Releases use the following version designations:
- Long Term Support (LTS) Releases: The first digit identifies the release and the second is a zero (for example, 6.0 LTS).
- Maintenance LTS Releases: A third digit is added followed by LTS (for example, 6.0.6 LTS).
- Feature Releases: The Feature Releases are two digits (for example, 6.6).
Customers choose between two paths for receiving releases: Long Term Support (LTS) Release or Feature Release. See the following table for details.
Table 6: Comparison of Long Term Support (LTS) Release and Feature Release
| |
Long Term Support (LTS) Release |
Feature Release |
| Release frequency |
Frequency: Typically, every 2 years
Scope: Includes new features, resolved issues and security updates
Versioning: The first digit identifies the LTS and the second digit is a 0 (for example, 6.0 LTS, 7.0 LTS, and so on). |
Frequency: Typically, every 3 months
Scope: Includes the latest features, resolved issues, and other updates, such as security patches for the OS
Versioning: The first digit identifies the LTS and the second digit is a number identifying the Feature Release (for example, 6.6, 6.7, and so on). |
| Maintenance Release |
Frequency:Typically, every 3 months during full support
Scope: Includes critical resolved issues
Versioning: A third digit designates the maintenance LTS Release (for example, 6.0.6 LTS). |
Frequency:Only for highly critical issues
Scope: Includes highly critical resolved issues
Versioning: A third digit designates the maintenance Feature Release (for example, 6.6.1). |
|
Support |
Typically 3 years after the original publication date or until the next LTS is published (whichever date is later) |
Typically 6 months after the original publication date or until the next feature or LTS Release is published (whichever date is later) |
Release details can be found at Product Life Cycle.
|
|
CAUTION: Downgrading from the latest Feature Release, even to an LTS release, voids support for SPP. |
One Identity strongly recommends always installing the latest revision of the release path you use (Long Term Support path or Feature Release path).
Moving between LTS and Feature Release versions
You can move from an LTS version (for example, 6.0.7 LTS) to the same feature version (6.7) and then patch to a later feature version. After that, you can patch from the minimum version for the patch, typically N-3. If you move from an LTS version to a feature version, you will receive a warning like the following which informs you that you will only be able to apply a Feature Release until the next LTS Release:
Warning: You are patching to a Feature Release from an LTS Release. If you apply this update, you will not be able to upgrade to a non-Feature Release until the next LTS major release version is available. See the Administration Guide for details.
You cannot move from a Feature Release to LTS Release. For example, you cannot move from 6.7 to 6.0.7 LTS. You have to keep upgrading with each new Feature Release until the next LTS Release version is published. For this example, you would wait until 7.0 LTS is available.
Patching
You can only patch from a major version. For example, if you have version 6.6 and want to patch to 7.7, you must patch to 7.0 LTS and then apply 7.7.
An LTS major version of Safeguard for Privileged Passwords (SPP) will work with the same LTS major version of Safeguard for Privileged Sessions (SPS). For the best experience, it is recommended you keep both their SPP and SPS in sync on the latest and supported version.
Appliance specifications
The Safeguard for Privileged Passwords Appliance is built specifically for use only with the Safeguard for Privileged Passwords privileged management software that is already installed and ready for immediate use. It comes hardened to ensure the system is secure at the hardware, operating system, and software levels.
The following two tables list the Safeguard for Privileged Passwords 3000 Appliance and 2000 Appliance specifications and power requirements.
Table 7: 3000 Appliance: Feature specifications
| Processor |
Intel Xeon E3-1275v6 3.8 GHz |
| # of Processors |
1 |
| # of Cores per Processor |
4 cores (8 threads) |
| L2/L3 Cache |
8MB L3 Cache |
| Chipset |
Intel C236 Chipset |
| DIMMs |
Unbuffered ECC UDIMM DDR4 2400MHz |
| RAM |
32 GB |
| Internal HD Controller |
LSI MegaRAID SAS 9361-4i Single |
| Disk Hard Drive |
4 x Seagate 7E2000 2TB SAS 512E |
| Availability |
TPM 2.0, EEC Memory, Redundant PSU |
| I/O Slots |
x16 PCIe 3.0, x8 PCIe 3.0 |
| RAID |
RAID10 |
| NIC/LOM |
4 port - dual GbE LAN with Intel i210-AT |
| Power Supplies |
Redundant, 700W, Auto Ranging (100v~240V), ACPI compatible |
| Fans |
1 Supermicro SNK-P0046P and 2 Micron 16GB 2666MHz 2R ECC Unb Z01B Dual Label |
| Chassis |
1U Rack |
|
Dimensions
(HxWxD) |
43 x 437.0 x 597.0 (mm)
1.7 x 17.2 x 23.5 (in) |
| Weight |
Max: 37 lbs (16.78 Kg) |
Table 8: 2000 Appliance: Feature specifications
| Processor |
Intel Xeon E3-1275v5 3.60 GHz |
| # of Processors |
1 |
| # of Cores per Processor |
4 |
| L2/L3 Cache |
4 x 256KB L2, 8MB L3 SmartCache |
| Chipset |
Intel C236 Chipset |
| DIMMs |
DDR4-2400 ECC Unbuffered DIMMs |
| RAM |
32GB |
| Internal HD Controller |
LSI MegaRAID SAS 9391-4i 12Gbps SAS3 |
| Disk |
4 x Seagate EC2.5 1TB SAS 512e |
| Availability |
TPM 2.0, EEC Memory, Redundant PSU |
| I/O Slots |
x16 PCIe 3.0, x8 PCIe 3.0 |
| RAID |
RAID10 |
| NIC/LOM |
3 x Intel i210-AT GbE |
| Power Supplies |
Redundant, 700W, Auto Ranging (100v~240V), ACPI compatible |
| Fans |
4 x 40mm Counter-rotating, Non-hot-swappable |
| Chassis |
1U Rack |
|
Dimensions
(HxWxD) |
43 x 437.0 x 597.0 (mm)
1.7 x 17.2 x 23.5 (in) |
| Weight |
Max: 46 lbs (20.9 Kg) |
| Miscellaneous |
FIPS Compliant Chassis |
Table 9: 3000 Appliance and 2000 Appliance: Power requirements
| Input Voltage |
100-240 Vac |
| Frequency |
50-60Hz |
| Power Consumption (Watts) |
170.9 |
| BTU |
583 |
Safeguard for Privileged Passwords is also available as a virtual appliance and from the cloud.
The front panel of the Safeguard for Privileged Passwords 3000 Appliance and 2000 Appliance contain the following controls for powering on, powering off, and scrolling through the LCD display.
-
Green check mark button: Use the Green check mark button to start the appliance. Press the Green check mark button for NO more than one second to power on the appliance.
|
|
Caution: Once the Safeguard for Privileged Passwords Appliance is booted, DO NOT press and hold the Green check mark button. Holding this button for four or more seconds will cold reset the power of the appliance and may result in damage. |
-
Red X button: Use the Red X button to shut down the appliance. Press and hold the Red X button for four seconds until the LCD displays POWER OFF.
|
|
Caution: Once the Safeguard for Privileged Passwords Appliance is booted, DO NOT press and hold the Red X button for more than 13 seconds. This will hard power off the appliance and may result in damage. |
- Down, up, left, and right arrow buttons: When the appliance is running, the LCD home screen displays: Safeguard for Privileged Passwords <version number>. Use the arrow buttons to scroll through the following details:
- Serial: <appliance serial number>
- X0: <appliance IP address>
- MGMT: <management IP address>
- MGMT MAC: <media access control address>
- IPMI: <IP address for IPMI>
Table 10: Appliance LCD and controls
|
Green check mark button |
Use the Green check mark button to start the appliance. Press the Green check mark button for NO MORE THAN one second to power on the appliance.
|
|
Caution: Once the Safeguard for Privileged Passwords Appliance is booted, DO NOT press and hold the Green check mark button. Holding this button for four or more seconds will cold reset the power of the appliance and may result in damage. | |
|
Red X button |
Use the Red X button to shut down the appliance. Press and hold the Red X button for four seconds until the LCD displays POWER OFF.
|
|
Caution: Once the Safeguard for Privileged Passwords Appliance is booted, DO NOT press and hold the Red X button for more than 13 seconds. This will hard power off the appliance and may result in damage. | |
| Down, up, left, and right arrow buttons |
When the appliance is running, the LCD home screen displays:
- Safeguard for Privileged Passwords <version number>
Use the arrow buttons to scroll through the following details:
- Serial: <appliance serial number>
- X0: <appliance IP address>
- MGMT: <management IP address>
- MGMT MAC: <media access control address>
- IPMI: <IP address for IPMI>
|
The Safeguard for Privileged Passwords 3000 Appliance and 2000 Appliance ship with the following modules, each requiring a valid license to enable functionality:
- One Identity Safeguard for Safeguard for Privileged Passwords (SPP)
- One Identity Safeguard for Privileged Sessions (SPS)
SPS is a separate product. To update the SPS license, see the Safeguard for Privileged Sessions Administration Guide, Updating the SPS license.
To add a Safeguard for Privileged Passwords module license
The first time you log in to the Safeguard for Privileged Passwords desktop client as the Appliance Administrator, it prompts you to add a license. In addition, you can add additional Safeguard for Privileged Passwords module licenses.
- Navigate to Administrative Tools | Settings | Appliance | Licensing in the desktop client.
- Click
.
-
Browse to select the license file.
Once you add a license, Safeguard for Privileged Passwords displays the current license information and additional links that allow you to update the license.
- To add another module license, click Add Another License from the Success dialog.
NOTE: To avoid disruptions in the use of Safeguard for Privileged Passwords, the Appliance Administrator must configure the SMTP server, and define email templates for the License Expired and the License Expiring Soon event types. This ensures you will be notified of an approaching expiration date.
