senhasegura

senhasegura
installation

06/19/2019
Manual Version: 2.3

Copyright 2019 MT4 Tecnologia Ltda.

All rights reserved. The reproduction or distribution of this
material in any form without MT4's formal authorization is
prohibited.
senhasegura - senhasegura installation

Contents

1. Icons ................................................................................................................................. 3
2. Introduction ....................................................................................................................... 3
3. Purpose ............................................................................................................................ 3
4. Support ............................................................................................................................. 3
5. Overview ........................................................................................................................... 4
5.1. How senhasegura works ............................................................................................ 4
5.2. Definitions................................................................................................................... 4
6. Introduction ....................................................................................................................... 5
7. Initial settings .................................................................................................................... 5
7.1. Accessing the setup module ....................................................................................... 5
7.2. DHCP Settings ........................................................................................................... 5
7.3. Network Settings ........................................................................................................ 6
8. Activation .......................................................................................................................... 7
8.1. Adding an exception ................................................................................................... 7
8.2. Activating the application ............................................................................................ 7
8.3. Enable Application .................................................................................................... 11
8.4. Accessing senhasegura............................................................................................ 11
9. Additional Steps .............................................................................................................. 13
9.1. Setting up the access URL ....................................................................................... 13

Confidential - Manufacturer / customer information

© MT4 Tecnologia LTDA 2
senhasegura - senhasegura installation

1. Icons

Icon Description

Warning

Example

Tip

Advice

Command

Alternative process

2. Introduction
senhasegura is a software and hardware solution that stores, manages, and monitors all
credentials such as passwords, SSH keys, and digital certificates in a secure, tamper-resistant
location. By using encryption mechanisms, the password vault offers users the ability to use a
password only to access a series of credentials registered in the solution. In addition, through
senhasegura, it is possible to safely access all network resources through SSH and RDP
protocols, storing all usage records for audit and compliance analysis purposes.

3. Purpose
The purpose of this document is to provide guidance to users who use senhasegura's
administrator features, as well as to discuss details on its use, benefits, concepts, and
procedures.

4. Support
MT4 Tecnologia provides product support through an online knowledge base, as well as
through telephone and email support. Please consult your system administrator for more
information on the options available for your company.

Confidential - Manufacturer / customer information

© MT4 Tecnologia LTDA 3
senhasegura - senhasegura installation

5. Overview
In organizational settings, the exposure and misuse of privileged accounts are extremely
inviting to cyberattacks. In recent attacks on corporations of all sizes, attackers steal and
exploit privileged accounts to take control of the entire company's infrastructure in a hostile
manner.
For this reason, hackers can explore all virtual space, literally moving across the
corporate network without being detected, and thus achieving their attacking goals.

5.1. How senhasegura works

The architecture of senhasegura consists of a set of layers of integrated components
that back the solution's operation, from the physical layer to the application layer. Each of
these components performs different functions in the solution.

5.2. Definitions
senhasegura uses a specific terminology for its functions and functionalities. Thus,
some terms must be understood before starting to use the solution:
User - In-house employees, interns or third parties who use or may require access to the
company's systems.
Auditor - user with a profile for the issuance of specific reports in the senhasegura
solution.
Password custody - possession and use of credentials stored in the senhasegura solution
by the user
Password policy - set of rules determined to improve the security of a company's users
and devices
Access groups - used to grant and manage viewing and access to vault credentials
Governance ID - it is used to associate an activity performed in senhasegura to a
Changes Management item, such as a Help Desk ticket for example;
Password strength - a measure that assesses a password's effectiveness against attacks,
and it is based on estimating the number of attempts to guess it
Protected information - any type of privileged information, such as hashes, RSA keys or
digital certificates;
Global parameters - behavior settings that can be adjusted globally in senhasegura
Equipment parameters - behavior settings that can be adjusted in the solution for each
type of equipment
Password parameters - Behavior settings that can be adjusted in the solution for each
credential

Confidential - Manufacturer / customer information

© MT4 Tecnologia LTDA 4
senhasegura - senhasegura installation

6. Introduction
The purpose of this document is to assist senhasegura deployers in performing the initial
settings of the senhasegura environment.

7. Initial settings

7.1. Accessing the setup module

To access the initial system setup module, directly access the senhasegura server or
make an ssh connection.
The following screen will be displayed:

Please note that we'll provide the users and passwords over another
communication channel. If you have any issues, please reach out to the deployment
team over the e-mail [email protected].

Perform authentication through the initial user, to access the senhasegura configuration
environment.

7.2. DHCP Settings

The following screen will be displayed:

Confidential - Manufacturer / customer information

© MT4 Tecnologia LTDA 5
senhasegura - senhasegura installation

1. Select the Yes option to use the settings through DHCP. If the No option is
selected, you must perform the network setup manually.

7.3. Network Settings

The following screen will be displayed:

1. Fill in the field: Hostname with the senhasegura hostname.

Confidential - Manufacturer / customer information

© MT4 Tecnologia LTDA 6
senhasegura - senhasegura installation

If you have selected the No option when setting the DHCP, follow these steps:
1. In the Network Settings section, fill in the following fields:
# Field Description

1 IP senhasegura host static IP

2 Netmask Subnet mask

3 Gateway Gateway

2. Select the Save option

A confirmation screen will be displayed:

3. Select the Yes option to confirm the server restart and apply the settings
made.

8. Activation

8.1. Adding an exception

To start Orbit, follow these steps:

1. Through the browser, enter the address: https://server/, where the “server” is
replaced by the senhasegura hostname or IP.

If a non-secure connection alert screen is displayed, use the advanced options to

add a security exception to this address.

8.2. Activating the application

In the first access to Orbit, the user will be directed to the application activation
screen.

Confidential - Manufacturer / customer information

© MT4 Tecnologia LTDA 7
senhasegura - senhasegura installation

To activate the application, follow these steps:

1. Copy the code in the Request code field;

2. Log in the senhasegura Self Activation Environment through the address

https://ssact.senhasegura.io;

Please note that we'll provide the users and passwords over another
communication channel. If you have any issues, please reach out to the
deployment team over the e-mail [email protected].

3. On the Request code tab, fill in the following fields:

Confidential - Manufacturer / customer information

© MT4 Tecnologia LTDA 8
senhasegura - senhasegura installation

# Item Description

1 Hostname or Server’s IP Hostname configured for senhasegura

Name of the reseller (will be filled in

2 Reseller
automatically)

Request code informed on the Application

3 Request code (generated by Orbit)
activation screen

4 Expiration date Application expiration date, when in PoC

4. Click on the Generate activation key button;

5. Copy the activation key displayed on the Generated code section and paste
into the Requested code field;

6. Click the senhasegura logo to be redirected to the senhasegura’s home page.

The following screen will be displayed:

Confidential - Manufacturer / customer information

© MT4 Tecnologia LTDA 9
senhasegura - senhasegura installation

Please note that we'll provide the users and passwords over another
communication channel. If you have any issues, please reach out to the
deployment team over the e-mail [email protected].

7. Perform authentication through the initial user to perform access to Orbit and
finalize the installation.

Confidential - Manufacturer / customer information

© MT4 Tecnologia LTDA 10
senhasegura - senhasegura installation

8.3. Enable Application

To enable the senhasegura application:
1. Access the menu: Settings > Application
The following screen will be displayed:

2. Click on the Enable application button

3. Click on the Save button to save the settings and enable the application

8.4. Accessing senhasegura

To log in to senhasegura, follow these steps:
1. In the browser, enter senhasegura's URL or IP.
The following screen will be displayed:

Confidential - Manufacturer / customer information

© MT4 Tecnologia LTDA 11
senhasegura - senhasegura installation

The access to the environment can be performed by using the network user for
authentication through Active Directory, if configured. In this case, the same network
user password must be used. You can access the senhasegura environment through a
local user on the system.

If a local user is chosen, when performing the first access, the user may be required to
change the password according to the security and password strength policies from their
organization.

Confidential - Manufacturer / customer information

© MT4 Tecnologia LTDA 12
senhasegura - senhasegura installation

9. Additional Steps

9.1. Setting up the access URL

To set up the URL for accessing senhasegura in Orbit, follow these steps:
1. Access the menu: Application > Settings
The following screen will be displayed:

2. Fill in the Application URL field with the address for accessing senhasegura.
3. Click on the Save button to complete the setup

Confidential - Manufacturer / customer information

© MT4 Tecnologia LTDA 13