Installing CyberArk

Install CyberArk on your Guardium system by using the Command Line Interface.

Before you begin

  • The CyberArk administrator must set up the vault system with the required permissions.
  • Obtain the CyberArk vault hostname or IP address, vault username, and vault password from the CyberArk administrator.
  • If you installed CyberArk before, your Guardium system's account, Prov_Guardium system's address, can exist in the CyberArk vault server. Delete the account from the vault server before you begin installation. For more information, see Revoking the Guardium system's permissions on CyberArk.

Procedure

  1. Using the Guardium CLI, run the command store cyberark install.
  2. If you meet the prerequisites, type yes.
  3. When prompted, enter the vault hostname or IP address, the vault username, and vault password.
  4. If you have standby vault servers available, you can optionally configure them now.
    A standby vault server IP list is a group of vault IP addresses that are set up by the CyberArk administrator. These vaults are used as a backup when a connection cannot be made to the primary vault server.
    1. To add the standby vault server IP address list to your Guardium system, run the CLI command store cyberark config_failover.
    2. Enter a comma-separated list of CyberArk vault server IP addresses beginning with your primary vault server's IP address. The CyberArk Application Password Provider connects to the first available IP address on the list. If a connection cannot be made, the agent tries to access the next available IP address until it can successfully connect to a CyberArk vault server.
    3. Confirm the new IP address list.

What to do next

Provide the Guardium system's account name that is generated during the installation, to the CyberArk administrator. This account must be granted the appropriate permissions on the CyberArk vault server. For more information, see Providing permission to the Guardium system.

After the account is granted permission, configure the CyberArk application ID on your Guardium system. For more information, see Configuring CyberArk on your Guardium system.