IBM® Security SiteProtector™ System Version 3.1.1 contains new and enhanced features.
Single sign-on and two-factor authentication
You can now configure SiteProtector to use your Windows credentials to log you in to SiteProtector. The existing, manually configured, two-factor authentication takes precedence over the new Windows authentication feature. If you use two-factor authentication but want to use Windows authentication instead, archive and remove the existing authentication.xml file from the \ISS\SiteProtector\Application Server\config folder.
SiteProtector Console
You can now run the SiteProtector Console without having administrator rights. If you run the Console without administrator rights, and you attempt an action that requires those rights, you must authenticate before you perform the action. You need to have Windows Administrator permission to apply Core or Console updates (XPUs).
Dual Authorization and quarantine rules
Dual authorization is now available for creating, promoting, enabling, and disabling quarantine rules. Dual authorization, introduced in SiteProtector version 3.1.0, controls whether certain actions require the approval of a second party.
New health checks
Certificate changes and new Certificate Management tool
You can now explicitly check for revoked certificates. Also, any communication session that fails due to a revoked certificate is now logged.
New and changed permissions
There is a new "Manage Email Settings" permission that controls whether you can specify an email server or configure email notifications. By default, the "Manage Email Settings" permission is assigned to the Administrator and Analyst user groups.
Configuration for notifications
Configuration for notifications was moved from the Notifications Console option to Email Settings > Notification Configuration. Notification categories were changed from severity levels to clearer descriptions: Informational, Health warning, and Health failure.
Integrity of archived events and audit events
Archive integrity is now enforced for archived events and for the Event Archiver. Archive integrity is checked when you import archived events. The integrity of audit events is also protected and is now shown in audit reports.
Event Viewer removed
The Event Viewer and all references to it in the online help were removed.
Event analysis time zone offsets
The Event Analysis Time Zone Offset provides more accurate event data reporting for time zones that have minute offsets such as India Standard Time (UTC+5:30). Due to the way event data is summarized, there can be a difference between summary event data and detailed event data. If your time zone has a minute offset, you can now specify that offset to improve the consistency of the reported summary and detailed event data.
Currency
Selecting multiple licenses
You can now select multiple licenses to remove when you replace them.
PDF documentation
The contents of the SP3001 Hardware Configuration Guide were integrated into the SiteProtector System online help in the new SiteProtector System appliances node.
Except for a few PDF guides specific to the SP3001 appliance, all other SiteProtector PDF guides were eliminated. The content that they contained is integrated into the online help.
Online help changes
The SiteProtector System appliances node was added to the online help and includes all SP3001 Hardware Configuration Guide content.
All of the System Administration tasks in the System view are now grouped under Configuring > Configure System Administration options.
The SiteProtector PDF topic now clarifies that the only available PDF files are for the appliances. Guidance is provided so that you can create your own customized PDF files from the IBM Knowledge Center.