News
Abstract
We are proud to announce the electronic general availability of IBM® Security Verify Access, Version 10.0.6 on June 16, 2023, bringing a range of enhancements, features, and fixes to the Verify Access platform.
Content
IBM Security Verify Access Version 10.0.6
IBM Security Verify Access helps organizations securely manage user access and protect applications against fraudulent and unauthorized access across web, mobile, and enterprise infrastructure, including network access and Windows and Unix servers.
The 10.0.6 release marks the sixth maintenance release on the v10 platform and delivers the following updates and enhancements:
- Rate Limit Updates
Expanding on the extensive rate limiting capabilities of previous releases, additional capabilities have been added in this release, the Reverse Proxy can be configured to include HTTP headers in the response that contain rate limit information. It can also be configured to include reaction information in the message log file. - SSH Public Key Authentication
Add to the authentication options to the appliance, administrator SSH access can now be authenticated using public key authentication. - Cloud Init Support
Appliances can now be bootstrapped with Cloud Init for initial network configuration. This should expedite the process for deploying ISVA instances into public, private and other virtualization infrastructure.
- FIDO2/Passkey Enhancements
Continuing our investment in FIDO2 and Passkey technologies from previous releases, v10.0.6 brings a range of improvements to our offering. Updates to the metadata services support, additional request parameters are available in the mediation context, enhancements to the nickname generation process during registration, and custom timeouts on the attestation and assertion timeout.
- Point of contact wizard for ISVA OIDC Container
To speed deployment of the OIDC Provider Container instance, the LMI has a wizard for the configuration of the OP as a point of contact with the ISVA Reverse Proxy.
- API protection
Existing API Protection definitions can now add new grant types, allowing the adoption of more modern grant types in existing deployments. The /token and /introspect endpoints now also support chunked transfer-encoding. - OAuth 2.0 Security Best Practices
A detailed guide is now available to configure your OAuth deployment against the published OAuth Best Practices. - SAML Key Rollover enhancements
Improving the support for multiple keys for SAML federations, settings for key rollovers can be configured on a federation basis.
- IBM Db2 Standard Edition
The IBM Db2 Standard Edition was updated to v11.5.8. - IBM Security Verify Directory
IBM Security Verify Access now bundles IBM Security Verify Directory v10.0.
- Container Registry Changes
IBM Security Verify Access containers are no longer be available on Docker Hub after 31 December 2022.IBM Security Verify Access no longer hosts images on Docker Hub after 31 December 2022. All images are accessed from their new location on IBM Cloud® Container Registry.
This change is a breaking change to many automated deployment pipelines, and administrators must validate and modify their container deployment routines to source these containers from their new location.
For full information on the IBM Security Verify Access Container locations, use one of the following URLs. - Support License - no longer required or issued
The Flexera/Flexnet powered IBM Security License Key and Download Center service used with IBM Security Verify Access - ISVA (and IBM Security Access Manager – ISAM) has been shut down since end of 2022. The associated license files will no longer be issued. This will not have any effect on the products functionality or ability to raise a support ticket. Earlier versions of IBM Security Verify Access will require updates to be downloaded by administrators from IBM Fix Central. For more information, see the following technote.
IBM Security Verify Access OpenID Connect Provider
In 2022, a new dedicated OIDC Component was released.
Critical changes
IBM Security Verify Access now publishes a dedicated page to capture changes that will likely have a significant impact on a deployment during or after an upgrade. See Critical changes.
Product Synonym
IBM Security Verify Access; IBM Security Access Manager; ISAM; ISVA;
Was this topic helpful?
Document Information
Modified date:
15 June 2023
UID
ibm17003529