VIP Enterprise Gateway 9.4 Release Notes
These release notes accompany the delivery of Symantec VIP Enterprise Gateway 9.4.
What’s New in VIP Enterprise Gateway 9.4
This release of VIP Enterprise Gateway supports the following new features:
· Newly-branded user interface for VIP Enterprise Gateway Configuration Console: VIP Enterprise Gateway Configuration Console is available with a newly-branded user interface. The six menu tabs that you can see at the top of the page helps you locate the configuration options easily. The Configuration Summary page displays the summary of the configurations that you have performed. From this page, you can understand the configurations at a glance. Also, you can click the Manage link to start managing the configurations.
· Brand VIP Self Service Portal with your organization's logo: Along with Symantec's branding, your organization can brand VIP Self Service Portal with your organization’s logo. This branding helps your users easily associate with VIP Self Service Portal.
· Sign-in to the Configuration Console using the enterprise directory credentials: In VIP Enterprise Gateway, the console administrators can sign into VIP Enterprise Gateway Configuration Console using their enterprise directory credentials. The Sign in page also displays the name of the User Store that contains the console administrator’s enterprise directory credentials.
· Logging framework enhancements: The logging framework of VIP Enterprise Gateway has been enhanced to:
· Support the display of log messages that are higher than 1024 bytes in size without truncation.
· Support AUDIT logs that are grouped with transaction IDs and session IDs for the configurations performed on the Configuration Console.
· Support a well-defined grammar for the configuration AUDIT log messages to enable their automatic extraction by Security Information and Event Management (SIEM) tools.
· LDAP Directory Synchronization Service Enhancements: VIP Enterprise Gateway allows you to configure multiple instances of LDAP Directory Synchronization Service. This configuration supports the following:
· Load-balancing and failover.
· Synchronization of disparate User Stores independently from different VIP Enterprise Gateway servers.
· Synchronization of the users created through third-party Identity Providers for Self Service Portal.
Also, LDAP Directory Synchronization Service synchronizes the optional attributes that you configure with the User Store to the VIP Service. These optional attributes helps administrators search and identify users in VIP Manager.
· Before you upgrade to VIP Enterprise Gateway 9.4, ensure that the VIP Enterprise Gateway server can access the following URLs:
Issues Addressed in This Release
This release addresses the following issues:
· Deletion of the user records from the VIP Service during the LDAP Directory synchronization operation (SO24418).
· Failure in the Windows registry update to the latest version after the manual upgrade of VIP Enterprise Gateway 9.3 (SO24448).
· Inability to support Tunnel Forwarder and Tunnel Receiver configured in secure mode.
· Inability to support attributes for the Validation server in RADIUS Access Challenge Mode.
· Latency in logging into Self Service portal using Oracle Directory Server.
· Inability to configure group membership (MemberOf) with the attribute Object-ID as group membership filter.
· Inability to support comma as part of the Bind DN user name.
· Inability to retrieve more than ten LDAP group objects when validation server is configured with vendor-specific attributes.
Known Issues and Workarounds
In this website, do the following to search for the known issues and their workarounds:
1. Under the Support tab, in the Validation & ID Protection Service (VIP) Support section, click Knowledge Center.
2. In the Symantec™ Validation and ID Protection Service (VIP) Support page, use the search box: Knowledge Center Search to find the known issues and their workarounds.
The following are the software limitation related to the VIP Enterprise Gateway 9.4 release:
· Inability to support Internet Explorer version 11.
· Deletion of a VIP administrator from the super admin group. If the administrator is part of the super admin group and has mapped to other VIP Administrator Groups in the VIP Service, any action that results in the deletion of the VIP Administrators from the VIP Administrator Groups may also remove the administrator from the super admin group.
· Unpredicted behavior of LDAP Directory Synchronization Service if the User Stores that are not identical are configured as part of the same synchronization cluster.
· Deletion of VIP administrator on renaming the VIP Administrator Group where this administrator is mapped in the VIP service.
· Synchronization of a user object that contains an LDAP attribute with multiple values may repeat in all the LDAP synchronization operations. The user object will be synchronized with the VIP Service even in the absence of any update to it.
The following documents have been updated for this release:
· Symantec VIP Enterprise Gateway 9.4 Release Notes (this document)
· Symantec VIP Enterprise Gateway Installation and Configuration Guide
Note: The VIP Enterprise Gateway Installation and Configuration Guide describes introduction, pre-installation requirements, installation procedures, basic configurations, and description of the features of VIP Enterprise Gateway 9.4.
To understand how to perform tasks associated with the VIP Enterprise Gateway features, refer to the VIP Enterprise Gateway Online help. Click the Help tab that is displayed at the top of the VIP Enterprise Gateway screen to access the VIP Enterprise Gateway Online help.
Copyright © 2011 – 2014 Symantec Corporation. All rights reserved.
Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. VeriSign, VeriSign Trust, and other related marks are the trademarks or registered trademarks of VeriSign, Inc. or its affiliates or subsidiaries in the U.S. and other countries and licensed to Symantec Corporation. Other names may be trademarks of their respective owners.
The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any.
THE DOCUMENTATION IS PROVIDED “AS IS” AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON‐INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.
The Licensed Software and Documentation are deemed to be commercial computer software as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227‐19 "Commercial Computer Software ‐ Restricted Rights" and DFARS 227.7202, et seq. “Commercial Computer Software and Commercial Computer Software Documentation”, as applicable, and any successor regulations. Any use, modification, reproduction release, performance, display or disclosure of the Licensed Software and Documentation by the U.S. Government shall be solely in accordance with the terms of this Agreement.
This document may describe features and/or functionality not present in your software or your service agreement. Contact your account representative to learn more about what is available with this Symantec product.
350 Ellis Street Mountain View,