Oracle Privileged Account Manager 11gR2PS3 (188.8.131.52.0) New Features
"Ganesh Kamble" in "OAM, Oracle" on 2015-05-28
Oracle announced the latest release 184.108.40.206.0 of Oracle Identity Management Suite in May 2015. This is the Patch Set 3 release of the 11gR2 series. It adds several new features in identity and access management products such as Oracle Access Manager, Oracle Identity Manager, Oracle Privileged Account Manager, Oracle Adaptive Access Manager, Oracle Entitlements Server and Oracle Mobile Security Suite.
In this post, we will cover the new features added in Oracle Privileged Account Manager 11gR2PS3.
- Connector Server – This feature was already present in the recent releases of Oracle Identity Manager. Identity Connector Servers are used by Identity Connector Framework to allow Oracle Privileged Account Manager to communicate with externally deployed identity connector bundles. These servers are available for Java and Microsoft .Net Framework applications.
- SSH, Windows, SAP UM and SAP UME Targets – We can now manage privileged accounts for additional targets such as SSH, Windows as well as SAP UM and SAP UME for SAP integrated applications. SSH Connectors are used by some of the network devices such as routers, firewalls and hypervisors.
- Agent – Agents can be deployed specifically on the Windows machines to perform a particular set of actions.
- Windows Session Recording – The agent on windows machine records user actions and converts it into a video format which is sent to the Oracle Privileged Account Manager Database periodically in a secured manner.
- Session Recording and Playback – The recorded sessions can be played back in plain text transcript format, interactive transcript format and video format. Only users belonging to admin roles such as Security Admin, User Manager or Security Auditor can view the recordings.
- Password copying to and clearing from the clipboards – The checked out password can be copied to clipboard and cleared once they are not required.
- Enhanced Usage Policies – Usage policy only applies at the level of a grant. It can be configured to restrict the number of tasks the privileged users are allowed to perform during their session access which is controlled by two levels – Session Mode Level and Command Level
- Enhanced Plug-in Framework – Oracle Privileged Account Manager plug-in framework enables you to extend the OPAM functionality like data validation, sending notifications, performing step-up authentication and authorisation, external user authentication etc. The new features include additional filtering rules, fault tolerance using retry support, create-like feature etc.
- Enhanced Reporting Capabilities – Improved reporting user interfaces, additional metrics and search by password age.
- Delegate Administrative Privileges using Resource Groups – A resource group is a collection of targets, accounts and/or other resource groups. They can be used to group the targets, accounts in a logical group and delegate administration to users or user groups.
This is just an overview of the new features added in this release. We will dive deep into majority of them in the subsequent posts.