Release Notes
Version 8.0 LTS
14 November 2024, 11:30
These release notes provide information about the One Identity Safeguard for Privileged Passwords release. For the most recent documents and product information, see Online product documentation.
The versions align with One Identity Safeguard for Privileged Sessions. For more information, see Long Term Support (LTS) and Feature Releases.
One Identity Safeguard for Privileged Passwords Version 8.0 LTS is a patch release with no new functionality. See Resolved issues.
The One Identity Safeguard for Privileged Passwords
Safeguard for Privileged Passwords virtual appliances and cloud applications are also available. When setting up a virtual environment, carefully consider the configuration aspects such as CPU, memory availability, I/O subsystem, and network infrastructure to ensure the virtual layer has the necessary resources available. See One Identity's Product Support Policies for more information on environment virtualization.
Safeguard privileged management software is used to control, monitor, and govern privileged user accounts and activities to identify possible malicious activities, detect entitlement risks, and provide tamper proof evidence. The Safeguard products also aid incident investigation, forensics work, and compliance efforts.
The Safeguard products' unique strengths are:
The suite includes the following modules:
One Identity Safeguard for Privileged Sessions (SPS) is part of One Identity's Privileged Access Management portfolio. Addressing large enterprise needs, SPS is a privileged session management solution, which provides industry-leading access control, as well as session monitoring and recording to prevent privileged account misuse, facilitate compliance, and accelerate forensics investigations.
SPS is a quickly deployable enterprise appliance, completely independent from clients and servers to integrate seamlessly into existing networks. It captures the activity data necessary for user profiling and enables full user session drill-down for forensics investigations.
NOTE: Configuration options and details related to SPS will only be visible to customers that have purchased and joined the product to One Identity Safeguard for Privileged Passwords.
One Identity Safeguard for Privileged Analytics (SPA) integrates data from SPS to use as the basis of privileged user behavior analysis. Safeguard for SPA uses machine learning algorithms to scrutinize behavioral characteristics, and generates user behavior profiles for each individual privileged user. Safeguard for SPA compares actual user activity to user profiles in real time, and profiles are continually adjusted using machine learning. Safeguard for SPA detects anomalies and ranks them based on risk so you can prioritize and take appropriate action and ultimately prevent data breaches.
Figure 1: Privileged Sessions and Privileged Passwords
New features in Safeguard for Privileged Passwords 8.0 LTS:
All customers upgrading to One Identity Safeguard for Privileged Passwords 8.0 LTS require a new license. For more information, see https://support.oneidentity.com/contact-us/licensing. After the new license is installed, Appliance Administrators must read and accept the Software Transaction Agreement before Safeguard for Privileged Passwords will be fully functional.
When you create or edit an access request policy, if the Access Type is set to File and the access request also contains a password or SSH key for the account, you can include the password or SSH key release with session access requests or access requests (making it immediately available for checkout along with the rest of the request). To do so, select the Include Password Release with File Requests or Include SSH Key Release with File Requests check box, respectively.
For more information, see Security tab (create access request policy) in the One Identity Safeguard for Privileged Passwords Administration Guide.
In the One Identity Safeguard for Privileged Passwords web client, under Reports, you can run and export newly added reports. For more information, see the following sections of the One Identity Safeguard for Privileged Passwords Administration Guide:
Reports
Audit reports
Access Request reports
Secrets reports
User reports
Safeguard for Privileged Passwords can be run in the cloud using the Google Cloud Platform. For more information, see Cloud deployment considerations in the One Identity Safeguard for Privileged Passwords Administration Guide or in the One Identity Safeguard for Privileged Passwords Appliance Setup Guide.
Safeguard for Privileged Passwords now supports just-in-time (JIT) account privilege elevation and demotion for the following asset platforms:
ACF2 - Mainframe LDAP
eDirectory LDAP
LDAP
RACF - Mainframe LDAP
Top Secret - Mainframe LDAP
For the complete list of platforms that support just-in-time (JIT) account privilege elevation, see Supported platforms.
Safeguard for Privileged Passwords now supports the Google Cloud Secret Manager asset platform type. For more information, see Configuring an asset for Google Cloud Secret Manager in the One Identity Safeguard for Privileged Passwords Administration Guide.
In the Enterprise Vault, Safeguard for Privileged Passwords supports importing password data from CSV files and exporting password data to CSV and JSON files. For more information, see Importing password data from CSV file and Exporting password data to CSV or JSON file in the One Identity Safeguard for Privileged Passwords Administration Guide.
You can customize the background of the Safeguard for Privileged Passwords login page and application for users. For more information, see Branding customization in the One Identity Safeguard for Privileged Passwords Administration Guide.
You can create and host an SPP Virtual Machine on your KVM Hypervisor (Kernel-based Virtual Machine). For more information, see KVM-deployment in the One Identity Safeguard for Privileged Passwords Administration Guide.
You can set the default authentication provider for login. For more information, see Managing the default identity and authentication provider in the One Identity Safeguard for Privileged Passwords Administration Guide.
Administered Certificates allows customers to create certificate signing requests for all kinds of certificates. It also serves as a secure and auditable vault for storing, retrieving, and sharing existing certificates, or certificates from other sources. For more information, see Administered certificates in the One Identity Safeguard for Privileged Passwords Administration Guide.
The Post Install Checklist helps you in completing the setup of your SPP appliance. The list shows the recommended best practice settings that should be completed after the initial setup of a cluster. For more information, see Post install checklist in the One Identity Safeguard for Privileged Passwords Administration Guide.
You can add an asset for Kubernetes and have SPP directly manage the secrets using a standard check and change password profile. For more information, see Configure the Kubernetes platform in the One Identity Safeguard for Privileged Passwords Administration Guide.
You can add an asset to SPP which enables you to manage SPP users on all SPP servers in your cluster. For more information, see Configure the SPP user platform in the One Identity Safeguard for Privileged Passwords Administration Guide.
With the SPP asset platform type you can offload or distribute access to certain accounts. For more information, see Configure the SPP asset platform in the One Identity Safeguard for Privileged Passwords Administration Guide.
Enhancements
Resolved issues
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Conditions d’utilisation Confidentialité Cookie Preference Center
