IBM Security Verify Access v10.0.2 Release Notification

Content

IBM Security Verify Access Version 10.0.2

IBM Security Verify Access helps organizations securely manage user access and protect applications against fraudulent and unauthorized access across web, mobile, and now enterprise infrastructure, including network access and Windows and Unix servers.

The 10.0.2 release marks the third release on the v10 platform and delivers a range of enhancements including:

• New dedicated container images
  The single verify-access image has now been split out into specific role based containers – Reverse Proxy, AAC/Fed, DSC.
  These new images bring improved resource consumption, reduced startup times, and reduced privilege requirements which allow the new containers to run with standard security privileges.
• IBM Verify Gateway Support
  IBM Security Verify Access multifactor mechanisms can now be used to protect RADIUS clients (VPN Servers etc), Linux and Unix Servers and Windows Servers using the IBM Verify Gateway components available on the IBM Security App Exchange.
• OAuth 2 Token Exchange
  Token Exchange can now be enabled as OAuth2 grant type based on RFC8693 on IBM Security Verify Access. See OAuth 2.0 and OIDC workflows. Additionally, the Verify Access platform now natively supports the PS signing algorithm when handling JWTs.
• Proxy Protocol Support
  The web reverse proxy now supports the ‘proxy protocol’ for the receipt of connection information from a proxy which sits in front of the Web reverse proxy.
• Junctioned Servers Priority
  It is now possible, when configuring a junctioned server in the Web Reverse Proxy, to specify a priority value for the server.
• Improvements to logging, auditing, and troubleshooting
  A range of enhancements, including rsyslog protocol updates, JSON audit logging formatting, AWS Cloudwatch support, LMI Access logging, and per junction snoop trace continue to improve the monitoring of the Verify Access platform.
• Session Persistence
  AAC and Federation session persistence can now use Redis (Reverse Proxy support for Redis was delivered in v10.0.1), and a new configuration page is available in the LMI for simple configuration of the session persistence mechanisms for each use case.

For a more complete list of features and changes in the v10.0.2 release, visit the Whats New page in the IBM Documentation.

To access a wide variety of technical resources for this product, see the IBM Security Verify Access Version 10.0.2 product information in the IBM Documentation.

IBM Application Gateway

Since v10.0.0, entitled customers of IBM Security Verify Access can make use of the IBM Application Gateway to access and protect applications. The IBM Application Gateway is an ultra-lightweight container deployment of the reverse proxy, with declarative configuration and without any runtime dependencies on a policy server or LDAP server. Authentication is performed using a traditional Verify Access deployment and handled via OpenID Connect. For more information about the IBM Application Gateway see the documentation hub.

Downloading the product and assemblies

Version 10.0.2 is available from Passport Advantage, Fix Central, and Docker Hub.

This technote details the information required to download and access the v10.0.2 release of IBM Security Verify Access and its supporting programs: https://www.ibm.com/support/pages/node/6434111.

Upgrading/Staying in support:

IBM Security Verify Access only delivers defect and security updates to the latest current patched (fixed) release. With the release of IBM Security Verify Access v10.0.2, all fixes and patches will be delivered to v10.0.2.

Additional Information for IBM Security Access Manager V9.0:

In case you missed it, IBM has announced the end of support date of IBM Security Access Manager v9.0 for April 30, 2022. For more information, see this notification: https://www.ibm.com/support/pages/node/6452057.