Tchater maintenant avec le support
Tchattez avec un ingénieur du support

One Identity Safeguard for Privileged Passwords 7.4.2 - Release Notes

Long Term Support (LTS) and Feature Releases

Releases use the following version designations:

  • Long Term Support (LTS) Releases: The first digit identifies the release and the second is a zero (for example, 6.0 LTS).
  • Maintenance LTS Releases: A third digit is added followed by LTS (for example, 6.0.6 LTS).
  • Feature Releases: The Feature Releases version numbers are two digits (for example, 6.6).

Customers choose between two paths for receiving releases: Long Term Support (LTS) Release or Feature Release. See the following table for details.

Table 6: Comparison of Long Term Support (LTS) Release and Feature Release
  Long Term Support (LTS) Release Feature Release
General Release

Scope: Includes new features, resolved issues and security updates

Versioning: The first digit identifies the LTS and the second digit is a 0 (for example, 6.0 LTS, 7.0 LTS, and so on).

Scope: Includes the latest features, resolved issues, and other updates, such as security patches for the OS

Versioning: The first digit identifies the LTS and the second digit is a number identifying the Feature Release (for example, 6.6, 6.7, and so on).

Maintenance Release

Scope: Includes critical resolved issues

Versioning: A third digit designates the maintenance LTS Release (for example, 6.0.6 LTS).

Scope: Includes highly critical resolved issues

Versioning: A third digit designates the maintenance Feature Release (for example, 6.6.1).

Release and support details can be found at Product Life Cycle.

CAUTION: Downgrading from the latest Feature Release, even to an LTS release, voids support for SPP.

One Identity strongly recommends always installing the latest revision of the release path you use (Long Term Support path or Feature Release path).

Moving between LTS and Feature Release versions

You can move from an LTS version (for example, 6.0.7 LTS) to the same feature version (6.7) and then patch to a later feature version. After that, you can patch from the minimum version for the patch, typically N-3. If you move from an LTS version to a feature version, you will receive a warning like the following which informs you that you will only be able to apply a Feature Release until the next LTS Release:

Warning: You are patching to a Feature Release from an LTS Release. If you apply this update, you will not be able to upgrade to a non-Feature Release until the next LTS major release version is available. See the Administration Guide for details.

You cannot move from a Feature Release to LTS Release. For example, you cannot move from 6.7 to 6.0.7 LTS. You have to keep upgrading with each new Feature Release until the next LTS Release version is published. For this example, you would wait until 7.0 LTS is available.

Patching

You can only patch from a major version. For example, if you have version 6.6 and want to patch to 7.7, you must patch to 7.0 LTS and then apply 7.7.

An LTS major version of One Identity Safeguard for Privileged Passwords (SPP) will only work with the same LTS major version of SPS (SPS). For the best experience, it is recommended you use the latest supported version.

Appliance specifications

The Safeguard for Privileged Passwords Appliance is built specifically for use only with the Safeguard for Privileged Passwords privileged management software that is already installed and ready for immediate use. It comes hardened to ensure the system is secure at the hardware, operating system, and software levels.

The following tables list the One Identity Safeguard for Privileged Passwords 4000 Appliance, 3000 Appliance and 2000 Appliance specifications and power requirements.

Table 7: 4000 Appliance: Feature specifications
4000 Appliance Feature / Specification
Processor Intel Xeon 4310T 2.3 GHz
# of Processors 1
# of Cores per Processor 10 cores (20 threads)
L2/L3 Cache 15 MB Cache
Chipset Intel C621A Chipset
DIMMs ECC DDR4-2667
RAM 64 GB
Internal HD Controller Supermicro AOC-S3908L-H8iR-16DD
Disk Hard Drive 4 x Seagate Exos 7E10 2TB SAS 512e
Availability TPM 2.0, EEC Memory, Redundant PSU
I/O Slots 2x PCIe 4.0 x16 FHHL 1x PCIe 4.0 x16 HHHL
RAID RAID10
NIC/LOM Broadcom P210TP - 2 x 10G BASE-T Broadcom P210P - 2 x 10G SFP+
Power Supplies Redundant, 500W/600W, Auto Ranging (100v~240V), RoHS and REACH compliant
Fans 6 Supermicro FAN-0141L
Chassis 1U Rack

Dimensions (HxWxD)

43 x 437.0 x 650.0 (mm)

1.7 x 17.2 x 25.6 (in)

Weight Max: 37 lbs (16.78 Kg)
Table 8: 3000 Appliance: Feature specifications
3000 Appliance Feature / Specification
Processor Intel Xeon E3-1275v6 3.8 GHz
# of Processors 1
# of Cores per Processor 4 cores (8 threads)
L2/L3 Cache 8MB L3 Cache
Chipset Intel C236 Chipset
DIMMs

Unbuffered ECC UDIMM DDR4 2400MHz

RAM 32 GB
Internal HD Controller LSI MegaRAID SAS 9361-4i Single
Disk Hard Drive 4 x Seagate 7E2000 2TB SAS 512E
Availability TPM 2.0, EEC Memory, Redundant PSU
I/O Slots x16 PCIe 3.0, x8 PCIe 3.0
RAID RAID10
NIC/LOM 4 port - dual GbE LAN with Intel i210-AT
Power Supplies

Redundant, 700W, Auto Ranging (100v~240V), ACPI compatible

Fans 1 Supermicro SNK-P0046P and 2 Micron 16GB 2666MHz 2R ECC Unb Z01B Dual Label
Chassis 1U Rack

Dimensions (HxWxD)

43 x 437.0 x 597.0 (mm)

1.7 x 17.2 x 23.5 (in)

Weight Max: 37 lbs (16.78 Kg)
Table 9: 2000 Appliance: Feature specifications
2000 Appliance Feature / Specification
Processor Intel Xeon E3-1275v5 3.60 GHz
# of Processors 1
# of Cores per Processor 4
L2/L3 Cache 4 x 256KB L2, 8MB L3 SmartCache
Chipset Intel C236 Chipset
DIMMs DDR4-2400 ECC Unbuffered DIMMs
RAM 32GB
Internal HD Controller LSI MegaRAID SAS 9391-4i 12Gbps SAS3
Disk 4 x Seagate EC2.5 1TB SAS 512e
Availability TPM 2.0, EEC Memory, Redundant PSU
I/O Slots x16 PCIe 3.0, x8 PCIe 3.0
RAID RAID10
NIC/LOM 3 x Intel i210-AT GbE
Power Supplies Redundant, 700W, Auto Ranging (100v~240V), ACPI compatible
Fans 4 x 40mm Counter-rotating, Non-hot-swappable
Chassis 1U Rack

Dimensions

(HxWxD)

43 x 437.0 x 597.0 (mm)

1.7 x 17.2 x 23.5 (in)

Weight Max: 46 lbs (20.9 Kg)
Miscellaneous FIPS Compliant Chassis
Table 10: One Identity Safeguard for Privileged Passwords 4000 Appliance, 3000 Appliance and 2000 Appliance: Power requirements
Input Voltage 100-240 Vac
Frequency 50-60Hz
Power Consumption (Watts) 170.9
BTU 583

Safeguard for Privileged Passwords is also available as a virtual appliance and from the cloud. For details see:

  • Using the virtual appliance and web management console
  • Using the cloud

Appliance LCD and controls

The front panel of the One Identity Safeguard for Privileged Passwords 4000 Appliance, 3000 Appliance and 2000 Appliance contain the following controls for powering on, powering off, and scrolling through the LCD display.

  • Green check mark button: Use the Green check mark button to start the appliance. Press the Green check mark button for NO more than one second to power on the appliance.

    Caution: Once the Safeguard for Privileged Passwords Appliance is booted, DO NOT press and hold the Green check mark button. Holding this button for four or more seconds will cold reset the power of the appliance and may result in damage.
  • Red X button: Use the Red X button to shut down the appliance. Press and hold the Red X button for four seconds until the LCD displays POWER OFF.

    Caution: Once the Safeguard for Privileged Passwords Appliance is booted, DO NOT press and hold the Red X button for more than 13 seconds. This will hard power off the appliance and may result in damage.
  • Down, up, left, and right arrow buttons: When the appliance is running, the LCD home screen displays: Safeguard for Privileged Passwords <version number>. Use the arrow buttons to scroll through the following details:
    • Serial: <appliance serial number>
    • X0: <appliance IP address>
    • MGMT: <management IP address>
    • MGMT MAC: <media access control address>
    • IPMI: <IP address for IPMI>
Table 11: Appliance LCD and controls
Control Description

Green check mark button

Use the Green check mark button to start the appliance. Press the Green check mark button for NO MORE THAN one second to power on the appliance.

Caution: Once the Safeguard for Privileged Passwords Appliance is booted, DO NOT press and hold the Green check mark button. Holding this button for four or more seconds will cold reset the power of the appliance and may result in damage.

Red X button

Use the Red X button to shut down the appliance. Press and hold the Red X button for four seconds until the LCD displays POWER OFF.

Caution: Once the Safeguard for Privileged Passwords Appliance is booted, DO NOT press and hold the Red X button for more than 13 seconds. This will hard power off the appliance and may result in damage.
Down, up, left, and right arrow buttons

When the appliance is running, the LCD home screen displays:

  • Safeguard for Privileged Passwords <version number>

Use the arrow buttons to scroll through the following details:

  • Serial: <appliance serial number>
  • X0: <appliance IP address>
  • MGMT: <management IP address>
  • MGMT MAC: <media access control address>
  • IPMI: <IP address for IPMI>

Product licensing

CAUTION: All customers upgrading to Safeguard for Privileged Passwords 7.0 require a new license. For more information, contact Support.

As a Safeguard for Privileged Passwords user, if you get an "appliance is unlicensed" notification, contact your Appliance Administrator.

Hardware appliance

The One Identity Safeguard for Privileged Passwords 4000 Appliance, 3000 Appliance and 2000 Appliance ship with the SPP module which requires a valid license to enable functionality.

You must install a valid license. Once the module is installed, Safeguard for Privileged Passwords shows a license state of Licensed and is operational. If the module license is not installed, you have limited functionality. That is, even though you will be able to configure access requests, if a SPP module license is not installed, you will not be able to request a password release.

Virtual appliance Microsoft Windows licensing

You must license the virtual appliance with a Microsoft Windows license. We recommend using either the MAK or KMS method. Specific questions about licensing should be directed to your Sales Representative. The virtual appliance will not function unless the operating system is properly licensed.

Licensing setup and update

To enter licensing information when you first log in

The first time you log in as the Appliance Administrator, you are prompted to add a license. The Success dialog displays when the license is added.

On the virtual appliance, the license is added as part of Initial Setup. For more information, see Initial setup and maintenance.

IMPORTANT: After successfully adding a license, the Software Transaction Agreement will be displayed and must be read and accepted in order to use Safeguard for Privileged Passwords.

To configure reminders for license expiration

To avoid disruptions in the use of Safeguard for Privileged Passwords, the Appliance Administrator must configure the SMTP server, and define email templates for the License Expired and the License Expiring Soon event types. This ensures you will be notified of an approaching expiration date. For more information, see Enabling email notifications.

Users are instructed to contact their Appliance Administrator if they get an "appliance is unlicensed" notification.

As an Appliance Administrator, if you receive a "license expiring" notification, apply a new license.

To update the licensing file

Safeguard licenses can be updated both on hardware and virtual machines, whereas OS licenses can be updated only on virtual machines.

To perform licensing activities

Navigate to Appliance Management > Appliance > Licensing.

  • To upload a new license file, click Upload new license file and browse to select the current license file. The Software Transaction Agreement will also be displayed during this process and must be read and accepted in order to complete the licensing process.

  • To remove the license file, select the license and click Remove selected license.

  • To get more information on the license and to export license data, click the What do these numbers mean? button, or click on the numbers in the tile.

    If you want to export data about users, desktops or systems in CSV or JSON format, navigate to the table from which you want to export data by clicking the corresponding tab, for example Users Used.

    Click the export icon located on the table. For more information on exporting, see Exporting data.

    Below is the list of the available tabs.

    For device-based licenses:

    • General

    • Desktops Used

    • Other Desktops

    • Systems Used

    • Other Systems

    • History

    For user-based licenses:

    • General

    • Users Used

    • Password Vault Only

    • Other Users

    • History

  • The General tab, contains general information about the license:

    • License usage and consumption

    • Counts of all managed and unmanaged components

    • How licenses are counted

    • License Number

    • License Type

    • Expiration Date

    • Product Version

    • Date Added

    • Added By

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation