AuthNull – Frequently Asked Questions (FAQ)
Basics – Product‑Related Questions
Q: What is AuthNull and what does it do?
A: AuthNull is a privileged access management (PAM) and passwordless MFA platform that enables frictionless authentication, agent‑based or agentless MFA, policy‑based access controls, session recording, and AI‑driven policy discovery for systems, AD, databases, and network appliances.
Q: How do I get started?
A: After signing up, register your organization and tenant. Import users (e.g., via Active Directory), install agents (or use agentless mode), then configure policies and MFA settings.
Q: What platforms does AuthNull support?
A: Supported environments include Windows and Linux servers/workstations (agent or agentless), Active Directory, RADIUS devices, and open-source databases like PostgreSQL, MySQL, and MariaDB.
Q: Is training or documentation available?
A: Yes—AuthNull provides comprehensive help docs, how‑to guides, API references, videos, whitepapers, and release notes via their online resource center.
Policy Configuration & Best Practices
Q: How does AuthNull's policy framework work?
A: Policies follow a default deny‑all model, aligning with the Principle of Least Privilege. Access must be explicitly granted via configured policies.
Q: How do I create a policy?
A: Navigate to Policies ➝ Add Policy (or use "Grant Access" on resource pages), select the subject (users/groups), specify the target (host, database, table), define permissions, and optionally set conditions like time, location, device posture.
Q: What advanced configurations are available?
A: Policies support time-bound access, geofencing/IP restrictions, network/VPN conditions, device posture checks, AI‑discovered policy requests, offline agent caching, and MFA enforcement.
Q: Can policies require approval before activation?
A: Yes—AuthNull includes multi-stage approval workflows, allowing administrators to require approval prior to policy enforcement.
Device Compliance & Risk‑Based Policies
Q: How are endpoints handled?
A: Endpoints are enrolled via agent installation or agentless methods. AuthNull syncs users/groups and monitors device compliance, enforcing relevant access policies.
Q: What compliance signals are used?
A: Signals include cached offline policies, device posture, MFA state, location/IP, credential rotation, and risk‑based conditions.
Q: Can I enforce conditional access based on device posture or risk?
A: Yes—AuthNull supports conditional access that factors in device posture and risk signals before granting access.
Location & IP Restrictions
Q: Can I enforce geofencing or IP restrictions?
A: Yes. Policies can be configured to allow/deny access based on geographic location or specific IP ranges.
Q: Are exceptions supported?
A: Yes—policies may include exceptions for specific IPs, subnets, time windows, or geolocations.
Q: How do location controls work with proxies or VPNs?
A: Policies can require access via approved IP ranges only, thereby blocking unknown or proxied endpoints.
App‑Specific Policies
Q: Can I target specific apps or services?
A: Yes—AuthNull allows fine-grained policies for jump servers, individual servers, containers, databases, and network devices.
Q: Are there differences between managed vs. unmanaged apps?
A: Policies can be scoped accordingly, and AuthNull supports both agent‑based and agent‑less enforcement depending on the application type and deployment method.
Troubleshooting
Q: Why was access denied?
A: Typical reasons include: lack of active policy, policy conflict, failing compliance checks (device posture, location, etc.), or policy not applied to the user or group.
Q: How do I diagnose issues?
A: Use the built-in Help Docs and Troubleshooting guides. Review audit logs, session recordings, policy assignment logs, and device sync status.
Q: What logs are available?
A: AuthNull collects session recordings, authentication events (passwordless, MFA), policy change histories, and comprehensive admin logs.
Q: How do I manually validate device posture or compliance?
A: Check the endpoint's local agent dashboard for policy sync status and compliance signals. You can also test via SSH or RDP login behaviors.
Reporting & Analytics
Q: What reporting tools are available?
A: AuthNull provides session playback, policy usage analytics, audit trails, user activity logs, and compliance reports via the admin console.
Q: Can I export logs?
A: Yes—logs and recordings can be exported directly or forwarded to external systems such as SIEMs or dashboards.
Q: How often is data updated?
A: Events are logged in real time. Usage analytics and reports typically refresh on daily to weekly cycles.
Q: What metrics should I track?
A: Key metrics include policy violations, MFA success vs. failure rates, session duration, device compliance failures, credential rotation events, and coverage of audit trails.