Onepoint

From Onepoint Systems Integration
Revision as of 15:06, 17 October 2018 by Admin (talk | contribs) (Access Backend)
Jump to: navigation, search
Onepoint Supported Systems

Introduction

Onepoint enables Systems Integration for the IT environment. Through its disciplines concepts, it allows the integration of IT assets, modules, systems and units into a single and widelly connected among all parts, creating the possibility to creating actions, tasks and flows involving all those parts.

Architecture

Onepoint components:

  1. Onepoint DB
  2. Onepoint Web UI / REST API
  3. Onepoint Daemon

Performing credential discovery

Backends

Backends are a Onepoint-specific concept. They are components of the computational environment designed to carry out a task or a group of related tasks for a Discipline. They allow requests and operations on the target systems through Onepoint REST calls. They also allow the integration of asynchronous tasks directly on the target systems, through Onepoint Scripts calls.

Primary Backends

Primary Backends are backends that can be instanced, parameterized and extended to integrate environment's own components, such as vaults, user directories, ticketing systems, authentication systems and authorizations systems.

Authentication Backends

Responsible for user identity authentication. After a positive response from 'login' operation, Onepoint generates a session for operating the system. It's an extensible backend. In other words, it's possible to integrate other authenticators into onepoint, including supporting Multi-Factor Authentication and Single Sign-On tools.

Onepoint Login Screen Onepoint Login Screen with Authentication Backend selector

Directory Backends

Responsible for managing directory data (user, groups and membership). It's a extensible backend type, allowing integration of external directories.

Vault Backends

Access Session Backend

Responsible for the channels and protocols for access establishment, such as RDP and SSH. It's an extensible backend and can support other protocols.

Secondary Backends

Secondary Backends are internal and/or fixed backends, that can't be instanced, parameterized or extended.

Access Backend

Responsible for the management of access tickets and authorization based on rules for the request. It's not an extensible backend.

Asset Backend

Authorization Backends

Responsible for verification of permissions on the requested resource(s) for the logged in identity. It's not an extensible backend. It works with permissioning based on Access Control Lists, Groups and Inheritance support

Onepoint Login Screen Onepoint Login Screen with Authentication Backend selector

Backend Backends

Flow Backend

Policy Backend

Responsible by managing and maintening resources' policies features. They can be:

  1. Synchronization Policies - Interbackend data synchronization
  2. Cache Policies - Assigning a backend as cache of another backend
  3. Expiration Policies - Rules for objects expiration
  4. Migration Policies - Managing Migration Status
  5. Access Policies - Managing rules for automatic permissioning

Script Backend

Responsible for recording and editing stored scripts. It's not an extensible backend. It supports Python as scripting language, and tasks / operations are realized by the executor module.

Task Backend

Responsible by managing tasks to be executed by the executor module. It's a non-extensible backend.

Ticketing Backends

The UI

Main Modules

Access

Vault

Operations on vaults

Managed Credentials

My Credentials

Credentials Lists

Delegate Credentials

Task

Apps

Settings

Policies

Development

Scripts

Development Studio

Documents

  1. Onepoint Techcnical Presentation (pt_BR)
  2. Onepoint Techcnical Presentation Slides (pt_BR)

Supported Systems

Onepoint Supported Systems