Release Announcement: Symantec IGA 14.2 CP6 has achieved GA
18046
05 May 2021
05 May 2021
|
The Identity Security Group (IDG) in IMS is pleased to announce that we have achieved GA release for Symantec Identity Governance and Administration (IGA) 14.2 CP6 on 5/4/2021. We would like to extend our sincere thanks to all the global teams for their work and commitment in delivering this release. Congratulations to all the team members and to all involved in making this release a success! Release Highlights The Symantec IGA 14.2 CP6 release comes with many exciting features and enhancements across the Identity Manager, Identity Governance and Identity Portal components that are included in Symantec IGA . Some of the highlighted features and enhancements of this release by product include: Identity Manager: ● Identity Manager Supports SAML 2.0 Integration ● New Voice Message Support When Retrieving a One Time Password ● Support for JBoss 7.2.x and WildFly 15.x ● Manage Active Directory Unix NIS Domain ● Task Sequence Number Cache Size for Task Numbers ● Export Specific Information for an Individual Task Identity Manager Supports SAML 2.0 Integration Security Assertion Markup Language (SAML) is an open standard that allows identity providers (IdP) to pass authorization credentials to service providers (SP). In short, you can use one set of credentials to log into many different websites. It is much simpler to manage one login per user than it is to manage separate logins. For interacting with the IdP (Identity Provider) for SAML flow, the Service Provider (Identity Manager) can sign the Authentication Request (using the configured signing private key) to be sent to IdP and if IdP sends an encrypted response, then Identity Manager should be able to decrypt it (using the configured decryption private key). For more information, see Using SAML 2.0 Authentication. User Role Certification The Identity Manager User Role Certification feature allows an administrator to run user roles (Admin, Access, and Provisioning) certification directly from Identity Manager, including the ability to perform close-loop-remediation (de-provisioning) activities based on the certification reviewer decisions. For more information, see User Roles Certification. New Voice Message Support When Retrieving a One Time Password Users can now request a one-time password from the login screen and receive it as a voice message. *You can only recover a one-time password with a voice message if you are using Twilio. For more information, see Recover the Password or LoginId with a One-Time Password with a Text or Voice Message. Support for JBoss 7.2.x and WildFly 15.x Identity Manager supports JBoss 7.2.x and WildFly 15.x as application servers. To migrate to the latest version of these application servers, refer to Support for JBoss EAP 7.2.x and WildFly 15.x. Manage Active Directory Unix NIS Domain Microsoft has deprecated Identity Management for Unix (IDMU) and NIS Server role starting from Window Server 2016. As a result, starting from Active Directory 2016, the NIS domain is not applicable for managing Unix attributes. Going forward, you must manually provide the Unique Identification (UID) value in the Active Directory template to create UID for Unix domain users. For more details, see Manage Active Directory Unix NIS Domain. Task Sequence Number Cache Size for Task Numbers The Task Sequence Number Cache Size specifies how many values of the sequence the database pre-allocates and keeps in memory for faster access. The Use Task Sequence Number feature uses Oracle and SqlServer native sequences. The migration to use native sequences is handled automatically during Identity Manager Server startup. This migration requires the following Task Persistence Database user rights: ● Create/drop sequence ● Create/replace/drop trigger ● Create/replace/drop procedure For more information, see Task Numbers. Export Specific Information for an Individual Task You can now export specific information for an individual task to a file. You can select a task from the View Submitted Tasks page and then select Export. This action sends an HTML file to your default downloads location, with information about the task’s history, identity policy violations, included events, initiated tasks, as well as prerequisite and subsequent tasks. For more information, see Export Task Information to a File. Certifications Identity Manager release 14.2 CP6 certifies support for the following: ● System for Cross-Domain Identity Manager (SCIM) 2.0 Outbound Connector ● CA Business Intelligence JasperReports Server 7.1.1 For the list of defects that are fixed in Identity Manager 14.2 CP6, view the following link: ● Identity Manager 14.2 CP6 - Fixed Defects Identity Governance: ● Support for Federated Authentication ● Import Using Offline CSV Files ● Increased the Column Size of User, Resource and Role Description Fields ● Support for JBoss 7.2.x and WildFly 15.x Support for Federated Authentication Most enterprises are embracing Security Assertion Markup Language (SAML 2.0) standard for secure single sign-on access to applications in their environment as it offers a range of benefits such as, ● Improved user experience ● Increased security ● Reduced costs ● Supports seamless interoperability between systems, independent of implementations In our effort to help customers adopt SAML 2.0 for fast, simple, and secure access to applications in their environment, we have enabled Identity Governance to be SAML 2.0 compliant. Enterprise users can now seamlessly access the Identity Governance application with SAML 2.0 based secure single sign-on authentication. For more information on how to configure SAML settings in your environment with Identity Governance as the Service Provider and any SAML compliant Identity Provider of your choice, see Single Sign-On Authentication using SAML 2.0. Import Using Merge Now After the initial import of data from Identity Manager to Identity Governance using Import Now (full import), you can use the Merge Now feature for subsequent imports. The Merge Now feature skips the creation of few temporary configurations and comparison process, and merges the differential data directly into the master and model configurations thereby providing the following benefits: ● Reduced import time ● Enhanced system performance For more information, see Import Using Import Now. Import Using Offline CSV Files Identity Governance supports import using offline CSV files for Active Directory endpoint only. First-time import of Active Directory data from Identity Manager to Identity Governance can be done using offline CSV files as it consumes less import time and helps optimize the system performance. As part of the import process, you must generate CSV files with Active Directory data and store them in a defined folder structure. You can then import Active Directory data directly from these offline CSV files. For more information, see Import Using Offline CSV Files. Increased the Column Size of User, Resource and Role Description Fields Identity Governance now allows you to store a maximum of 768 characters in the User custom fields, Resource custom fields and Role Description field. This enhancement will update the Database Schema. Support for JBoss 7.2.x and WildFly 15.x Identity Governance supports JBoss 7.2.x and WildFly 15.x as application servers. To migrate to the latest version of these application servers, refer to Support for JBoss 7.2.x and WildFly 15.x. Certifications Identity Manager release 14.2 CP6 certifies support for the following: ● CA Business Intelligence JasperReports Server 7.1.1 For the list of defects that are fixed in Identity Governance 14.2 CP4, view the following link: ● Identity Governance 14.2 CP4 - Fixed Defects Identity Portal: ● Support for Federated Authentication ● User Roles Certification from Identity Portal ● Support for JBoss 7.2.x and WildFly 15.x Support for Federated Authentication Most enterprises are embracing Security Assertion Markup Language (SAML 2.0) standard for secure single sign-on access to applications in their environment as it offers a range of benefits such as, ● Improved user experience ● Increased security ● Reduced costs ● Supports seamless interoperability between systems, independent of implementations In our endeavour to help customers adopt SAML 2.0 for fast, simple, and secure access to applications in their environment, we have enabled Identity Portal to be SAML 2.0 compliant. Enterprise users can now seamlessly access the Identity Portal application with SAML 2.0 based secure single sign-on authentication. For more information on how to configure SAML settings in your environment with Identity Portal as the Service Provider and any SAML-compliant Identity Provider of your choice, see Single Sign-On Authentication using SAML 2.0. User Roles Certification from Identity Portal A solution administrator can manage the user roles certification either from Identity Manager or from Identity Portal. However, managing the user roles certification from Identity Portal allows easier administration and certification of user roles by Portal administrators and business users from an intuitive and user-friendly interface. The actors that are involved in the user role certification process are, ● Identity Portal Administrator: The Identity Portal administrator creates an interface for the business users to manage and certify user roles. ● Certification Process Manager: A Certification Process Manager is the Identity Manager user with the Certification Process Manager role assigned. An actor with this role is responsible for managing the certification process in an organization. The certification process includes, ○ Starting a certification on a set of users ○ Sending reminders for certification completion ○ Ending a certification ● ● Certify Manager: A Certify Manager is the Identity Manager user with the Certify Manager role assigned. An actor with this role is responsible for certifying user roles in an organization. To learn more about the actions each actor takes to complete the user roles certification process, see User Roles Certification from Identity Portal. Mobile View Enhancement The Mobile View of the certification campaigns in Identity Portal now provides additional information about users and resources that help reviewers in making right certification decisions. The Mobile View displays additional information about a user or resource under a new tab - Information, which includes the same attributes that are displayed in the Desktop View of the certification campaigns. The Information tab displays the default attributes of a user or resource and to view more information, you must click the Show more option. Given below is a sample screen of the certification campaign for a user in mobile interface:
Support for JBoss 7.2.x and WildFly 15.x Identity Portal supports JBoss 7.2.x and WildFly 15.x as application servers. To migrate to the latest version of these application servers, refer to Support for JBoss EAP 7.2.x and WildFly 15.x. For the list of defects that are fixed in Identity Portal 14.2 CP3, view the following link: ● Identity Portal 14.2 CP3 - Fixed Defects Support for Symantec IGA 14.2 has been extended through December 2021. Basic Extended Support may be available for a limited time after the End of Support date. Helpful Resources Broadcom provides resources to help you in the form of education, product documentation, community user group environments and experienced support personnel - please find a sample of these resources at the following locations: ● Symantec IGA Release Notes - Find details about the product features included in this release. To ensure all available materials, please log into the site by using your Broadcom Support ID and password. ● Symantec IGA Support Dates - Find release and support lifecycle dates for all releases of Symantec IGA. Thank you again for your continued business, The Symantec IGA Product Management and Engineering Teams |
|