One Identity Safeguard for Privileged Sessions 6.10.0
One Identity Safeguard for Privileged Sessions 6.10.0
22 June 2021, 01:03
These release notes provide information about the One Identity Safeguard for Privileged Sessions release. For the most recent documents and product information, see One Identity Safeguard for Privileged Sessions - Technical Documentation.
One Identity Safeguard for Privileged Sessions Version 6.10.0 is a release with new features and resolved issues. For details, see:
NOTE: For a full list of key features in One Identity Safeguard for Privileged Sessions, see Administration Guide.
The One Identity Safeguard Appliance is built specifically for use only with the Safeguard privileged management software, which is pre-installed and ready for immediate use. The appliance is hardened to ensure the system is secured at the hardware, operating system and software levels. The hardened appliance approach protects the privileged management software from attacks while simplifying deployment and ongoing management -- and shortening the timeframe to value.
Safeguard privileged management software suite
Safeguard privileged management software is used to control, monitor, and govern privileged user accounts and activities to identify possible malicious activities, detect entitlement risks, and provide tamper proof evidence. The Safeguard products also aid incident investigation, forensics work, and compliance efforts.
The Safeguard products' unique strengths are:
One-stop solution for all privileged access management needs
Easy to deploy and integrate
Unparalleled depth of recording
Comprehensive risk analysis of entitlements and activities
Thorough Governance for privileged account
The suite includes the following modules:
- One Identity Safeguard for Privileged Passwords automates, controls and secures the process of granting privileged credentials with role-based access management and automated workflows. Deployed on a hardened appliance, Safeguard for Privileged Passwords eliminates concerns about secured access to the solution itself, which helps to speed integration with your systems and IT strategies. Plus, its user-centered design means a small learning curve and the ability to manage passwords from anywhere and using nearly any device. The result is a solution that secures your enterprise and enables your privileged users with a new level of freedom and functionality.
One Identity Safeguard for Privileged Sessions is part of One Identity's Privileged Access Management portfolio. Addressing large enterprise needs, Safeguard for Privileged Sessions is a privileged session management solution, which provides industry-leading access control, as well as session monitoring and recording to prevent privileged account misuse, facilitate compliance, and accelerate forensics investigations.
Safeguard for Privileged Sessions is a quickly deployable enterprise appliance, completely independent from clients and servers - integrating seamlessly into existing networks. It captures the activity data necessary for user profiling and enables full user session drill-down for forensics investigations.
One Identity Safeguard for Privileged Analytics integrates data from Safeguard for Privileged Sessions to use as the basis of privileged user behavior analysis. Safeguard for Privileged Analytics uses machine learning algorithms to scrutinize behavioral characteristics and generates user behavior profiles for each individual privileged user. Safeguard for Privileged Analytics compares actual user activity to user profiles in real time and profiles are continually adjusted using machine learning. Safeguard for Privileged Analytics detects anomalies and ranks them based on risk so you can prioritize and take appropriate action - and ultimately prevent data breaches.
New features in Safeguard for Privileged Sessions (SPS) version 6.10.0:
The replaying audit trails in your browser option has been enhanced
The replaying audit trails in your browser option has been enhanced with the following:
The video file generation is executed as a background operation and there is no trace of it on the UI. You can play the video file of an audit trail already while the generation is ongoing in the background.
You can follow active sessions in the browser.
In cluster mode, you can play the video files of audit trails not only from the Search Master node, but from the Search Minon nodes as well.
You can store the private keys necessary to decrypt encrypted audit trails and screenshots in your audit keystore. The audit keystore is protected by a master password that you define. The audit keystore is not used to store the certificates that correspond to the private keys added to your keystore. You must add the necessary certificates to the indexer service.
While watching a video file of an audit trail or following an active session, you can copy the content of text-based protocols to the clipboard.
The Automatic refresh option of the details view of the Search interface is now available under User menu > Preferences.
Using Sudo with SPS
With the SPS and Sudo integration, you can collect and analyze Sudo session recordings, called iologs in Sudo terminology, in SPS.
By using SPS to collect and analyze Sudo session recordings, your Sudo recordings are stored and indexed by SPS, and you can use the Search interface, for example, to view the recordings, list commands executed during a Sudo session, and so on.
Enhancements for the Safeguard Desktop Player
The Safeguard Desktop Player has been enhanced with the Preferences menu, which you can use to set the application language, select a keyboard layout, select how you want to display the window title events on the seeker and in subtitles, and so on.
Figure 1: Settings > Preferences
Other changes and improvements
Changes and improvements in Safeguard for Privileged Sessions REST API Reference Guide version 6.10.0
Web gateway authentication: You can use the /web_gateway_authentication endpoint to configure the banner on the login screen before web gateway authentication. For more information, see One Identity Safeguard for Privileged Sessions 6.10 REST API > Basic settings > Logs, monitoring and alerts > Management options > Web gateway authentication.
Upload Telnet pattern sets via REST API: You can now upload Telnet pattern sets via REST API. For more information, see One Identity Safeguard for Privileged Sessions 6.10 REST API > Telnet connections > Telnet pattern sets.
The error details field has been updated in REST API error messages.
The Password parameters table has been updated in One Identity Safeguard for Privileged Sessions 6.10 REST API > Managing SPS > Passwords stored on SPS > Table 4: Password parameters.