Getting Started Overview - On-Premise

The following topics provide a guided path through the on-premise (on-prem) installation and setup steps that are part of the initial stand-up of an on-premises Verify Privilege Manager deployment. For cloud specific getting started instructions refer to Getting Started Overview - Cloud.

Preliminary Configuration

Refer to these topics to learn more about the initial installation and setup steps.

1. System Requirements

2. Antivirus Exclusions

3. Verify Privilege Manager Installation

4. Agents Installation

   • Setting the Server Address for Verify Privilege Manager Agents, if the address provided during the agent installation requires updates.

5. Login

6. Licenses

If you are targeting macOS based endpoints, refer to Getting Started with macOS.

Rollout Recommendation

Familiarize yourself with the Least Privilege concept. IBM Security recommends a phased roll-out between the Application Control and Local Security, for example:

1. Application Control: Set up learning mode policies on a group of test endpoints to learn about applications running on your endpoint machines (Event Discovery | Learning Mode Policies – Send Policy Feedback)
2. Local Security: Begin managing your local user accounts (only) and defining local group membership (Local Security | Manage Local Users)
3. Application Control: Tailor your policies so that they won't disrupt employee work (Creating Policies | Elevation Policies) but will block known malicious applications (Creating Policies | Example: Quarantine Specified Malware). Implement these basic policies across agents in production
4. Application Control: Continue to tailor policies according to employee roles. Create a "Request Access" system for any unknown applications. (Creating Policies | Example: Application Execution Requires Approval (Workflow))
5. Local Security: Once a workflow has been established between employees and the Verify Privilege Manager Helpdesk, begin managing all local privileged accounts (ex: local admins) on endpoints. (Local Security | Details Tab)

Local Security

Refer to the Local Security documentation pages to learn more about:

• Create & Manage Computer Groups, Local Groups, and Users

Application Control

Refer to the Application Control documentation pages to learn more about:

• Application Control - Policy & Config Overview / Collecting File Data
• Sending Policies to Endpoints - View Deployment Status / Update Using Powershell / Agent Event Log Viewer
• Event Discovery - Learning Mode Policies & Examples / View Policy Results
• Creating Policies - Allowlisting, Denylisting, Quarantine, Elevation, Greylisting, & Reputation Checking Examples
• Policy Priority Overview & Example

Integrations

Refer to the Integration documentation pages to learn more about:

• Integration & Foreign Systems

Reports & Troubleshooting

Refer to these documentation pages to learn more about:

• Reports
• Troubleshooting

Catalogs & Reference Guides

Refer to these documentation pages to learn more about:

• Policies Catalog
• Filters Catalog
• Actions Catalog
• Verify Privilege Manager Glossary