Release Notes
Version 8.0 LTS
11 November 2024, 17:01
These release notes provide information about the One Identity Safeguard for Privileged Sessions release. For the most recent documents and product information, see One Identity Safeguard for Privileged Sessions - Technical Documentation.
One Identity Safeguard for Privileged Sessions Version 8.0 LTS is a release with new features and resolved issues. For details, see:
NOTE: For a full list of key features in One Identity Safeguard for Privileged Sessions, see Administration Guide.
The One Identity Safeguard Appliance is built specifically for use only with the Safeguard privileged management software, which is pre-installed and ready for immediate use. The appliance is hardened to ensure the system is secured at the hardware, operating system and software levels. The hardened appliance approach protects the privileged management software from attacks while simplifying deployment and ongoing management -- and shortening the timeframe to value.
Safeguard privileged management software is used to control, monitor, and govern privileged user accounts and activities to identify possible malicious activities, detect entitlement risks, and provide tamper proof evidence. The Safeguard products also aid incident investigation, forensics work, and compliance efforts.
The Safeguard products' unique strengths are:
One-stop solution for all privileged access management needs
Easy to deploy and integrate
Unparalleled depth of recording
Comprehensive risk analysis of entitlements and activities
Thorough Governance for privileged account
The suite includes the following modules:
One Identity Safeguard for Privileged Passwords automates, controls and secures the process of granting privileged credentials with role-based access management and automated workflows. Deployed on a hardened appliance, Safeguard for Privileged Passwords eliminates concerns about secured access to the solution itself, which helps to speed integration with your systems and IT strategies. Plus, its user-centered design means a small learning curve and the ability to manage passwords from anywhere and using nearly any device. The result is a solution that secures your enterprise and enables your privileged users with a new level of freedom and functionality.
One Identity Safeguard for Privileged Sessions is part of One Identity's Privileged Access Management portfolio. Addressing large enterprise needs, One Identity Safeguard for Privileged Sessions is a privileged session management solution, which provides industry-leading access control, as well as session monitoring and recording to prevent privileged account misuse, facilitate compliance, and accelerate forensics investigations.
One Identity Safeguard for Privileged Sessions is a quickly deployable enterprise appliance, completely independent from clients and servers - integrating seamlessly into existing networks. It captures the activity data necessary for user profiling and enables full user session drill-down for forensics investigations.
One Identity Safeguard for Privileged Analytics integrates data from One Identity Safeguard for Privileged Sessions to use as the basis of privileged user behavior analysis. Safeguard for Privileged Analytics uses machine learning algorithms to scrutinize behavioral characteristics and generates user behavior profiles for each individual privileged user. Safeguard for Privileged Analytics compares actual user activity to user profiles in real time and profiles are continually adjusted using machine learning. Safeguard for Privileged Analytics detects anomalies and ranks them based on risk so you can prioritize and take appropriate action - and ultimately prevent data breaches.
New audited user view
SPS version 8.0 LTS includes a new audited user view. The new Audit main menu item contains the Sessions tab and the additional Users tab.
The new Users tab provides an overview of the audited users and allows you to open individual users in a new tab. Each open user tab shows detailed information on the user's sessions, activity, score, session statistics, and baseline build status. This flexibility enables the investigation of multiple users across different time periods simultaneously.
To access the new Users tab, you need the Audit/Access all users ACL. To view user-related session data, you need the Audit/Sessions ACL and either the Audit/Access all sessions ACL or ADAR.
For more information, see Viewing audited user details in the Administration Guide.
Handling user names in User Principal Name (UPN) format
When using the RDP protocol, previous versions of SPS split user names in the email-like UPN format into a user and a domain part.
In favor of supporting alternate UPN suffixes, this is no longer true. This change affects how various components of SPS process or represent user identifiers.
For more information, see Handling user names in User Principal Name (UPN) format in the Administration Guide.
Kerberos authentication for RDP connections
SPS version 8.0 LTS introduces Kerberos authentication for RDP connections.
For more information, see Kerberos and Creating and editing protocol-level RDP settingsin the Administration Guide.
api/audit/users/<user-id>
You can retrieve detailed user information from the recorded sessions.
For more information, see Retrieving detailed user information in the REST API Reference Guide.
API key authentication to the REST API
You can use API keys to authenticate to the SPS REST API. This appliance access method is most suitable for scripts, so that saving passwords to text files can be avoided. This feature is available on the REST API only.
For more information, see Authenticate to the SPS REST API using API keysin the REST API Reference Guide.
SPS availability monitoring
A new REST API endpoint /api/proxy-status is available to provide simplified appliance information for load balancer health probes. This feature is available on the REST API only.
For more information, see Monitor SPS availability from load balancers in the REST API Reference Guide.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Términos de uso Privacidad Cookie Preference Center
