Demo Video: Okta Advanced Server Access
Transcript
Let's quickly walk through how it works, which we'll see in action with the demo. So first two users will installed a native client application on the workstations which will allow them to interact with their local SSH and RDP tools and communicate with our platform. Servers that are enrolled with Okta run a lightweight agent that manages the local user and group accounts and then captures all of the login events. Every request is independently authenticated and authorized against the respective sign in policies and role based access controls associated with the servers. And only when access is granted is this certificate minted through a built-in certificate authority. And each certificate is short-lived and tightly scoped to the user, device, and the project that the server belongs to, and they expire in three minutes, which allows them to only be used within that scope once.
That certificate is delivered to the client application and is used to initiate a secure session via SSH or RDP. And then that agent, that's on the machine, is going to capture that log in event and deliver it back to the platform for auditing purposes. All this is extremely seamless and elegant practice, so let's see it live.
I'm going to show first the end user experience and then we will talk about the administrator experience, but as an end user I would just have my client application installed, as we mentioned. At the beginning of my workday