One Identity Safeguard for Privileged Sessions 6.3.0

The One Identity Safeguard Appliance is built specifically for use only with the Safeguard privileged management software, which is pre-installed and ready for immediate use. The appliance is hardened to ensure the system is secured at the hardware, operating system and software levels. The hardened appliance approach protects the privileged management software from attacks while simplifying deployment and ongoing management -- and shortening the timeframe to value.

Safeguard privileged management software suite

Safeguard privileged management software is used to control, monitor, and govern privileged user accounts and activities to identify possible malicious activities, detect entitlement risks, and provide tamper proof evidence. The Safeguard products also aid incident investigation, forensics work, and compliance efforts.

The Safeguard products' unique strengths are:

One-stop solution for all privileged access management needs
Easy to deploy and integrate
Unparalleled depth of recording
Comprehensive risk analysis of entitlements and activities
Thorough Governance for privileged account

The suite includes the following modules:

One Identity Safeguard for Privileged Passwords automates, controls and secures the process of granting privileged credentials with role-based access management and automated workflows. Deployed on a hardened appliance, Safeguard for Privileged Passwords eliminates concerns about secured access to the solution itself, which helps to speed integration with your systems and IT strategies. Plus, its user-centered design means a small learning curve and the ability to manage passwords from anywhere and using nearly any device. The result is a solution that secures your enterprise and enables your privileged users with a new level of freedom and functionality.
One Identity Safeguard for Privileged Sessions is part of One Identity's Privileged Access Management portfolio. Addressing large enterprise needs, Safeguard for Privileged Sessions is a privileged session management solution, which provides industry-leading access control, as well as session monitoring and recording to prevent privileged account misuse, facilitate compliance, and accelerate forensics investigations.

Safeguard for Privileged Sessions is a quickly deployable enterprise appliance, completely independent from clients and servers - integrating seamlessly into existing networks. It captures the activity data necessary for user profiling and enables full user session drill-down for forensics investigations.
One Identity Safeguard for Privileged Analytics integrates data from Safeguard for Privileged Sessions to use as the basis of privileged user behavior analysis. Safeguard for Privileged Analytics uses machine learning algorithms to scrutinize behavioral characteristics and generates user behavior profiles for each individual privileged user. Safeguard for Privileged Analytics compares actual user activity to user profiles in real time and profiles are continually adjusted using machine learning. Safeguard for Privileged Analytics detects anomalies and ranks them based on risk so you can prioritize and take appropriate action - and ultimately prevent data breaches.

New features

Release Notes > New features

New features in SPS 6.3:

Improved window title detection

Detecting window titles now supports detecting multiple windows on a screen. Also, window titles are detected on every default theme of the supported Windows versions. For details, see "Configuring the internal indexer" in the Administration Guide.

New plugin for HashiCorp Vault

A new plugin is available to automatically retrieve user credentials for the server-side connections from your HashiCorp Vault deployment. For details, see Hashicorp Vault as Credential Store.

Plugin improvements

The One Identity Starling Two-Factor Authentication plugin is now able to cache user IDs and other information to speed up the authentication process.

NOTE:

Version 2.2.0 and later of the One Identity Starling Two-Factor Authentication plugin works only if you have joined your SPS deployment to Starling.

If you want use version 2.2.0 and later of the One Identity Starling Two-Factor Authentication plugin, complete the "Joining to One Identity Starling" in the Administration Guide procedure before upgrading the plugin.

The plugin SDK now contains a service that plugin creators can use to store data temporarily to improve the performance of the plugin. For details, see MemoryCache in the SDK documentation.

New key exchange algorithms in SSH

For the audited SSH traffic, the following new keyexchange (KEX) algorithms are supported: diffie-hellman-group14-sha256, diffie-hellman-group15-sha512, diffie-hellman-group16-sha512, diffie-hellman-group17-sha512, diffie-hellman-group18-sha512. Note that these algorithms are not enabled by default, you can add it to the list of permitted algorithms at SSH Control > Settings > Algorithm settings > KEX algorithms. For details, see "Supported encryption algorithms" in the Administration Guide.

REST API improvements

Non-admin users can now change their passwords by using the /api/user/password endpoint of the API. For details, see "Passwords stored on SPS" in the REST API Reference Guide.

In addition to PKCS-1 keys, you can now upload keys in the PKCS-8 format as well.

Microsoft Azure Sentinel integration

The universal SIEM forwarder is now Microsoft Azure Sentinel compatible. For further details, see the relevant documentation.

Self Service Tools: Knowledge Base; Notifications & Alerts; Product Support; Software Downloads; Technical Documentation; User Forums; Video Tutorials; RSS Feed

Contact Us: Licensing Assistance; Technical Support; View All

Please select your product:

To serve you better, please complete the Purpose of your Chat:

Recommended Solutions for Your Problem

One Identity Safeguard for Privileged Sessions 6.3.0 - Release Notes

Release Notes

One Identity Safeguard for Privileged Sessions 6.3

Topics:

About this release

About the Safeguard product line