OKTA Single Sign-On
Version: Okta SSO.
OKTA SSO an enterprise-grade, identity management service, is built for the cloud, but compatible with many on-premises applications.
Netsurion Open XDR monitors the OKTA SSO in real-time which help us monitor the login activities, audit activities (like device management, user and group management, app management, etc). Netsurion Open XDR dashboard helps you to visualize the activities happening in OKTA and also provide information about the geolocation whenever the login activities happens
Netsurion Data Source Integration for Okta SSO allows you to monitor the following components
- Operations – System events, application changes and user sessions.
- Compliance – Policy changes, user management and application membership changes.
- Security – Admin access and user authentication.
After the Okta SSO is configured to deliver events to the Netsurion Open XDR, the dashboards and reports can be configured into Netsurion Open XDR.
The following are the key Data Source Integration available in Netsurion Open XDR.
Alerts
| Type | Name | Description |
|---|---|---|
| Security | OKTA SSO – User Login failed | This alert will be triggered when a user attempt to login but fails. This will help us to find the unauthorized access. |
Reports
| Type | Name | Description |
|---|---|---|
| Security | OKTA SSO – User authentication details | This report provides information related to authentication attempt (failure as well as success) made by user. |
| Security | OKTA SSO – Admin access | This report provides information when user is trying to access admin console of OKTA SSO. |
| Operations | OKTA SSO – Application membership changes | This report provides information related to changes in OKTA SSO apps membership. This report contains activities like app added/removed from Application group. |
| Operations | OKTA SSO – Policy changes | This report provides information related to changes (policy added, deleted or modified) in OKTA SSO policy. |
| Compliance | OKTA SSO – System events | This report provides information related to system activities which is happening in OKTA SSO cloud. |
| Compliance | OKTA SSO – Application changes | This report provides information related to changes in application which is integrated with OKTA. |
| Compliance | OKTA SSO – User management | This report provides information related to changes (user added, deleted, modified, added into group, removed from groups, etc). |
| Compliance | OKTA SSO – User session details | This report provides information related to user login activities in mobile or application. |
Documentation
The configuration details are consistent with Netsurion Open XDR 9.x or later, and Okta SSO.
Download Integration Guide for configuration instructions and more information.