers.
When I upgrade RSA IGL, do I also need to upgrade RSA Data Reach?
No, RSA IGL version upgrades or patching does not require an upgrade to Data Reach.
Can RSA Data Reach be run on AWS/Azure?
Yes, Data Reach can be deployed on any Linux operating system. If deployed on AWS or Azure, the Data Reach agents must have a network path to the target systems.
