立即与支持人员聊天
与支持团队交流

One Identity Safeguard for Privileged Sessions 6.0.4 - Release Notes

Release Notes

One Identity Safeguard for Privileged Sessions 6.0

Release Notes

February 2020

These release notes provide information about the One Identity Safeguard for Privileged Sessions 6.0 release.

Topics:

About this release

One Identity Safeguard for Privileged Sessions Version 6.0 is a long-term supportedfeature release with new features and resolved issues. For details, see:

NOTE:

For a full list of key features in One Identity Safeguard for Privileged Sessions, see Administration Guide.

About the Safeguard product line

The One Identity Safeguard Appliance is built specifically for use only with the Safeguard privileged management software, which is pre-installed and ready for immediate use. The appliance is hardened to ensure the system is secured at the hardware, operating system and software levels. The hardened appliance approach protects the privileged management software from attacks while simplifying deployment and ongoing management -- and shortening the timeframe to value.

Safeguard privileged management software suite

Safeguard privileged management software is used to control, monitor, and govern privileged user accounts and activities to identify possible malicious activities, detect entitlement risks, and provide tamper proof evidence. The Safeguard products also aid incident investigation, forensics work, and compliance efforts.

The Safeguard products' unique strengths are:

  • One-stop solution for all privileged access management needs

  • Easy to deploy and integrate

  • Unparalleled depth of recording

  • Comprehensive risk analysis of entitlements and activities

  • Thorough Governance for privileged account

The suite includes the following modules:

  • One Identity Safeguard for Privileged Passwords automates, controls and secures the process of granting privileged credentials with role-based access management and automated workflows. Deployed on a hardened appliance, Safeguard for Privileged Passwords eliminates concerns about secured access to the solution itself, which helps to speed integration with your systems and IT strategies. Plus, its user-centered design means a small learning curve and the ability to manage passwords from anywhere and using nearly any device. The result is a solution that secures your enterprise and enables your privileged users with a new level of freedom and functionality.
  • One Identity Safeguard for Privileged Sessions is part of One Identity's Privileged Access Management portfolio. Addressing large enterprise needs, Safeguard for Privileged Sessions is a privileged session management solution, which provides industry-leading access control, as well as session monitoring and recording to prevent privileged account misuse, facilitate compliance, and accelerate forensics investigations.

    Safeguard for Privileged Sessions is a quickly deployable enterprise appliance, completely independent from clients and servers - integrating seamlessly into existing networks. It captures the activity data necessary for user profiling and enables full user session drill-down for forensics investigations.

  • One Identity Safeguard for Privileged Analytics integrates data from Safeguard for Privileged Sessions to use as the basis of privileged user behavior analysis. Safeguard for Privileged Analytics uses machine learning algorithms to scrutinize behavioral characteristics and generates user behavior profiles for each individual privileged user. Safeguard for Privileged Analytics compares actual user activity to user profiles in real time and profiles are continually adjusted using machine learning. Safeguard for Privileged Analytics detects anomalies and ranks them based on risk so you can prioritize and take appropriate action - and ultimately prevent data breaches.

New features

New features in SPS 6.0.4:
Value range of Disk space fill-up prevention is now limited

The value range of Disconnect clients when disks are: x percent used field in Basic Settings > Management > Disk space fill up prevention is now limited to 50-98 percent.

For more information, see Preventing disk space fill-up.

REST API improvements
  • You can now check the synchronization status of cluster nodes. The value of the sync_status field displays whether the configuration of the SPS cluster node is synchronized with the configuration of the Central-Management node.

    In addition to the REST API, the following has changed on the SPS UI:

    NOT FETCHED has been added as a new status to Basic Settings > Cluster management > Cluster management status.

Other improvements
  • Starting from SPS versions 6.0.4 and 6.5.0, certificates with SHA1-based signatures are no longer trusted for Active Directory or LDAP authentication.

New features in SPS 6.0:
Search interface

The classic search interface of SPS is deprecated. If you have not used the new search interface before, read about its main changes compared to the classic search.

To search in the contents of a single session, you cannot use the details > contents tab of the Search interface anymore (except for sessions recorded before the upgrade). For new sessions, download the audit trail and use the search in the Safeguard Desktop Player application. Note that you can search in the contents of audit trails from the web interface, just not for specifics within a single session.

Support for new hardware appliances

Version 6.0.4 supports the new Safeguard Sessions Appliance 3000 and 3500 appliances. For the technical details of these appliances, see "Hardware specifications" in the Installation Guide.

LDAP

LDAP and Active Directory policies can be configured more flexibly to check group memberships. Also, to help troubleshoot LDAP-related issues, detailed documentation about how SPS resolves user IDs and group memberships has been added to the documentation.

Plugins

Old credential store and authentication plugins are deprecated and will not be supported in upcoming releases. For details on updating your plugins, see Upgrading plugins for One Identity Safeguard for Privileged Sessions version 6.0.

If you want to write a new plugin for One Identity Safeguard for Privileged Sessions, you can use the new Plugin SDK for Safeguard for Privileged Sessions (SPS). For details, see the Plugin SDK for Safeguard for Privileged Sessions (SPS) documentation.

A new plugin is available for RADIUS multi-factor authentication. For details, see RADIUS Multi-Factor Authentication - Overview and RADIUS Multi-Factor Authentication - Tutorial.

Join SPS to SPP

You can join your One Identity Safeguard for Privileged Sessions (SPS) deployment to your One Identity Safeguard for Privileged Passwords (SPP) deployment using the SPS web interface. For details, see "Joining SPS to SPP" in the Administration Guide.

New Splunk application

To better integrate SPS with Splunk, a new Splunk app and addon is available. For details, see Using Splunk with One Identity Safeguard for Privileged Sessions.

Installing support hotfixes

To solve problems you might encounter when using SPS faster and easier, it is now possible to upload individual hotfix packages to SPS if needed. For details, see "Support hotfixes" in the Administration Guide.

Desktop Player

For audit trails of graphical session created and indexed with SPS 6.0, you can use the Safeguard Desktop Player application to search in the contents of the audit trail. For details, see Safeguard Desktop Player User Guide.

REST API
  • Health information about standalone SPS nodes is available on the /api/health-status endpoint.

Changes in the external indexer
NOTE:

Due to legal reasons, installation packages of the external indexer application will be available only from the SPS web interface. After SPS versions 6.4 and 6.0.3 are released, the installation packages will be removed from our website.

Enhancements
自助服务工具
知识库
通知和警报
产品支持
下载软件
技术说明文件
用户论坛
视频教程
RSS订阅源
联系我们
获得许可 帮助
技术支持
查看全部
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级