Governance begins with System Administrators performing the OpenEdge installation, during which ESAM is installed automatically in silent mode. ESAM makes your OpenEdge installations more secure by preventing attackers from directing OpenEdge activities to resources outside the directory scope of the OpenEdge implementation.

You can also make your OpenEdge installation safer and enhance its security by providing restricted and role-based access to the administrative artifacts of ESAM. Progress recommends two separate administrative roles to protect access to ESAM and OpenEdge resources that provide governance over OpenEdge installations:
  • System Administrators—Responsible for installing OpenEdge and setting up a secure OpenEdge installation.
  • OpenEdge Administrators— Responsible for managing and securing the OpenEdge runtime environment including any runtime administrative needs associated with ESAM, such as setting ESAM policies on specific OpenEdge resources and activities within the scope of OpenEdge runtime. OpenEdge Administrators can also monitor services and activities through select audit logs.

Under the supervision of System Administrators, OpenEdge Administrators can manage and secure OpenEdge runtime environments.