立即与支持人员聊天
与支持团队交流

One Identity Safeguard for Privileged Sessions 7.0.1.1 LTS - Release Notes

Hardware specifications

One Identity Safeguard for Privileged Sessions appliances are built on high performance, energy efficient, and reliable hardware that are easily mounted into standard rack mounts.

Table 5: Hardware specifications
Product Redundant PSU Processor Memory Capacity RAID IPMI
Safeguard Sessions Appliance 3000 Yes

1x Intel Xeon E3-1275 v6 3.80GHz

2 x 16 GB 4x2 TB NLSAS LSI MegaRAID SAS 9361-4i Single Yes
Safeguard Sessions Appliance 3500 Yes 2x Intel Xeon Silver 4110 2.1GHz 8 x 8 GB 9x2 TB NLSAS 1 x Broadcom MegaRAID SAS 9361-16i + LSI Avago CacheVault Power Module 02 (CVPM02) Kit Yes

The Safeguard Sessions Appliance 3500 is equipped with a dual-port 10Gbit interface. This interface has SFP+ connectors (not RJ-45) labeled A and B, and can be found right of the Label 1 and 2 Ethernet interfaces. If you want faster communication, for example, in case of high data load, you can connect up to two 10Gbit network cards. These cards are not shipped with the original package and have to be purchased separately.

Product licensing

To enable a trial license

  1. Visit the Download Trials page, and navigate to One Identity Safeguard for Privileged Sessions > Download Free trial.

  2. Complete the registration form, and click Download Trial.

  3. You will receive the details on how to access your license key and the download the ISO files in email.

To enable a purchased commercial license

  1. Navigate to My Account > My License Assets on the support portal.
  2. To access your license key, click Retrieve Key next to your product.
  3. Once you have the license keys, navigate to My Account > My Products and click Download next to your product. The Download Software page is displayed.
  4. Download the ISO image (install cdrom) of your product.

If you need help with accessing your license, navigate to the Licensing Assistance page, and follow the instructions on screen.

Upgrade and installation instructions

The One Identity Safeguard for Privileged Sessions appliance is built specifically for use only with the One Identity Safeguard for Privileged Sessions software that is already installed and ready for immediate use.

To upgrade to One Identity Safeguard for Privileged Sessions 7.0.1.1 LTS

For step-by-step instructions on upgrading to SPS 7.0.1.1 LTS, see Upgrade Guide.

NOTE: Due to legal reasons, installation packages of the external indexer application will be available only from the SPS web interface. After SPS versions 6.4 and 6.0.3 are released, the installation packages will be removed from our website.

Caution:

Starting from 6.10.0, SPS (SPS) has changed to hardened SSL settings. As a result, during TLS session establishment, the following items are not considered secure:

  • Private keys and X.509 certificates having RSA or DSA keys shorter than 2048 bits, or ECC keys shorter than 224 bits.

  • Certificates (other than Root CA certificates) with signatures that use the SHA-1 or the MD5 hashing algorithm.

With the hardened SSL settings, SPS will not connect to remote systems that are protected with weak certificates.

You cannot upgrade SPS if your configuration contains insecure certificates, keys or certificate chains in any of the following sections:

  • SPS web interface

  • internal CA certificate

  • connection policy TLS settings

  • client X.509 credentials for external LDAP, SMTP or Syslog connections

  • server X.509 certificates for external SMTP or Splunk servers

  • external indexer credentials (only writable over the REST API)

  • CA certificates in Trusted CA Lists and Trust Stores

Note that the certificates and keys that are used for signing, timestamping, encryption or decryption are not affected by this change.

About LTS releases

This is a long-term-supported (LTS) release.

For more information on the product support, see Product Support - One Identity Safeguard for Privileged Sessions.

For a full description of long-term-supported and feature releases, see Product Life Cycle & Policies - One Identity Safeguard for Privileged Sessions.

If you have a physical appliance based on MBX hardware

One Identity recommends you to upgrade to SPS 7.0.1.1 LTS, if you are not running SPS on Pyramid hardware and any of the following is true:

NOTE: If you do not know the type of your hardware, see If you have a physical appliance based on Pyramid hardware.

  • You wish to take advantage of any of the new features.

  • You are running a previous feature release.

  • You are running a previous long-term-supported release.

If you have a physical appliance based on Pyramid hardware

Do NOT upgrade to SPS 7.0.1.1 LTS if you are running SPS on Pyramid hardware:

Verify successful installation

Navigate to Basic Settings > System > Version details and verify that SPS is running version 7.0.1.1 LTS of the firmware. If not, it means that the upgrade process did not complete properly and SPS performed a rollback to revert to the earlier firmware version. In this case, complete the following steps:

  1. Navigate to Basic Settings > Troubleshooting > Create support bundle and click Create support bundle.

  2. Save the resulting ZIP file.

  3. contact our Support Team and send them the file. They will analyze its contents to determine why the upgrade was not completed and assist you in solving the problem.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级