Object Types

Fudo One defines five fundamental object types:

  • User
    This object type defines a subject entitled to connect to servers within monitored IT infrastructure. Detailed object definition (i.e. unique login and domain combination, full name, email address etc.) enables precise accountability of user actions when login and password are substituted with a shared account login credentials.
    User definition is used to authenticate against Fudo One's Admin Panel and Access Gateway.

  • Server
    Server is a definition of the IT infrastructure resource, which can be accessed over one of the specified protocols.

  • Account
    Account defines the privileged account existing on the monitored server. It specifies the actual login credentials, user authentication mode: regular (with login credentials substitution) or forward (with login and password forwarding).

  • Listener
    Listener determines server connection mode (bastion) as well as its specifics.

  • Safe
    Safe is the central data model object. It regulates User access to the monitored Servers by specifying privileged Accounts on monitored Servers along with the Listeners, which determine the actual connection parameters (e.g. IP address, port number) depending on the given protocol. This kind of data model allows for optimal objects’ management. A given Server can be accessed differently as defined by the Listener. A Safe groups Accounts enabling convenient control over access to monitored resources.

Proper system operation requires configuration of Servers, Users, Listeners, Accounts and Safes.