Introduction

This document provides information on the updated features and the fixed issues in the Sectona PAM version 4.0.1

What’s New

New Sectona Vault WSSL Proxy Host

  • [SPSL-2340] - Added a new component as Sectona Vault WSSL Proxy Host.

Updates Related to Direct Access

  • [SPSL-2267] + [SPSL-2338] + [SPSL-2357] + [SPSL-2393] - Added a new option to configure notification alerts for direct access to the target server, added a new feature to restrict direct login to the Windows server, added Default Direct Access and Restrict Direct Access in Assets Security Settings, and added a new canned report in analytics as "Asset direct access (last 24 hours)".

Advancements Related to Account Access

  • [SPSL-2354] + [SPSL-1927] - Added a new option to raise a request for account access with a fixed daily time.

  • [SPSL-2353] + [SPSL-2348] - Made changes in the notification template for account access requests with fixed daily time and system license.

New Built-In File Editor for FTP/SFTP-based Account Access

  • [SPSL-2154] - Added a built-in file editor for FTP/SFTP based access type.

Normal

  • [SPSL-2487] - Added a Delete button and Allow Keyboard Interaction checkbox to configure keyboard interaction while performing SSO in Access Type - SSO Sequence.

  • [SPSL-2433] – Updated Firefox engine version from 60.0.50 to 60.0.55.

  • [SPSL-2421] - Added a new option to configure "x display location" in Sectona PuTTY.exe.

  • [SPSL-2393] – Added a new canned report in analytics as "Asset direct access (last 24 hours)".

  • [SPSL-2357] – Added Default Direct Access and Restrict Direct Access in Assets Security Settings.

  • [SPSL-2354] – Added a new feature to request account access with a fixed daily time.

  • [SPSL-2340] – Added a new component as Sectona Vault WSSL Proxy Host.

  • [SPSL-2338] – Added a new feature to restrict direct login to the Windows server.

  • [SPSL-2267] – Added a new option to configure notification alerts for direct access to the target server.

  • [SPSL-2210] – Added an option to validate the ticket before raising the request.

  • [SPSL-2154] – Added a built-in file editor for FTP/SFTP-based access type.

  • [SPSL-1927] – Added an option to raise a request for account access with a fixed daily time and a schedule from and to in the workflow request and approval tab.

Improvements

  • [SPSL-2486] - Implemented changes to allow MFA/OTP support for SSH and SFTP-based sessions.

  • [SPSL-2462] - Added additional parameters in Session Initiated and Session Completed notification template.

  • [SPSL-2458] - Added additional information "Access status: Restricted/Allowed" in the direct access notification.

  • [SPSL-2442] – Added a save option in Sectona Embedded DB Analyzer.

  • [SPSL-2437] – Added an option to use the access key and secret access key in the plugin.

  • [SPSL-2431] – Implemented changes in jump host direct access RDP file name.

  • [SPSL-2407] – Added an option to disable the last video snap and last metadata stored in the live cache table.

  • [SPSL-2353] – Implemented changes to notification template for account access requests with fixed daily time.

  • [SPSL-2348] – Implemented changes to the system license notification template.

  • [SPSL-2345] – Added conditions for Google Authenticator, Microsoft Authenticator, Email OTP, and SMS OTP in User Forget Password.

  • [SPSL-2344] – Updated session history log by adding Jump server details and Browser session drive details.

  • [SPSL-2339] – Implemented changes to handle packet drop issue in session proxy web.

  • [SPSL-2331] – Added Status column for Account groups and User groups.

  • [SPSL-2330] – Added search and filter options in Account Lifecycle along with Navigation.

  • [SPSL-2328] – Added SCIM-based API for user management.

  • [SPSL-2325] – Made changes to restrict requesting user from approving his workflow.

  • [SPSL-2323] – Added account life cycle list as per instance wise. Added list of users and assets in account life cycle instance-wise.

  • [SPSL-2321] – Improved support for RDPD proxy with 64-bit architecture.

  • [SPSL-2319] – Improved performance of built-in data browser.

  • [SPSL-2262] – Added all available trials in the system trial menu (module-wise).

  • [SPSL-2037] – Added Web installer in PAM installer.

  • [SPSL-1590] – Implemented LDAPS protocol support in Directory Store.

Fixed Issues

  • [SPSL-2492] - Fixed an error where the user was unable to see assets with ad accounts information on Asset Dashboard.

  • [SPSL-2491] - Fixed an error where the user was unable to see live sessions on the 205 PAM server.

  • [SPSL-2489] - Fixed an error where the system was not adding the account into the Administrator group while provisioning/elevating the JIT account.

  • [SPSL-2485] - Fixed an error where Sectona PuTTY.exe displayed the account password when the user executed the svdo su command and pressed Enter multiple times.

  • [SPSL-2475] - Fixed errors in communication protocol and Sectona Vault Storage host installer.

  • [SPSL-2473] - Fixed an issue where the account password was visible in the Account lifecycle trail.

  • [SPSL-2470] - Fixed an error where comments were not visible in the Session details.

  • [SPSL-2468] - Fixed an error where source vault detail on satellite vault was unchanged even after vault IP was changed or relocated.

  • [SPSL-2465] - Fixed an issue where the pie chart was too big, and the asset category overlapped with the pie chart.

  • [SPSL-2464] – Fixed UI issues under Reports related to analytics, reporting, and related sections.

  • [SPSL-2453] – Fixed an error where the user's username was saved in capital letters while using import bulk user.

  • [SPSL-2451] – Fixed an error where the Server access policy in Query Repository for (database) and Program Repository for (Windows) did not have validation.

  • [SPSL-2450] – Fixed an error where FTP Session was hanged when Session Proxy/0.0.0.0:22 was on.

  • [SPSL-2449] - Fixed an error "Group Not Found" while creating the account on Sectona PAM.

  • [SPSL-2448] – Fixed an issue where data import failed while adding assets through bulk.

  • [SPSL-2445] - Fixed an issue where the system displayed the deleted account of Windows Active Directory to its linked asset's account list.

  • [SPSL-2443] – Fixed an error where the system was not allowing to login into the target Firewall and showed an error as ‘Access Denied.’

  • [SPSL-2438] – Fixed an error where the system-defined password change process did not work for en account of Cisco OS-based assets.

  • [SPSL-2435] – Fixed an error where the Asset Command Type dropdown under the Query Repository did not fill the selected data.

  • [SPSL-2434] – Fixed an error where the data filter was not working in password manager history.

  • [SPSL-2424] – Fixed an error where the Workflow request UI values reset to default when Access Mode changed.

  • [SPSL-2423] – Fixed an error where Password change/account discovery for Windows asset failed with error as ‘Access Denied.’

  • [SPSL-2411] – Fixed Request Timeout Error in SFTP/FTP client with more than 3000 files in a directory.

  • [SPSL-2392] – Fixed an error where administrative settings enabled even if the license expired.

  • [SPSL-2366] – Fixed an error where the Tags field and User Identity field were already showing data.

  • [SPSL-2364] – Fixed an error where the system was not allowing the administrator to login to the Satellite Vault without an instance.

  • [SPSL-2360] – Fixed an error where Workflow attributes (filters) were getting considered for the maker-checker type of workflow.

  • [SPSL-2356] – Fixed an error where the system was not allowing changes to the Unix Account password with an error "Error: Unknown prompt(Retype): New Password.”

  • [SPSL-2355] – Fixed an error where the system was not allowing to Register or Reset the FIDO Authenticator with an error ‘Invalid multifactor authentication.’

  • [SPSL-2352] – Fixed an error where the approver could not determine for which Asset the account was created when creating an account through the Maker Checker rule.

  • [SPSL-2350] – Fixed an error where the Sectona Vault Storage host crashed randomly.

  • [SPSL-2349] – Fixed an error where the system was not linking the accounts in the newly created Attribute-based Account Group.

  • [SPSL-2347] – Fixed an error where the user did not show up when the last approver was selected.

  • [SPSL-2346] – Fixed an error where the JIT accounts had Update and Delete enabled.

  • [SPSL-2343] – Fixed an error where the video log player speed was not getting changed.

  • [SPSL-2332] – Fixed an error where the Active Directory-based users were not getting added to the group.

  • [SPSL-2315] – Fixed errors and made changes and improvements in canned reports.

  • [SPSL-2305] – Fixed an error where the system accepted invalid IP addresses and IP list characters in Asset Discovery.

  • [SPSL-2195] – Fixed an error where the graphs in analytics were not verified for rendering when data is more.

  • [SPSL-2157] - Fixed an error where the user was redirected to the login page instead of the My Access page when logged in using SAML.