SafeNet MobilePASS+ 1.3 introduces new features and resolves several issues.
• Landscape Display in iPad
• Auto-Select of Single Token
• Pushed Message Queuing Panel
As part of our ongoing communications around recent End of Sale/Life announcements for several of Gemalto Authentication products, we’d like to remind you of the following End Of Sale (EOS) and End Of Life (EOL):
• Effective March 31, 2017, BlackShield ID v2.7 will be discontinued and no longer supported by Gemalto.
Click here for the End of Life Announcement.
• Effective March 31, 2017, IDBridge CL30 Contacless Readers will be discontinued and no longer supported by Gemalto.
Click here for the End of Life Announcement.
• Effective March 30, 2017, Gemalto will discontinue selling IDClassic 340/3340, IDClassic IAS 610/3610 and IDGo 300 MW and these will no longer be available for purchase.
Click here for the End of Life Announcement.
SafeNet KeySecure 8.5 Featuring Improved Key Management and Support for High-Capacity Cloud Infrastructures
We are pleased to announce the GA release of SafeNet KeySecure 8.5, with the following new features:
Scheduled Key Rotation: This feature helps you to schedule the rotation of versioned keys monthly or weekly that exist on the SafeNet KeySecure. You can now perform scheduled, unattended key rotation and ensure your new version key is properly propagated in a cluster environment. The latest version of the rotated keys will be always in the active state. You can schedule to rotate all the keys or you can also tailor your query in the Query Keys, to filter the keys at any point of time.
KMIP Encrypt / Decrypt Operation: This operation requests the server to perform an encryption / decryption operation on the provided data using a Managed Cryptographic Object as the key for the encryption / decryption operation.
AWS HVM Support: SafeNet KeySecure is now based on a Hardware Virtual Machine (HVM) instead of a Paravirtual (PV) on Amazon Web Services (AWS).This provides SafeNet Virtual KeySecure customers with the ability to run on more AMI environments. Watch for SafeNet Virtual KeySecure 8.5 on AWS Marketplace later this month.
For additional information contact your Gemalto Representative or login to the Customer Portal to read the release notes.
We are pleased to announce the release and updates of the following new PKI authentication products:
SafeNet Authentication Client 10.2 – DOW4586.
SafeNet Authentication Client 10.2 introduces support for PIN pad readers and the newly released Hybrid IDPrime MD 830. Supported PIN pad readers include:
• Gemalto IDBridge CT700
• Gemalto IDBridge CT710
• Ezio Shield Pro
• Ezio Bluetooth Reader
• Ezio BLE
Hybrid Version of IDPrime MD 830
A new hybrid version of the IDPrime MD 830 smart card with support for contactless card body and physical access control is now available.
• Reference: IDPrime MD 831 B FIPS 140-2 L3 HID/ card body — O1095606
SafeNet Authentication Manager 8.2- Release Update
We would like to inform you that an updated version of SafeNet Authentication Manager (SAM) 8.2 - is now available for download from the Gemalto Service Portal (DOW4585).
This is a maintenance release. It resolves several issues and consists of the following:
• SAM hotfix version 184.108.40.2068
• SRP hotfix version 220.127.116.113
• SafeNet OTP Authentication Plugin version 8.2.55
SafeNet ProtectV™ 3.6: Single Pane of Glass Security Management Across Cloud Enabled Environments
SafeNet ProtectV™ provides full disk encryption of bare metal servers, virtual machines and cloud instances so you can securely run even your most sensitive workloads or any highly regulated data in the cloud. Whether using Amazon Web Services (AWS), AWS GovCloud, Microsoft Azure, IBM Bluemix (formerly SoftLayer), or VMware vSphere, SafeNet ProtectV ensures cloud-enabled security across multiple cloud/hybrid environments.
SafeNet ProtectV 3.6 continues to provide further enhancements to enable single pane of glass security management to protect physical servers, virtual machines and cloud instances across virtual and cloud-enabled environments. SafeNet ProtectV 3.6 introduces support for ProtectV Manager on IBM Bluemix public cloud, extends support for Linux virtual machines in IBM Bluemix.
With SafeNet ProtectV 3.6, you can now deploy SafeNet ProtectV Manager and secure Windows and Linux virtual servers in IBM Bluemix Public Cloud. You no longer require a work disk to encrypt Linux servers with existing data on EXT 2, 3 or 4 file systems. ProtectV 3.6 also introduces support for Windows 2016 R2 and Windows 7 on VMware vSphere.
WHAT’S NEW IN PROTECTV 3.6
- SafeNet ProtectV Manager in IBM Bluemix
- SafeNet ProtectV 3.6 adds support for ProtectV Manager in the IBM Bluemix cloud. In addition an image template is provided to help launch ProtectV Manager in the Bluemix cloud.
- Support for IBM Bluemix Virtual Machines Running Linux
- SafeNet ProtectV 3.6 extends support for IBM Bluemix virtual machines running Linux platforms.
- Windows Server 2016 R2 Support
- SafeNet ProtectV 3.6 extends support for encryption of volumes on Windows Server 2016 R2 instances.
- Windows 7 in vSphere Support
- SafeNet ProtectV 3.6 extends support for encryption of volumes on Windows 7 instances in VMware vSphere.
SAFENET PROTECTV 3.6 IS AVAILABLE NOW!
SafeNet ProtectV 3.6 is available on IBM Marketplace, Microsoft Azure Marketplace (BYOL), via direct sales and on the Gemalto eService Support Portal and SafeNet Cloud Provisioning System.
MORE INFORMATION: ENABLE SECURITY AND COMPLIANCE IN THE CLOUD NOW WITH PROTECTV
Find out more about SafeNet ProtectV and SafeNet Cloud-Enabled Security from Gemalto:
- Brochure - SafeNet ProtectV Product Brief
- Technical Documentation - Please visit the support portal for the latest SafeNet ProtectV 3.6 support guides (registration is required).
For further information or questions, please contact your regional sales manager.
This feature allows authentication requirements to vary depending on the context of the authentication request. Customers can configure a Contextual Authentication Policy that skips the authentication requirement when certain Contextual Authentication Rules are met, so that a password and/or one-time passcode is only required in high risk situations.
Contextual Authentication Conditions can check for Trusted Network and or for Known Device. The Trusted Network condition is based on determination of the IP address of the connecting user and whether that address falls inside a configurable set of trusted IP address ranges. The Known Device rule is based on the determination of whether the user previously authenticated from the same browser-device pair within a configurable time window. Context Based Authentication is being introduced for SAML authentication only in SafeNet Authentication Service Cloud Edition.
Enhanced User Login for SAML
A new optional user experience for SAML authentication has been enabled in SafeNet Authentication Service Cloud Edition, referred to as Enhanced User Login for SAML. This includes the following functional improvements:
• New and improved SAML Login user interface
• Change to the login flow whereby the user ID is submitted by the user before any additional login credentials are prompted for
• Automatic initiation of push, SMS, or GrIDsure authentication challenge under certain conditions
• A Remember Me on this Device option, enabling the user ID to be auto-filled in subsequent login attempts to SAML applications
• Additional context is provided to the user as they log in, with their username and name of the application being accessed displayed throughout the login flow
The Enhanced User Login for SAML feature is optional and controlled on a per SAML Service Provider basis in customers’ accounts. Customers have full control over the transition to the new user experience. The feature also introduces new customization parameters to control specific User Interface attributes.
SafeNet Crypto Command Center 2.2.1: Featuring Secure Trusted Channel (STC), as well as Oracle and Red Hat support
STC: Benefit from improved secure communication through STC links between managed SafeNet Luna Network HSM partitions (software version 6.2.1 or higher and firmware version 6.24.2 or higher) and crypto application servers. With STC, client access is limited to systems possessing a registered software or hardware token. STC secures messages using endpoint and message authentication, verification, and encryption. The HSM/client communication integrity is ensured with STC, even when those messages are sent over public, or otherwise unsecured networks.
Oracle: Version 2.2.1 now supports Oracle database for use by SafeNet Crypto Command Center, in addition to PostgreSQL.
Red Hat: SafeNet Crypto Command Center 2.2.1 now supports Red Hat Enterprise Linux (REHL) and its open source derivative CentOS.
For additional information contact your Gemalto Business Development representative.
New Features and Enhancements
This release provides the following new features and enhancements:
Custom FM calls through Cryptoki, Secure Messaging, and HA/WLD
The new FMSC_ SendReceive function allows custom FMs to be called directly through the Cryptoki interface, rather than through the Message Dispatcher interface (ETHSM). A new sample FM, secfmenc , is provided to demonstrate the use of this function.
Custom FM calls can now use the following features:
- Secure Messaging : send and receive FM requests in encrypted form
- High Availability/Work Load Distribution : configurations can now be used with FMs
FM Compilation Support on Windows
SafeNet ProtectServer/ProtectToolkit 5.3 adds support for a Windows version of the FM emulation libraries, allowing the development, compilation, and testing of FMs on all supported Windows operating systems
Automated scripts are provided that build and install the cross- compiler and set up a MinGW environment.
Support for AIX 7.2
SafeNet ProtectServer/ProtectToolkit 5.3 adds support for the AIX 7.2 operating system.
Vulnerable Mechanisms Restricted by Default
Newly- discovered key extraction techniques have revealed vulnerabilities in some PKCS#11 mechanisms. These mechanisms are now restricted by default in the factory settings of all new HSMs, or when flags are set to " 0 " (all flags cleared). These mechanisms cannot be enabled in FIPS mode. The Weak PKCS#11 Mechanisms flag, when set ( ctconf - fw ), allows the use of these less- secure mechanisms.
The following mechanisms are affected:
- CKM_ CONCATENATE_ BASE_ AND_ DATA
- CKM_ CONCATENATE_ BASE_ AND_ KEY
- CKM_ CONCATENATE_ DATA_ AND_ BASE
- CKM_ XOR_ BASE_ AND_ DATA
- CKM_ XOR_ BASE_ AND_ KEY
- CKM_ EXTRACT_ KEY_ FROM_ KEY
Set Mode Tool for Changing Cryptoki Provider
In SafeNet ProtectServer/ProtectToolkit SDK 5.3 for Windows systems, the software emulation batch files for ctbrowse , KMU , and gCTAdmin have been removed, and a new executable binary file called setmode has been added. setmode allows the user to easily toggle between software emulator and hardware modes without manually editing the Windows registry.
SafeNet ProtectServer PCIe HSM Driver Timeout Configurable
SafeNet ProtectServer/ProtectToolkit now supports changing the environment variable ET_ HSM_ PCICLIENT_ READ_ TIMEOUT_ SECS, which determines the time (in seconds) the PCIe driver will wait before timing out on a read operation. It should be set long enough to avoid an unintentional timeout, shutting down the HSM.
PTK 5.3 can be downloaded from the Service Portal (https://serviceportal.safenet-inc.com) using the following document IDs:
- PTK 5.3 Software – DOW4557
- PTK 5.3 Documentation – DOW4558
- Firmware 5.00.06 - DOW4559
Customer release notes for the PTK5.3 release can be found at the following URL: http://www.securedbysafenet.com/releasenotes/ptk/crn_ptk_5-3.pdf
We’d like to update you that we are announcing End of Sale for SafeNet eToken 7300.
Last time (LTB)
May 30, 2017
May 31, 2017
May 31, 2018
For replacement products and additional details please refer to the End of Sales Announcement.
Ezio Web Connector 3.2.0 is launched today, and it now supports our forthcoming Ezio BLE tokens and readers.
There is no need to upgrade for the moment, as the devices it supports have not been launched yet. But stay tuned for the first launch early next year!
Select a product category:
Subscribe by email
SafeNet MobilePASS+ 1.3 - Release Announcement
Shiri Amit | January 17, 2017, 08:10 am
Gemalto Authentication Products - End of Sale/End of Life Reminders
Shiri Amit | January 15, 2017, 02:46 am
Product GA Announcement: SafeNet KeySecure 8.5
Stephen Kingston | January 5, 2017, 03:38 pm
PKI Authentication Product Releases: SAC 10.2; IDPrime MD 830; SAM Hotfix
Shiri Amit | January 5, 2017, 09:47 am
SAFENET PROTECTV 3.6 – GA ANNOUNCEMENT
Sharon Ginga | December 22, 2016, 01:40 pm