Imprivata Privileged Access Management Product Update 2.3.202107182259

July 18, 2021

This update added the option to mass reschedule selected jobs using Jobs History Report for the repeated execution, added the option to cancel or defer periodically scheduled jobs to retain the password of a checked-out record

Added the option to mass reschedule selected jobs

The update adds the Job History report option to select several jobs in the list and use Bulk Actions / Reschedule to mass reschedule selected jobs for the repeated execution.

The option allows repeating failed jobs after resolving underlying network issues as well as simplifies troubleshooting job execution by allowing to quickly mass reschedule jobs to re-execute.

Added the option to cancel or defer periodically scheduled jobs for checked out records

The update adds the option to cancel or defer periodically scheduled jobs for checked out records. The option allows retaining the current password on record for the checked-out records when the password is used to perform network activities.

The option is controlled by the global parameter Periodic Jobs Execution When Checkout. The following options are available:

• Proceed – Periodic jobs will be executed even if the record is checked out. This is the default setting.
• Cancel – Periodic jobs will be cancelled at the time of scheduled execution if the record is checked out. This option allows the record to remain intact during the time it is checked out such as password values. The option relies on the necessary jobs being scheduled during the Check-In process.
• Defer – Periodic jobs will be deferred to the request expiration time if the record is checked out. This option allows the record to remain intact during the time it is checked out deferring jobs until the request has expired and the record is checked in.

Added the option to forward Remote Session Manager traffic from the master nodes through remote Universal Proxy

The update adds the option to proxy both WEB and Native remote session manager traffic from the master node using a single Universal Proxy port.

The option allows exposing all remote node services using a single port to better control firewall configuration.

The option also allows configuring remote WEB Session Manager to require master node authentication using a key common between master and remote node given by system property cas.tgc.crypto.signing.key

In addition to Universal Proxy connections to remote WEB and Native session managers, the update added the option to expose HTTP Proxy on the master nodes through the universal proxy interface together with RDP and SQL Proxy for better control of the network traffic on the firewall and load balancer.

Universal Proxy options are controlled the following global parameters that could be overridden by system properties in case of disconnected remote node configurations:

• Universal Proxy – Enabled or disabled universal proxy service. System parameter: xta.proxy.universal=enabled|disabled
• Universal Proxy Port – Defines custom port for universal proxy service (default: 2017). System parameter: xta.proxy.universal=enabled|disabled
• Universal Proxy HTTP Forwarding – Enables Native Session Manager and HTTP Proxy port forwarding. System parameter: xta.proxy.universal.forward.http=enabled|disabled
• Universal Proxy HTTP Forwarding Host – Defines Native Session Manager and HTTP Proxy port forwarding host (default: 127.0.0.1:8081). System parameter: xta.proxy.universal.forward.http.host=host:port
• Universal Proxy Session Manager Forwarding – Enables WEB Session Manager port forwarding. System parameter: xta.proxy.universal.forward.sm=enabled|disabled
• Universal Proxy Session Manager Forwarding Host – Defines WEB Session Manager port forwarding host (default: 127.0.0.1:4822). System parameter: xta.proxy.universal.forward.sm.host=host:port
• Universal Proxy HTTP Forwarding Use SSL – Enables SSL communication with WEB Session Manager. System parameter: xtam.proxy.universal.forward.sm.ssl=enabled|disabled