Guides
Start typing to searchโ€ฆ

๐Ÿ›๏ธ On-Premise Agent

Secure bridge between your internal systems and the Lumos Autonomous Identity Platform

What Is the Lumos On-Premise Agent?

The Lumos On-Premise Agent is a lightweight background service that runs within your private network or data center and securely connects on-premise systems to the Lumos autonomous identity platform in the cloud. By installing this agent on a server you control, you can sync user data, access logs, and other relevant information directly from systems that are not publicly accessible.

Key Points

  • No GUI: The On-Premise Agent is a headless service (no graphical interface) designed for continuous background operation.
  • Runs on Windows or Containers: Supported on Windows Server 2016+ and containers like Docker.
  • Multiple Installations: You can install multiple agents in different locations for high availability and scalability.
  • Resource Requirements: 16GB RAM, 64GB storage (may need more for large-scale integrations).

What Can the Agent Connect To?

The On-Premise Agent is designed to integrate with applications and services running behind your firewall, including (but not limited to):

  • Microsoft Active Directory or LDAP: Perform user synchronization and manage on-prem user attributes.
  • Databases (e.g., SQL Server, MySQL): Retrieve user or access data from on-prem databases.
  • Other Services: Connect to any custom integrations or legacy systems you configure.
  • Future Expandability: Download and add on-premise connectors for new services and integrations as your environment changes.

Why Use the On-Premise Agent? (Key Benefits)

  1. Enhanced Security

    • Maintains sensitive data within your private environment, sending only the necessary data to the Lumos cloud via secure HTTPS connections on port 443.

  2. Up-to-date Data Sync

    • Enables up-to-date access information and user attributes to flow between your local environment and Lumos.

  3. Automation & Governance

    • Integrates seamlessly with Lumosโ€™s identity governance workflows, enabling automated provisioning, deprovisioning, and access reviews without manual intervention.

  4. Scalability & Resilience

    • Deploy multiple agents to handle increased load and ensure continuous service availability, even if one agent goes offline.

  5. Flexible Deployment

    • Choose Windows or Linux based on your data center standards.
    • Integrate with existing network topology and security controls.

Management and Monitoring

The agent operates as a system service, with built-in capabilities for:

  • Automatic startup on system boot
  • Service recovery and restart on failure
  • Centralized logging for troubleshooting
  • Integration status monitoring through the Lumos console

This architecture enables organizations to maintain robust identity governance across their entire technology landscape while keeping internal systems secure and properly isolated from external access.

Summary

  • The On-Premise Agentย is your secure bridge between Lumos in the cloud and systems behind your firewall.
  • It can talk toย Active Directory, on-prem databases, and any other applications for which you create or download connectors.
  • Its key benefitsย are security, up-to-date data synchronization, automation, scalability, and easy management of on-prem identity data.
  • High-Level Deploymentย involves downloading the agent, setting a token, installing it on your server(s), ensuring port 443 connectivity, and dropping in the connectors for each on-prem application.

Once installed, the On-Premise Agent continuously syncs data and receives governance instructions from Lumos. You can centrally manage on-prem applications, orchestrate user access, and ensure audit readinessโ€”all without exposing your private network directly to the internet.

Updated 15 days ago

Whatโ€™s Next