RSA^® Governance & Lifecycle

Article Number 000068263 Applies To This is a known issue in the following versions: RSA Identity Governance & Lifecycle 7.5.0 P08 SecurID Governance & Lifecycle 7.5.2 P04 Issue After Navigating to Approvals/Activities and Upon clicking on the change request link and then if you expand the option of 'Additional information' there, the content of this expanded additional information is not displayed, recursive view with the same information from the initial popup of "change request link" is displayed again. As per the below screenshot, recursive view with the same information from the initial popup of "change request link" is displayed again after expanding "Additional Information" Image description and the below error message in aveksaServer.log, 08/10/2023 08:44:44.519 ERROR (default task-4) [com.aveksa.gui.pages.changeRequest.detail.ChangeRequestDetailHelper] Exception occurred while rendering the Addional information.[Ljava.lang.StackTraceElement;@268223a2 08/10/2023 08:44:44.520 DEBUG (default task-4) [com.aveksa.server.utils.Step] Starting execution step: null.. , Time Elapsed=-5 secs STARTING method=ExecuteStep subTask=start     Resolution This issue is resolved in the following versions: SecurID Governance & Lifecycle 7.5.2 P08 RSA Governance & Lifecycle 8.0.0 P01 ... View more

Summary RSA is pleased to announce the release and general availability of RSA Governance & Lifecycle Cloud v8.0! RSA Governance & Lifecycle Cloud delivers a full-featured, high-performing governance and lifecycle solution from the cloud allowing organizations to focus on delivering immediate business value. Highlighted below are several key solution updates contained in this release. Please see the RSA Governance & Lifecycle Cloud 8.0 Release Notes for additional information about the contents of this release. RSA Governance & Lifecycle Cloud: Is a subscription-based, hosted, managed, and full-featured IGA solution in the cloud. Allows customers to focus on delivering business value for continuous risk-based compliance for those highest-value projects that directly benefit the business without having to focus on operations/infrastructure management. Allows customers to adopt and transition to a cloud-first approach for IGA. Provides monitoring, alerting, and remediation of critical events – from services to governance processes, such as collections, workflows, and review campaigns. Includes a yearly business systems review and health check to ensure optimal governance processes. Providing visibility and insights across cloud and on-premises applications to ensure appropriate levels of access, and quickly addressing risky access. Ensuring appropriate access with access reviews and certification campaign management for compliance adherence. Removing inappropriate access and reducing risks by implementing access and segregation of duty (SoD) policies. Automatically and cost-effectively provision and de-provision access in a timely fashion using Joiner-Mover-Leaver policies. Providing a simple, easy-to-use access request and approval process for business users. Ensuring access alignment and simplification of access for reviews, requests, and policies with role mining and management. The RSA Governance & Lifecycle Cloud solution helps organizations eliminate and proactively mitigate identity and access risks and gaps across cloud and on-premises applications by improving their access assurance posture using a governance-led approach focused on the following three core areas: Increase Security and Reduce Risk – Governance & Lifecycle helps proactively identify, assess, and avoid risks across the enterprise. Newly available dashboards make it even easier for organizations to gain a holistic view of risk management activities so they can make better decisions and prioritize risk mitigation efforts. Achieve and/or Maintain Compliance – Governance & Lifecycle offers a comprehensive approach to managing and governing enterprise-wide risk and compliance programs by providing a unified view of compliance activities, streamlining processes, and enabling collaboration among stakeholders. Improve Operational Efficiency – In addition to simplifying the deployment, management, and operation of your RSA solutions, Governance & Lifecycle enables automation for many IT processes to improve efficiency, reduce costs, and enhance service delivery to better meet the needs of the business. New features and capabilities being introduced with the RSA Governance & Lifecycle Cloud offering: *Advanced Dashboards – Advanced Dashboards highlight critical risks and improve the speed and quality of decision-making through data analysis and visualization. These actionable dashboards include drill-down and dynamic filtering capabilities to quickly discover problem areas that need attention. *Risk Engine – Spots the trends and risks that are aligned with your business needs using our configurable Risk Engine. *Gamification – New gamification feature promotes faster stakeholder reviews which help to reduce risk and increase security. This is accomplished by using leaderboards, horse race charts, and badges or awards that encourage a security culture. Upgrade & Migration – The new pre-migration assessment procedure improves the migration process by identifying potential issues and providing remediation before the product is upgraded. Enhanced Archiving – The Archiving feature moves the data to history tables in the same database instead of creating a separate data dump file. This improves product performance and reporting while adhering to better compliance. Platform & Component Updates – Governance and Lifecycle is now supported on SLES 15. Major updates to Governance and Lifecycle core components including upgrades to the AFX underlying technology. As part of the upgrade to AFX, some connectors have also been improved, such as SCIM Connector. Oracle Automatic Workload Repository (AWR) Report – Administrators can generate AWR reports directly from the UI in Governance & Lifecycle Cloud. Default Keystore Password Modification – Governance & Lifecycle now allows the default application keystore to be modified in the UI and then propagated to the system (aveksa.keystore, server.keystore, and client.keystore).  *These new features are currently limited license Beta features. In Beta, they are provided to gather detailed feedback from our customers and are provided "as is" without any warranty. After Beta testing is completed, additional licensing terms and purchases may apply. Additional Resources KuppingerCole Leadership Compass Report: Identity Fabrics KuppingerCole 2022 Identity Governance and Administration Leadership Compass As part of the RSA Governance & Lifecycle Cloud offering, all existing RSA Governance & Lifecycle Cloud instances will be upgraded to the 8.0 release. An upgrade schedule will be communicated to each individual customer, as for all new customers, they will get the latest upgrade as well. For additional information about the RSA Governance & Lifecycle Cloud offering, please contact your RSA account team. ... View more

RSA Governance & Lifecycle Cloud Getting Started 8.0 This document provides an overview of your tasks to set up and manage RSA Governance & Lifecycle. It also explains where to find the information about performing each task from the Online Help available in the product. You can use it as a basic guideline for deploying RSA Governance & Lifecycle in a development environment. Planning Properly planning your RSA Governance & Lifecycle deployment is critical. This topic assumes you have identified the following: The data sources from which you want to collect identity, account, and entitlement data. The data that you want to collect. The identity compliance and management goals you want to achieve with RSA Governance & Lifecycle. Read the RSA Governance & Lifecycle Cloud 8.0 Release Notes for information on new and improved product features and known issues. 1.  Log into RSA Governance & Lifecycle Cloud and Secure the Application Configure security settings before you proceed with other tasks. Task Help Source Log into RSA Governance & Lifecycle Cloud and change the initial password for AveksaAdmin. The AveksaAdmin account is the default system administrator account for the application. It is the only account authenticated by the application. After you onboard users into the application, you can provide qualified users with various levels of administrator privileges. See the "Managing RSA Identity Governance and Lifecycle Application Privileges" Help topic for more information.   Logging On and Logging Off Configure system security settings to help protect against brute-force login attempts and cross-site scripting attacks. Managing System Security   2.  Onboard Identity Data Sources and Identities Before you can manage identity and access compliance with RSA Governance & Lifecycle Cloud, you must onboard the users who can access resources in your organization. Task Help Source Create a directory for each identity data source, such as Active Directory, from which you plan to collect identities. Creating and Managing Directories   Create an identity collector for each identity data source directory and collect identities (users). About Data Collection Create an Identity Collector Collect Identity Data To collect identities from more than one data source, you must unify identity data to create unique records of users in the application.  Managing Identity Data Unification   3.  Onboard the Applications and Directories from Which You Plan to Collect Entitlements Onboard the applications and directories that your users access. Task Help Source Onboard applications and directories. Creating and Managing Applications Creating and Managing Directories Create collectors and collect application metadata About Data Collection Create an Application Metadata Collector Collect Application Metadata   4.  Create Account and Entitlement Collectors and Collect Accounts and Entitlements Collect the accounts and entitlements that define what your users can access. Task Help Source Create account collectors and collect the accounts that provide users with entitlements to applications and directories in your organization. About Data Collection Create an Account Collector Collect Account Data   Create entitlement collectors and collect entitlements to applications and directories in your organization.  About Data Collection Create an Entitlement Collector Collect Entitlement Data   Create multi-app collectors and collect accounts and entitlements from data sources that include account and entitlement data for multiple applications. About Data Collection Create a Multi-App Account Collector Create a Multi-App Entitlement Collector Collect Multi-App Data   5.  Create Role and Data Access Collectors and Collect Roles and Data Resources Create role and data resource collectors if you have purchased the Business Role Manager and Data Access Governance modules and you plan to collect and manage role and data access data. Task Help Source Create role collectors and collect roles from data sources for your organization's roles- based access control system. About Data Collection Create a Role Collector Collect Role Data Note: RSA Governance & Lifecycle enables you to only collect roles if you do not implement Business Role Manager.  Create data access collectors and collect data resources (e.g., file shares, Sharepoint). About Data Collection Create a Data Access Collector Collect Data Access Data   6.  Setup Login Authentication for Users Except for the AveksaAdmin login users, all users who log into RSA Governance & Lifecycle must be authenticated from an identity or account collector data source. Task Help Source Create authentication sources for user logins. Managing Log-on Authentication Sources   7.  Administrative Tasks This section lists the administrative tasks you would typically perform to start administering RSA Governance & Lifecycle Cloud. Task Help Source Assign RSA Governance & Lifecycle administrator privileges to users as required. Managing RSA Identity Governance & Lifecycle Application Privileges How Users Get Aveksa Security Entitlements Create attributes you want to collect in addition to the default attributes provided by RSA Governance & Lifecycle. For example, create a "Cost Center" attribute for users if you want to collect that information.  Creating and Managing Attributes for RSA Identity Governance and Lifecycle Objects Enable product modules you have purchased. For example, enable Business Role Manager if you have purchased the module. Specifying System Settings Configure application and user interface settings. For example, change the AveksaAdmin password, provide a deployment environment name, and specify user session timeout values.  Specifying System Settings Specify User Interface Settings Schedule database management tasks: database backups and data purging.  Schedule Database Backups Managing Data Purging Schedule data collection. Scheduling Data Collection Manage all aspects of how users can request password resets for their RSA Governance & Lifecycle login accounts. Managing Account Password Reset Implementation Import business descriptions for objects in RSA Governance & Lifecycle that provide important information about the objects. Importing and Exporting Business Descriptions Creating and Managing Business Descriptions   8.  Getting Started with Product Features Configure and use product features. Task Help Source Create access certification reviews. For example, create a user access review that enables a department manager to review entitlements for members of a particular department.  Create a User Access Review Create rules that detect inappropriate access users have. For example, create a segregation of duties rule to detect whether users have entitlements that violate your organization's task segregation policies. Rules Manage how access changes are requested and fulfilled.  Introduction to Access Request Manager Access Request Forms Creating and Managing Workflows Access Fulfillment Express (AFX) Manage roles if your organization manages access to resources using role-based access controls.  Business Role Manager ... View more

Article Number 000068247 Applies To This is a known issue in the following versions. RSA Governance & Lifecycle 7.5.2 P04 Issue The popup dialog "Malformed Fields" is designed to display whenever any text boxes contain characters which are not allowed.   When configuring a new collector and pressing Next RSA Governance & Lifecycle displays the Warning dialog and prevents the page from being saved.  This also occurs when editing any fields of an existing collector.    Image description Cause The URL values are being incorrectly URL encoded (with % characters) before being saved.   These URL's are invalid and prevents the form changes from being saved.  Resolution This is resolved in the following version. RSA Governance & Lifecycle 7.5.2 P07 Workaround Avoid editing existing Generic Rest Collectors on this version. Import metadata from an existing collector on another system. ... View more