This document provides information for the updated features and the fixed issues in the Sectona PAM version 3.9.0
Application Proxy Integration in web access
SPSL  + SPSL  + SPSL  + SPSL  – Added Application proxy nodes with help of which system can extend its capabilities to support more than 2 active application nodes at live site in High Availability. Application Proxy will act like proxy node to application node and it will always point to master application node, i.e P1.
SPSL  – Added a new App Service for as Application Proxy Status.
SPSL  – Added a new notification to be sent whenever the master node is changed in High Availability.
Changes in System Licensing Policy
SPSL  + SPSL  + SPSL  + SPSL  – Added a new license as Managed Service Provider (MSP) for the product Sectona Security Platform. For MSP license system will calculate instance wise usage of User, Asset and Account. When the MSP license expires then instance will become inactive.
Integrating In-App Notifications
SPSL  – Added In-App notification in Sectona PAM. A notification icon (bell icon) is placed right-top corner of My Access page. It will load top 10 notifications and there will be option to “Read all notifications”. On click of single notification, notification details like title, time and notification content will appear on the screen. On click of “Read all notifications” user will get redirected the page, where all notifications of user will appear in tabular view like an email.
Protection to passwords with Four-Eye Principle
SPSL  + SPSL  – Added support for Dual Control Password checkout using Four-Eye Principle when Account Authentication Type is Password, and No Approval Checkout is configured.
[SPSL-2257] – Added a new canned report in analytics as "Session statistics (last 24 hours)".
[SPSL-2230] – Added an option as Enforce Default Port for access types for taking session.
[SPSL-2217] – Added a new canned report in analytics as "Password change failed (last 7 days)".
[SPSL-2201] – Added an option to enable Video Log server as Enable Session Video Logs Server in system defaults.
[SPSL-2193] – Added an option to allow Only Console Access for accounts with account type as AD Account.
[SPSL-2183] – Added an option to configure account password update scope in User Access Policy.
[SPSL-2182] – Added an option to update password of accounts that belongs to end user.
[SPSL-2179] – Added a feature to allow Jump Server to use fixed accounts for session.
[SPSL-2158] – Added trail for the activities done in account lifecycle.
[SPSL-2156] – Added an option to configure enforce account password change once session is completed or ended.
[SPSL-2125] – Added an option to exclude account (AD Account) from ad sync.
[SPSL-2121] – Added an option to disable login when accessing from DMZ URL.
[SPSL-2097] – Added a new API to generate URL with token for user to login.
[SPSL-2096] – Added a new API to generate report.
[SPSL-2095] – Added a new API for Account Lifecycle.
[SPSL-2088] – Added an option to view accounts affected in upcoming cycle of reconciliation and rotation policy.
[SPSL-2032] – Added an option to enforce maker checker to update transactions of user, asset and account.
[SPSL-2015] – Added an option to configure Jump Server to use fixed account rather than creating dynamic account for each session.
[SPSL-1794] – Added an feature to force change account password after every session (once session is completed) based on policy.
[SPSL-2268] – Removed FallBack and DR server lables from the notifications of "System High Availability".
[SPSL-2265] – Removed default FTP access type assignment for Windows Server asset type for fresh installation.
[SPSL-2260] – Added option to re-initialize application nodes from UI in High Availability.
[SPSL-2229] – Added ManageEngine ITSM in built-in service desk provider.
[SPSL-2227] – Added Access type and session with Just in Time enforcement filters in Session View.
[SPSL-2208] – Renamed FallBack system role as Fallback in High Availability.
[SPSL-2207] – Added a feature to maintain detailed logs for system high availability operations.
[SPSL-2205] – Added an option to view list of group users in LDAP browser.
[SPSL-2199] – Added relevant information related to identical Assets, Accounts, Users and group in logs.
[SPSL-2190] – Removed validation of user while disabling the user.
[SPSL-2189] – Added an option to delete asset, account and user to delete permanently from the system in system default.
[SPSL-2184] – Added an option to configure text up to 2000 characters in Logon Banner.
[SPSL-2177] – Reduced the launcher client size to 15 MB from 130 MB.
[SPSL-2176] – Removed the default page from Sectona Vault Analyzer to avoid the display of unnecessary data.
[SPSL-2133] – Added process improvisation to calculate dynamic mapping for single group with respective user/account and do mapping at the same time for user and account group mapping.
[SPSL-2129] – Added Ensure First Char, Ensure Last Char, Ensure Middle Char parameters in Password Policy.
[SPSL-2123] – Added multiple collaboration details on Session Details popup window.
[SPSL-2118] – Added a cleanup process for jump server local account.
[SPSL-1813] – Added an option to permanently delete asset, account and user from the system.
[SPSL-1246] – Added support for domain-based account to login on Jump Server with Windows Credential Provider.
[SPSL-2314] – Fixed issue wherein the system was sending mail for with wrong body content and no password for Four-Eye Principle.
[SPSL-2312] – Fixed issue where the canned report for "Password change failed ( last 7 days )" was showing no data in Analytics.
[SPSL-2309] – Fixed issue where the full video was not getting recorded for some sessions.
[SPSL-2308] – Fixed issue where the user was getting 403 internal error and was redirected to the login page when clicked on custom report to see the report after creating a report using report designer.
[SPSL-2307] – Fixed issue wherein the Logon Banner text max limit was 1000 words instead of 2000 words.
[SPSL-2306] - Fixed issue where the live session and activity graph was missing on Session View and Session Details Page.
[SPSL-2282] – Fixed issue wherein the session history logs were showing invalid data in logs.
[SPSL-2281] – Fixed issue wherein the notification service was triggering emails older than service start time.
[SPSL-2280] – Fixed issue wherein the account password change process in password change job was getting triggered multiple times.
[SPSL-2278] – Fixed issue wherein the Tags , Primary , Secondary IP address fields were missing in maker checker on My Access page.
[SPSL-2261] – Fixed issue where the system was onboarding all the accounts along with Excluded Accounts while performing account Discovery.
[SPSL-2258] – Fixed issue where the system was accepting invalid port number while updating assets through bulk.
[SPSL-2252] – Fixed issue where the SSH key-based authentication was not working in Sectona PuTTY.exe.
[SPSL-2228] – Fixed issue where the From-To filter was not working properly for session view list.
[SPSL-2226] – Fixed issue where the system was allowing to add users more than the number licensed users.
[SPSL-2225] – Fixed issue wherein the changes done in permissions of filtered access types gets applied for all access types.
[SPSL-2223] – Fixed issue wherein the session(s) running count was always showing 0 except local session proxy and jump server.
[SPSL-2204] – Fixed issue where the process server was not processing requests for more than 30 minutes.
[SPSL-2202] – Fixes issue where the Backup At option was missing from system backup configuration.
[SPSL-2200] – Fixed issue where the Help text on login page was not getting changed as per the recent configuration.
[SPSL-2194] – Fixed issue wherein the blank pages was show when the user instances were not synced in Satellite vault.
[SPSL-2191] – Fixed issue where the user was unable to save email address except firstname.lastname@example.org in SAML configuration.
[SPSL-2175] – Fixed issue wherein the password change was getting triggered multiple times on same day even if the policy was configured as monthly.
[SPSL-2173] – Fixed UI issue related to header fonts in proxy server NAT configuration.
[SPSL-2172] – Fixed PAM dashboard issue related to wrong labels for embedded database.
[SPSL-2171] – Fixed issue where the user was not able to receive email through Sectona Notification Service for Session Proxy Started and Session Proxy Stopped.
[SPSL-2164] – Fixed issue of too many redirects due to load balancer in PAM.
[SPSL-2159] – Fixed issue where the system was asking for ticket number while taking any session even if account group and service desk integration configuration was disabled.
[SPSL-2150] – Fixed issue wherein the multiple task buckets were getting created for more than one users delegated.
[SPSL-2149] – Fixed issue wherein the system was showing user task already exist even if it was not created while creating task for telnet.
[SPSL-2148] – Fixed issue here the user task information was not getting displayed in Tasks.
[SPSL-2141] – Fixed issue with the timeout exception in services "AssetADSyncService" and "UserManagementService".
[SPSL-2140] – Fixed issue wherein the user was needed to upload id_rsa Key file again and again while updating SSH Key account.