Idaptive Release 20.5

October 20, 2020 Stas Neyman

Release 20.5, scheduled for October 23, 2020, adds support for token-based authentication for Office 365, Multi-factor Authentication for servers secured by CyberArk Privileged Session Management, and enhanced provisioning for UltiPro.

With release 20.5, CyberArk Idaptive supports the following new features:

 Single Sign-On

 IP address affinity for IWA connections

You can now choose a Connector for your endpoints to connect to based on IP ranges for Integrated Windows Authentication (IWA) connections. Previously, a Connector was selected based on a subnet or at random. Now, you can enforce connections based on specific IP ranges to ensure that endpoints and Connectors are in the same region, which reduces the connection latency.

Token-based authentication for Office 365

The Office 365 application template now supports token-based authentication. Previously, you could use the basic, username and password-based authentication to deploy Office 365 application. Now you can also use a more secure, token-based authentication method. While basic authentication will continue to be supported, CyberArk recommends switching to token-based authentication to ensure uninterrupted provisioning functionality.

Multi-Factor Authentication

MFA for Windows servers secured by PSM

You can now leverage adaptive MFA to secure access to servers protected by Privileged Session Manager (PSM) and Windows Cloud Agent (WCA). This enables you to enforce risk-based MFA access controls, session isolation, and session recording to prevent lateral movement and credential theft within your infrastructure. For example, you can require a user that logs in to CyberArk PSM with their Active Directory credentials and attempts to log in to a server that can only be accessed via an account stored in the vault to supply an OTP code before access to the server is granted.

Lifecycle Management

Enhanced provisioning for UltiPro

You can now leverage Job Title attribute for automatic user provisioning to UltiPro. This allows you to correctly map user information between a source directory, such as Active Directory or Idaptive Directory and UltiPro. To learn more about inbound provisioning for UltiPro, please refer to Inbound Provisioning from UltiPro for more information.

For more information on the 20.5 release, please see Idaptive release notes.

 

Previous Article
Four Reasons to Strengthen Identity Security with SSO
Four Reasons to Strengthen Identity Security with SSO

While it’s widely accepted that the “perimeter is dead,” current realities are forcing many organizations t...

Next Video
Transitioning to Adaptive Access Management
Transitioning to Adaptive Access Management