Chat now with support
Chat with Support

One Identity Safeguard for Privileged Sessions 5.11.0 - Release Notes

Release Notes

One Identity Safeguard for Privileged Sessions 5.11

Release Notes

April 2019

These release notes provide information about the One Identity Safeguard for Privileged Sessions 5 F11 release.


About this release

The One Identity Safeguard Appliance is built specifically for use only with the Safeguard privileged management software, which is pre-installed and ready for immediate use. The appliance is hardened to ensure the system is secured at the hardware, operating system and software levels. The hardened appliance approach protects the privileged management software from attacks while simplifying deployment and ongoing management -- and shortening the timeframe to value.

The privileged management software provided with One Identity Safeguard consists of the following modules:

  • One Identity Safeguard for Privileged Passwords automates, controls and secures the process of granting privileged credentials with role-based access management and automated workflows. Deployed on a hardened appliance, Safeguard for Privileged Passwords eliminates concerns about secured access to the solution itself, which helps to speed integration with your systems and IT strategies. Plus, its user-centered design means a small learning curve and the ability to manage passwords from anywhere and using nearly any device. The result is a solution that secures your enterprise and enables your privileged users with a new level of freedom and functionality.
  • One Identity Safeguard for Privileged Sessions is part of One Identity's Privileged Access Management portfolio. Addressing large enterprise needs, Safeguard for Privileged Sessions is a privileged session management solution, which provides industry-leading access control, as well as session monitoring and recording to prevent privileged account misuse, facilitate compliance, and accelerate forensics investigations.

    Safeguard for Privileged Sessions is a quickly deployable enterprise appliance, completely independent from clients and servers - integrating seamlessly into existing networks. It captures the activity data necessary for user profiling and enables full user session drill-down for forensics investigations.

  • One Identity Safeguard for Privileged Analytics integrates data from Safeguard for Privileged Sessions to use as the basis of privileged user behavior analysis. Safeguard for Privileged Analytics uses machine learning algorithms to scrutinize behavioral characteristics and generates user behavior profiles for each individual privileged user. Safeguard for Privileged Analytics compares actual user activity to user profiles in real time and profiles are continually adjusted using machine learning. Safeguard for Privileged Analytics detects anomalies and ranks them based on risk so you can prioritize and take appropriate action - and ultimately prevent data breaches.

For details on this release, see New features.


For a full list of key features in One Identity Safeguard for Privileged Sessions, see Administration Guide.

New features

Screen content search improvements
  • You can now combine content search queries arbitrarily with other search queries. As a result, flow view and quick statistics charts on the Search interface can handle content searches.

  • Reporting subchapters can include reports about specific content search queries (Reporting > Search subchapters).

  • Screen content search is now available in search clusters.

  • Screen content hits are no longer limited to 3000 per query.

Security settings of TLS sessions

You can now uniformly set the TLS security settings of HTTP, RDP, Telnet, and VNC connections, including the permitted ciphers and TLS versions on the <Protocol> Control > Settings pages.

To ensure the security of your sessions, SSL encryption is not supported anymore, only TLS 1.0 and later.

  • Backup and archive policies can now be configured using the REST API.

  • Health status information about the Central Management node and the cluster nodes is now available at the /api/cluster/status endpoint of the node.

Other changes
  • You can now export the search results into a comma-separated values file from the Search > Search page.

  • Backup policies can be configured to run more than once a day.

  • The Central Management node now displays health status information about the cluster nodes.

  • When using X.509 certificates to authenticate on the SPS web interface, SPS can now extract the name of the user from the UserPrincipalName field of the certificate. For details, see "Authenticating users with X.509 certificates" in the Administration Guide.

New documents
  • The documentation of the Safeguard for Privileged Sessions Plugin Software Development Kit (Plugin SDK) is now publicly available at The Plugin SDK provides base classes and services to enable rapid development of Python 3 plugins for the Safeguard for Privileged Sessions (SPS) product. SPS plugins released in the future will use this SDK.

Deprecated features

The following is a list of features that are no longer supported starting with SPS 5.11.

  • Support for the Lieberman ERPM credential store has been deprecated, this feature will be removed from the upcoming SPS 6 LTS release. One Identity recommends to use Safeguard for Privileged Passwords instead. For details, contact our Sales Team.

Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents