New Features -Centrify Privileged Access Service

PAS integration with SailPoint IdentityIQ PAM Module

Combining role-based access control with attestation and remediation from the industry leaders – Centrify and SailPoint

SailPoint IdentityIQ is the industry-leading IAM application focusing on attestation and remediation, access request, and user provisioning.

Centrify’s integration with SailPoint enables organizations to accelerate the adoption of crucial governance and compliance processes for identity and access management.

·        Provisioning users into Centrify PAS Roles or Sets

·        SailPoint PAM Module containers map to Centrify PAS Roles and Sets

o   Provision users into Centrify PAS Roles

o   Grant user permissions on Centrify PAS Sets

·        Attestation of user rights and permissions from PAS

Use and manage secrets in an RBAC hierarchy

Role-based access control is the proven methodology for managing distributed access to critical information.  Centrify adds an RBAC hierarchy to file and text secrets.

• Define who can edit and use Secrets within a Secret and folder hierarchy
• You control:
  • The hierarchy (‘Secret and folder’)
  • Who can edit/use Secrets in which folder
  • Who can create/delete new folders in the hierarchy
  • Who can move Secrets and folders
• Virtually unlimited namespace for Secrets
• Standard for managing Secrets in DevOps
  • Secure API access to hierarchy and Secrets

SailPoint IdentityIQ connector integration enhancements

For customers who enable self-service for their users within SailPoint IdentityIQ, the Centrify Connector Integration offers unique value for self-service access request to systems and accounts managed by PAS.

The connector integration is enhanced to enable access request to Centrify Zone roles, in addition to resources and accounts managed by PAS.

Access request from within SailPoint IIQ to:

• Centrify Zone roles
  • Writes new Zone information to Active Directory
  • User access updates based on agent settings

New UI for system and account tiles in old User Portal

The new Centrify PAS user interface puts a laser focus on managing your IT infrastructure.  IT system and account logins for low privileged users (such as Help Desk) now appear in a user Workspace.

User Portal tiles for PAS systems and accounts are migrated into a new Workspace user interface.

• New “My System Accounts” table in the user Workspace
• Automatically migrates existing tiles
• Portal Login permission is changed to Workspace Login
  • Accounts with this permission will appear in the user Workspace
• Enables users without PAS administrative rights to access systems and accounts
  • Minimizes user interface for these users

Improved DB performance (Cloud deployment only) - Coming in 19.3 release

Performance at enterprise scale is a feature.  Improved PAS architecture and queries for PostgreSQL enable fast page loads and queries for enterprise scale resource and account loads.

• Orders of magnitude improvements for page loads and database queries
• Scales to large enterprise deployment scale
• Requires upgrade to version 19.3 database

New Features - Idaptive Application and End Point Access Service

Please refer to Idaptive for 19.2 updates and release notes. 

Resolved Issues and Behavior Changes

• Improved exception handling and performance optimization for Privileged Access Discovery Job.

For security advisories and known issues, please see attached file.

Note: To receive release notes prior to the monthly product update, subscribe to the Centrify Cloud Highlights and Release Notes Tech Blog. This release information is posted in advance of the release date. Please check back at release time for updates.