This document provides information about the Device form screen, where it is possible to add new devices to be accessed in remote sessions.
Path to access
- On Segura®, in the navigation bar, hover over the Products menu and select PAM Core.
- In the side menu, select Devices > All devices.
- On the report screen Devices, click on Actions > Add.
Information tab
This section provides information about the device’s general information.
| Item | Type | Required | Description |
|---|---|---|---|
| Device name (Hostname, IP, url ou website name, application name...)* | Text field | Yes | The device name is how this device is referenced in Segura®, such as in device groups. |
| IP, Hostname or management URL* | Text field | Yes | A network address, hostname, or IP address for Segura® to connect to this device. |
| Device type* | Dropdown menu | Yes | Defines the device type. |
| Vendor* | Dropdown menu | Yes | Defines the manufacturer related to the device. |
| Product* | Dropdown menu | Yes | The chosen supplier's product. Also used for web session parameters. |
| Site* | Dropdown menu | Yes | Defines the division the device is listed in. |
| Tags | Text field | No | Words that characterize the device. |
| Domain | Dropdown menu | No | Defines the domain that the device will be related to. |
Connectivity tab
This section provides information about the device's connectivity tab.
| Item | Type | Required | Description |
|---|---|---|---|
| Enable remote application usage | Toggle button | No | Defines whether app usage will be enabled for the device. The options are Yes and No. |
| Network Connector | Dropdown menu | No | The network connector of the Segura® Network Connector product that you want to use to connect to this device. |
| Add/Remove selected | Button | No | Adds a row to the table. |
| Connectivity | Table | No | The connection protocol used to start a proxy session, change a password, and connect to other modules. The fields are: Connectivity, Port, and Connectivity Test. |
Certificate section
This section provides information about the Certificate section of the Connectivity tab, used to configure TLS/SSL authentication for DB Proxy connections on PostgreSQL devices.
This section applies exclusively to PostgreSQL devices using DB Proxy. The certificate configured here is a device-level certificate. If the same device has a credential with its own certificate, the credential certificate takes precedence.
Only users with permission to manage devices can upload, replace, or remove certificates.
| Item | Type | Required | Description |
|---|---|---|---|
| Use TLS/SSL? | Radio button | No | Enables TLS/SSL authentication for DB Proxy connections on this device. The options are Yes and No. Default: No. When set to Yes, the Certificate file and Key file fields become required. |
| Certificate file | File upload | Conditional | The client certificate file for the DB Proxy TLS/SSL connection. Required when Use TLS/SSL? is set to Yes. Accepted format: .crt. To replace an existing certificate, upload a new file, the system overwrites the previous one. |
| Key file | File upload | Conditional | The private key file paired with the certificate. Required when Use TLS/SSL? is set to Yes. Accepted format: .pem. The private key is stored encrypted and cannot be downloaded or displayed after saving. |
| Key password | Text field | No | The passphrase for the private key, if the key is password-protected. |
| Certificate CA | File upload | No | The Certificate Authority (CA) file. The CA is returned in the DB Proxy API. |
To remove the certificate and disable TLS/SSL for this device, set Use TLS/SSL? to No and save. The certificate and key files are removed from the device. If you re-enable Use TLS/SSL? before removing, the previously uploaded files remain associated with the device and are reused. The change takes effect on the next valid DB Proxy connection.
Additional Settings tab
This section provides information about other configurations that can be made on the devices.
| Item | Type | Required | Description |
|---|---|---|---|
| Criticality | Dropdown menu | No | Indicates a change in user behavior. The options are: Low, Average and High. |
Login expressions section
This section regular expressions can be passed to be used by the Segura® platform to authenticate devices when using command-line protocols
| Item | Type | Required | Description |
|---|---|---|---|
| Add/Remove selected | Button | No | Adds a row to the table. |
| Connectivity | Dropdown menu | No | Type of connection to be made. |
| Expected expression | Text field | No | Regular expression required for login. |
| Fill value | Text field | No | When in Telnet sessions, Segura® isn’t able to automatically fill in username and password but with this option, it’s possible to pass these parameters. |
Review tab
This section contains the information that was added in the previous steps so that it can be analyzed and, if any changes are needed, made before finalizing the registration.