News
Abstract
We are proud to announce the electronic general availability of IBM® Security Verify Access, Version 10.0.6 on June 16, 2023, bringing a range of enhancements, features, and fixes to the Verify Access platform.
Content
IBM Security Verify Access Version 10.0.6
IBM Security Verify Access helps organizations securely manage user access and protect applications against fraudulent and unauthorized access across web, mobile, and enterprise infrastructure, including network access and Windows and Unix servers.
The 10.0.6 release marks the sixth maintenance release on the v10 platform and delivers the following updates and enhancements:
- Rate Limit Updates
Expanding on the extensive rate limiting capabilities of previous releases, additional capabilities have been added in this release, the Reverse Proxy can be configured to include HTTP headers in the response that contain rate limit information. It can also be configured to include reaction information in the message log file. - SSH Public Key Authentication
Add to the authentication options to the appliance, administrator SSH access can now be authenticated using public key authentication. - Cloud Init Support
Appliances can now be bootstrapped with Cloud Init for initial network configuration. This should expedite the process for deploying ISVA instances into public, private and other virtualization infrastructure.
Advanced Access Control (AAC)
- FIDO2/Passkey Enhancements
Continuing our investment in FIDO2 and Passkey technologies from previous releases, v10.0.6 brings a range of improvements to our offering. Updates to the metadata services support, additional request parameters are available in the mediation context, enhancements to the nickname generation process during registration, and custom timeouts on the attestation and assertion timeout.
Federation (Fed)
- Point of contact wizard for ISVA OIDC Container
To speed deployment of the OIDC Provider Container instance, the LMI has a wizard for the configuration of the OP as a point of contact with the ISVA Reverse Proxy.
- API protection
Existing API Protection definitions can now add new grant types, allowing the adoption of more modern grant types in existing deployments. The /token and /introspect endpoints now also support chunked transfer-encoding. - OAuth 2.0 Security Best Practices
A detailed guide is now available to configure your OAuth deployment against the published OAuth Best Practices. - SAML Key Rollover enhancements
Improving the support for multiple keys for SAML federations, settings for key rollovers can be configured on a federation basis.
For a more complete list of features and changes in the v10.0.6 release, see What's New in the IBM Documentation.
Supporting Program Updates
Some licenses of IBM Security Verify Access bundle supporting software. The following updates to this software were made in this release.
- IBM Db2 Standard Edition
The IBM Db2 Standard Edition was updated to v11.5.8. - IBM Security Verify Directory
IBM Security Verify Access now bundles IBM Security Verify Directory v10.0.
Be aware that IBM Security Directory Server v6.4 and IBM Security Directory Suite v8.0.1 recently announced their future end of support dates and plan accordingly.
Notes and updates from previous releases
- Container Registry Changes
IBM Security Verify Access containers are no longer be available on Docker Hub after 31 December 2022.IBM Security Verify Access no longer hosts images on Docker Hub after 31 December 2022. All images are accessed from their new location on IBM Cloud® Container Registry.
This change is a breaking change to many automated deployment pipelines, and administrators must validate and modify their container deployment routines to source these containers from their new location.
For full information on the IBM Security Verify Access Container locations, use one of the following URLs. - Support License - no longer required or issued
The Flexera/Flexnet powered IBM Security License Key and Download Center service used with IBM Security Verify Access - ISVA (and IBM Security Access Manager – ISAM) has been shut down since end of 2022. The associated license files will no longer be issued. This will not have any effect on the products functionality or ability to raise a support ticket. Earlier versions of IBM Security Verify Access will require updates to be downloaded by administrators from IBM Fix Central. For more information, see the following technote.
IBM Security Verify Access OpenID Connect Provider
In 2022, a new dedicated OIDC Component was released.
IBM Security Verify Access OIDC Provider is a containerized lightweight OIDC provider, which supports advanced OIDC and OAuth standards out of the box and can be deployed and scaled using any modern orchestration system, including Kubernetes. It supports best-in-class security controls and advanced flows, such as pushed authorization request and client-initiated back-channel authentication along with pre-defined security profiles (or recipes) for Open Banking and other compliance.
For more information, see the announcement, or the documentation resources.
Critical changes
IBM Security Verify Access now publishes a dedicated page to capture changes that will likely have a significant impact on a deployment during or after an upgrade. See Critical changes.
To access a wide variety of technical resources for this product, see the IBM Security Verify Access Version 10.0.6 product documentation in IBM Documentation.
Since v10.0.0, entitled customers of IBM Security Verify Access can make use of the IBM Application Gateway to access and protect applications. The IBM Application Gateway is an ultra-lightweight container deployment of the reverse proxy, with declarative configuration and without any runtime dependencies on a policy server or LDAP server. Authentication is performed using a Verify Access OIDC OP deployment (or IBM Security Verify SaaS). For more information about the IBM Application Gateway see the documentation hub.
Are you interested in learning more about the new product features planned for upcoming releases of IBM Security Verify Access? Would you like the opportunity to try a Beta version of an upcoming IBM Security Verify Access release and the ability to give feedback regarding new product features? Are you interested in learning about other IBM Security product offerings?
If you answered “yes” to any of these questions, the IBM Security Agile Client Experience (ACE) program might be the right opportunity for you.
The IBM Security ACE program offers a range of early access programs and prototype feedback sessions for selected IBM Security products including IBM Security Verify Access.
Throughout these interactive programs, the IBM Security development teams deliver resources and/or host sessions to provide participants with an insight into the new features that are being designed and implemented.
When you participate in this program, IBM gives you early access to the design and/or features for your evaluation and feedback before the general availability of the new product releases. The overall goal of the Security ACE program is to garner important feedback from participants to help shape the direction of our products. Participation is free of charge. The content of the program is confidential and is available to interested parties who accept the program terms and conditions.
Getting started is easy! Please register your interest in joining the program using this registration form: http://ibm.biz/security-ace-registration.
Version 10.0.6 is available from Passport Advantage, Fix Central, and the IBM Container Registry.
This technote details the information required to download and access the v10.0.6 release of IBM Security Verify Access and its supporting programs:
IBM Security Verify Access only delivers defect and security updates to the latest current patched (fixed) release. With the release of IBM Security Verify Access v10.0.6, 10.0.6 becomes the ‘current patched release’ where all fixes and patches will be delivered to v10.0.6. For more information, see this notification: https://www.ibm.com/support/pages/node/6453645.
IBM Security Access Manager Gen1 Hardware Appliances (5122-83K) is now End of Support (April 30, 2023). For more information, see this notification: https://www.ibm.com/support/pages/node/872590
Additional Information for IBM Security Verify Access Gen2 Hardware appliance
IBM has announced the end of support date of IBM Security Access Manager and IBM Security Verify Access Gen2 Hardware Appliances (5122-81T) for September 30, 2025. For more information, see this notification: https://www.ibm.com/support/pages/node/872590
IBM Security Access Manager v9.0 is now End of Support. For more information, see this notification: https://www.ibm.com/support/pages/node/6452057.
[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSRGTL","label":"IBM Security Verify Access"},"ARM Category":[{"code":"a8m0z000000cxuHAAQ","label":"Security Verify Access"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"10.0.6"}]
Product Synonym
IBM Security Verify Access; IBM Security Access Manager; ISAM; ISVA;
Was this topic helpful?
Document Information
Modified date:
15 June 2023
UID
ibm17003529