What's new

IBM® Security SiteProtector™ System Version 3.1.1 contains new and enhanced features.

Single sign-on and two-factor authentication

You can now configure SiteProtector to use your Windows credentials to log you in to SiteProtector. The existing, manually configured, two-factor authentication takes precedence over the new Windows authentication feature. If you use two-factor authentication but want to use Windows authentication instead, archive and remove the existing authentication.xml file from the \ISS\SiteProtector\Application Server\config folder.

SiteProtector Console

You can now run the SiteProtector Console without having administrator rights. If you run the Console without administrator rights, and you attempt an action that requires those rights, you must authenticate before you perform the action. You need to have Windows Administrator permission to apply Core or Console updates (XPUs).

Dual Authorization and quarantine rules

Dual authorization is now available for creating, promoting, enabling, and disabling quarantine rules. Dual authorization, introduced in SiteProtector version 3.1.0, controls whether certain actions require the approval of a second party.

New health checks

The following health checks are new:

Health check alert for the Agent Manager when certificates are close to expiring
Health check alert for the X-Press Update Server when certificates are close to expiring

Notifications about certificate expiration health checks can be set to repeat periodically.

Certificate changes and new Certificate Management tool

You can now explicitly check for revoked certificates. Also, any communication session that fails due to a revoked certificate is now logged.

A new Certificate Management tool that you can use to create and maintain certificates is available in the IBM Security License key and Download Center at https://ibmss.flexnetoperations.com. To access the tool:

Select Download.
Select IBM Security SiteProtector System.
Select SiteProtector v3.1.1.
Select Accessories.
Download and install the Certificate Management tool.

Usage instructions are included with the Certificate Management tool.

New and changed permissions

There is a new "Manage Email Settings" permission that controls whether you can specify an email server or configure email notifications. By default, the "Manage Email Settings" permission is assigned to the Administrator and Analyst user groups.

The "Manage User Sessions" permission was changed to "Manage Login and Sessions" permission. The "Manage Login and Sessions" permission now controls the following System Administration settings:

Configuring the Console timeout settings (in Session Management)
Configuring maximum concurrent Console sessions (in Session Management)
Configuring login banner options (in Login Settings)
Monitoring active sessions (in Active Sessions)

By default, the "Manage Login and Sessions" permission is assigned to the Administrator user group.

Configuration for notifications

Configuration for notifications was moved from the Notifications Console option to Email Settings > Notification Configuration. Notification categories were changed from severity levels to clearer descriptions: Informational, Health warning, and Health failure.

Integrity of archived events and audit events

Archive integrity is now enforced for archived events and for the Event Archiver. Archive integrity is checked when you import archived events. The integrity of audit events is also protected and is now shown in audit reports.

Event Viewer removed

The Event Viewer and all references to it in the online help were removed.

Event analysis time zone offsets

The Event Analysis Time Zone Offset provides more accurate event data reporting for time zones that have minute offsets such as India Standard Time (UTC+5:30). Due to the way event data is summarized, there can be a difference between summary event data and detailed event data. If your time zone has a minute offset, you can now specify that offset to improve the consistency of the reported summary and detailed event data.

Currency

The SiteProtector System is now supported on:

Windows Server 2012 R2 Standard and Enterprise editions
SQL Server 2014 Standard and Enterprise editions

The Java™ Runtime Environment (JRE) was updated to Java 1.7.0 SR7 FP1.

Selecting multiple licenses

You can now select multiple licenses to remove when you replace them.

PDF documentation

The contents of the SP3001 Hardware Configuration Guide were integrated into the SiteProtector System online help in the new SiteProtector System appliances node.

Except for a few PDF guides specific to the SP3001 appliance, all other SiteProtector PDF guides were eliminated. The content that they contained is integrated into the online help.

Online help changes

The SiteProtector System appliances node was added to the online help and includes all SP3001 Hardware Configuration Guide content.

All of the System Administration tasks in the System view are now grouped under Configuring > Configure System Administration options.

The Welcome page for the online help now includes new links:

"Documentation for supported agents and appliances" topic
"Appliance Battery Removal Instructions (for qualified professionals only)" topic
"SiteProtector System appliances" section

The SiteProtector PDF topic now clarifies that the only available PDF files are for the appliances. Guidance is provided so that you can create your own customized PDF files from the IBM Knowledge Center.