Safeguard for Privileged Sessions (#SG-SPS) Training

Training description

The training session introduces the most important skills to manage the One Identity Safeguard for Privileged Sessions (SPS) appliance. The training session introduces installation and configuration of SPS through presentations and lab exercises. The session introduces the SPS server and the management interface.

Goal of the training

The goal of the session is to train professionals who understand One Identity Safeguard for Privileged Sessions and can configure and maintain them independently, can fine-tune or troubleshoot it.

Intended audience

For all end-user and partners or system engineers who would like to install, configure or maintain SPS infrastructure independently. At the end of the session participants can setup, fine-tune and troubleshoot SPS and can submit tickets to the SPS Support centers.


The training is a 3 day, classroom based, instructor-lead session, that includes the presentations and lab exercises. The session starts at 9:00 and finishes at 17:00 that includes the lunch. The session can be customized by the client’s need. After applying we will contact you to work out the details.

Detailed agenda

Module: Introduction and Overview

  • Introduction
  • Transparent and non-transparent working mode
  • Overview of the appliance

Module: Configuration interface and the Welcome Wizard

  • Using the configuration interface
  • Initialize and deploy the SPS box

Module: Enable connections (telnet)

  • Protocol overview
  • Enable a simple, transparent telnet connection
  • Enable a simple, non-transparent telnet connection

Module: Search and the Audit Player

  • Introduction to the search interface
  • Replay session with the Audit Player
  • Replay session with the on-box player

Module: Enable SSH connections

  • Protocol overview
  • Enable a simple, transparent SSH connection
  • Enable a simple, non-transparent SSH connection
  • Connection with inband destination selection (server selection from username)
  • Server key checking (host key)

Module: Enable RDP connections

  • Protocol overview
  • Enable a simple, transparent RDP connection
  • Enable RDP connections with inband destination selection

Module: Policies

  • Defining and using policies
  • Channel policy
  • Time policy

Module: User management

  • SPS users and AAA
  • User rights and access control

Module: Support and Troubleshooting

  • Licensing
  • Firmwares and hotfixes
  • Version policy
  • Backup and restore
  • Monitoring
  • Troubleshooting tools
  • Logs

Module: Advanced authentication methods

  • Control the user ID
  • Gateway authentication
  • 4-eye authorization
  • LDAP

Module: The credential store

  • Local credential store

Module: Advanced RDP settings

  • SPS as RD-Gateway (formerly the Terminal Services Gateway)

Module: The audit policy

  • Encryption, timestamping and digital signing of audit trails

Module: Real time monitoring

  • Monitoring connections (content) in real-time
  • Interaction: termination and/or alerting

Module: Reports

  • Creating maintenance reports

Module: High availability

  • HA concepts
  • Setup HA
  • HA roles: config master, managed host, search master, search minion and search local

Module: Join SPS and SPP

  • Using external credential stores
  • Join SPS with SPP
  • The Session-initiated workflow
  • The Password-initiated workflow

Module: Analytics

  • Introduction to User Behaviour Analytics, biometrics and machine learning
  • Enable UBA, configuration and usage



Contact person


* I have read and accept the terms & conditions.