These release notes provide information about the One Identity Safeguard for Privileged Sessions 6.1 release.
One Identity Safeguard for Privileged Sessions Version 6.1 is a release with new features and resolved issues. For details, see:
For a full list of key features in One Identity Safeguard for Privileged Sessions, see Administration Guide.
The One Identity Safeguard Appliance is built specifically for use only with the Safeguard privileged management software, which is pre-installed and ready for immediate use. The appliance is hardened to ensure the system is secured at the hardware, operating system and software levels. The hardened appliance approach protects the privileged management software from attacks while simplifying deployment and ongoing management -- and shortening the timeframe to value.
Safeguard privileged management software is used to control, monitor, and govern privileged user accounts and activities to identify possible malicious activities, detect entitlement risks, and provide tamper proof evidence. The Safeguard products also aid incident investigation, forensics work, and compliance efforts.
The Safeguard products' unique strengths are:
One-stop solution for all privileged access management needs
Easy to deploy and integrate
Unparalleled depth of recording
Comprehensive risk analysis of entitlements and activities
Thorough Governance for privileged account
The suite includes the following modules:
One Identity Safeguard for Privileged Sessions is part of One Identity's Privileged Access Management portfolio. Addressing large enterprise needs, Safeguard for Privileged Sessions is a privileged session management solution, which provides industry-leading access control, as well as session monitoring and recording to prevent privileged account misuse, facilitate compliance, and accelerate forensics investigations.
Safeguard for Privileged Sessions is a quickly deployable enterprise appliance, completely independent from clients and servers - integrating seamlessly into existing networks. It captures the activity data necessary for user profiling and enables full user session drill-down for forensics investigations.
One Identity Safeguard for Privileged Analytics integrates data from Safeguard for Privileged Sessions to use as the basis of privileged user behavior analysis. Safeguard for Privileged Analytics uses machine learning algorithms to scrutinize behavioral characteristics and generates user behavior profiles for each individual privileged user. Safeguard for Privileged Analytics compares actual user activity to user profiles in real time and profiles are continually adjusted using machine learning. Safeguard for Privileged Analytics detects anomalies and ranks them based on risk so you can prioritize and take appropriate action - and ultimately prevent data breaches.
New features in SPS 6.1:
To help new users, the Basic Search now displays values from the selected time range for default fields, including user.name, server.name, protocol, verdict, and an extra input field for free-text filtering.
Advanced search now highlights the syntax of the search query.
You can now display the various parameters of the sessions in the timeline for quick trend analysis.
If available, the hostname of the client and the target is available in the Client name and Server hostname fields.
One Identity Safeguard for Privileged Sessions now supports auditing WebSocket traffic. Any WebSocket traffic can be controlled and audited, but currently the Safeguard Desktop Player application can replay only VNC over WebSocket traffic. You can export other types of audited WebSocket traffic into PCAP format for external analysis.
Plugins that use the Plugin SDK for Safeguard for Privileged Sessions (SPS) can use the new HTTP proxy settings (Basic Settings > Network > HTTPS proxy).
Plugins deprecated in version 6.0 have been removed from the documentation set. For details on updating your plugins, see Upgrading plugins for One Identity Safeguard for Privileged Sessions version 6.0. If you want to write a new plugin for One Identity Safeguard for Privileged Sessions, use the new Plugin SDK for Safeguard for Privileged Sessions (SPS). For details, see the Plugin SDK for Safeguard for Privileged Sessions (SPS) documentation.
The Safeguard Desktop Player application can replay VNC over WebSocket traffic.
Missing keys raise a warning instead of validation error.
Extra keys passed as part of the JSON do not trigger an error.
When a list of objects is queried, the API will return the entire body of the elements in addition to their individual links. That way you do not have to look for a policy by a specific name or other property. Note that this behavior applies only to the immediate parent nodes of resource objects. For example, querying `/api/configuration/aaa/local_database/users` will return the details of the elements, but querying `/api/configuration/aaa/local_database` will have the same response as before (two links to the `groups` and `users` endpoints).