Safeguard for Privileged Passwords Release Notes
Safeguard for Privileged Passwords 6.9
22 March 2021, 08:52
These release notes provide information about the Safeguard for Privileged Passwords 6.9 release. If you are updating a Safeguard for Privileged Passwords version prior to this release, read the release notes for the version found at: One Identity Safeguard for Privileged Passwords Technical Documentation.
For the most recent documents and product information, see One Identity Safeguard for Privileged Passwords Technical Documentation.
Safeguard for Privileged Passwords includes two release versions:
- Long Term Support (LTS) maintenance release, version 6.0.9 LTS
- Feature release, version 6.9
The versions align with Safeguard for Privileged Sessions. For more information, see Long Term Support (LTS) and Feature Releases.
About this release
Safeguard for Privileged Passwords Version 6.9 is a minor feature release with new features, resolved issues, and known issues.
For more details, see:
About the Safeguard product line
The Safeguard for Privileged Passwords 3000 and 2000 Appliances are built specifically for use only with the Safeguard for Privileged Passwords privileged management software, which is pre-installed and ready for immediate use. The appliance is hardened to ensure the system is secured at the hardware, operating system, and software levels. The hardened appliance approach protects the privileged management software from attacks while simplifying deployment and ongoing management and shortening the time frame to value.
Safeguard for Privileged Passwords virtual appliances and cloud applications are also available. When setting up a virtual environment, carefully consider the configuration aspects such as CPU, memory availability, I/O subsystem, and network infrastructure to ensure the virtual layer has the necessary resources available. See One Identity's Product Support Policies for more information on environment virtualization.
Safeguard privileged management software suite
Safeguard privileged management software is used to control, monitor, and govern privileged user accounts and activities to identify possible malicious activities, detect entitlement risks, and provide tamper proof evidence. The Safeguard products also aid incident investigation, forensics work, and compliance efforts.
The Safeguard products' unique strengths are:
- One-stop solution for all privileged access management needs
- Easy to deploy and integrate
- Unparalleled depth of recording
- Comprehensive risk analysis of entitlements and activities
- Thorough Governance for privileged account
The suite includes the following modules:
- Safeguard for Privileged Passwords automates, controls, and secures the process of granting privileged credentials with role-based access management and automated workflows. Deployed on a hardened appliance, Safeguard for Privileged Passwords eliminates concerns about secured access to the solution itself, which helps to speed integration with your systems and IT strategies. Plus, its user-centered design means a small learning curve and the ability to manage passwords from anywhere and using nearly any device. The result is a solution that secures your enterprise and enables your privileged users with a new level of freedom and functionality.
One Identity for Privileged Sessions is part of One Identity's Privileged Access Management portfolio. Addressing large enterprise needs, Safeguard for Privileged Sessions is a privileged session management solution, which provides industry-leading access control, as well as session monitoring and recording to prevent privileged account misuse, facilitate compliance, and accelerate forensics investigations.
Safeguard for Privileged Sessions is a quickly deployable enterprise appliance, completely independent from clients and servers to integrate seamlessly into existing networks. It captures the activity data necessary for user profiling and enables full user session drill-down for forensics investigations.
One Identity Safeguard for Privileged Analytics integrates data from Safeguard for Privileged Sessions to use as the basis of privileged user behavior analysis. Safeguard for Privileged Analytics uses machine learning algorithms to scrutinize behavioral characteristics, and generates user behavior profiles for each individual privileged user. Safeguard for Privileged Analytics compares actual user activity to user profiles in real time, and profiles are continually adjusted using machine learning. Safeguard for Privileged Analytics detects anomalies and ranks them based on risk so you can prioritize and take appropriate action and ultimately prevent data breaches.
Figure 1: Privileged Sessions and Privileged Passwords
CAUTION: In future versions of Safeguard for Privileged Passwords, Internet Explorer 11 will no longer be supported. For a list of currently supported browsers, see Web client system requirements.
Asset Administrators can now assign ownership at an asset, account, and partition level either directly or through the use of tags (191487)
In addition, reports can be run by Asset Administrators and Auditors to see a more detailed overview of ownership.
Change password at login changes (191528)
You are now able to prompt users to change their password during their next login.
(Web client) Updates to the Dashboard, navigation changes, and a new Real-Time Reports page (241843)
There are new widgets on the Dashboard and the left navigation pane has been redesigned with a new look and feel.
A new Real-Time Reports page has also been added. This page provides an overview of the current status of your appliance including cluster information, appliance schedule, resource usage, and tasks.
(Web client) Support for VLANs using X1 (191489/255130)
In the network configuration settings of the web client, Administrators can now add additional virtual network adapters associated with X1 and assign VLAN IDs to those adapters. In this way, Safeguard for Privileged Passwords can now connect and communicate with assets on up to 31 VLANs.
New connector integrations via Starling Connect (258529/264420)
For Safeguard for Privileged Passwords 6.8 and above, you are now able to connect your Starling AWS connectors with Safeguard for Privileged Passwords. This allows for the accounts stored in AWS to be discovered and controlled by Safeguard for Privileged Passwords through the use of partitions which allow for rotating passwords to provide additional security for them. You are also able to connect your GSuite and Salesforce connectors. For the current list of connectors currently available for use with Safeguard for Privileged Passwords, see the Starling Connect documentation.
New platform type available: Other Directory (257125/259918)
A new Other Directory platform type is available for use which allows you to manually add directory assets without requiring network access.
(API) Changes to local user group operations (266674)
Local user group operations via the API are now asynchronous. If you want to ensure that an operation on a group has completed before submitting another operation for that same group, add the X-Await-Result header to the API calls for that group.
The following is a list of enhancements implemented in Safeguard for Privileged Passwords 6.9.
Table 1: General enhancements
|Improved performance for launching SPS/SPP sessions.
|Now able to use Alternate Login Name attribute as the account name. This requires using the API's UseAltLoginName setting.
|You can now configure Safeguard for Privileged Passwords to prompt for a password change during their next login.