Versions Compared

Old Version 2

changes.mady.by.user Former user

Saved on

compared with

New Version 3

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Panel
Table of Contents

Security Refresh (OpenSSL 1.02f)

Universal Agent 6.3.0.1 implements the latest OpenSSL toolkit for Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. This ensures that the Universal Agent and it's components have the latest security fixes available. This implementation introduces several new and stronger cipher suites for encrypting control and data sessions. Cipher suite defaults for new installs have also been updated to reflect changes in security encryption standards. Existing users who are upgrading from older Universal Agent versions will not have their defaults automatically updated and should consider reviewing these to ensure that any corporate security standards are complied with.

New Cipher Suites

The following new SSL Cipher Suites have been made available:

  • AES128-GCM-SHA256 - 128-bit AES encryption in Galois Counter Mode, SHA-2 256-bit message digest.
  • AES256-GCM-SHA384 - 256-bit AES encryption in Galois Counter Mode, SHA-2 384-bit message digest.
     
    Note
    titleNote

    RC4_* and DES_* SSL cipher suites will be deprecated in a future release of Universal Agent.

Configuration File Security Changes

Universal Agent configuration files default access rights have been changed to owner and group read only.

Universal Encrypt Enhancements

The –aes option for uencrypt now defaults to yes, meaning that encrypted files will be by default use AES 256 bit encryption, previously the default was no which used DES 56 bit encryption. If customers do not supply their own key (-k option) an internal key is used for the encryption, this has been expanded to a 32 bit key. This means that Agent versions prior to 6.3.0.1 will not be able to use uencrypted files generated with the new defaults, this affects managers (ucmd, udm, etc) and the Universal Controller CLI. A new legacy option for the –aes option will force the new version to use the old internal key to maintain backward compatibility.

Universal Data Mover Peer Authentication

UDM now supports peer authentication. This allows a UDM manager to validate the identity via host-name and/or serial number of a remote Universal Broker certificate. Support has been added for both 2 party and 3rd party transfers.

SAP Process Chain Restart Enhancements

...

Oracle PeopleSoft Connector

A new Universal Connector product is being introduced, Universal Connector for PeopleSoft Process Scheduler (UPPS). Customers using the PeopleSoft Process Scheduler can leverage this new product to integrate scheduling of Oracle PeopleSoft business applications from any scheduling or workload automation system on any platform. This capability will allow customers to take advantage of more advanced scheduling capabilities and integrate Oracle PeopleSoft processes with other applications and business processes. Please contact sales@stonebranch.com for pricing details.

USAP Enhancements

USAP (Universal Connector for SAP) has been enhanced to support SAP process chain restarts without the operators needing access to the SAP logs.
Support has been added to export SAP Factory and Holiday Calendars.

New FTP Client
Universal Agent 6.4.1.0 introduces a new capability for Universal Agent customers. UFTP (Universal FTP Client) is now available and supports the following file transfer protocols, FTP, FTPs, SFTP, and TFTP. UFTP provides a consistent file transfer client for all supported 6.4.1.0 Universal Agent platforms.

zOS Enhancements
Installation packaging changes, we are now delivering the z/OS installation package for the Universal Agent as an DFDSS backup. this is intended to significantly reduce the number of files that need to be transferred during the installation process, we are also providing a zip version of the installation package.
Mixed case passwords are now supported for z/OS.

Security Enhancements
System SSL security for z/OS now supports TLS1.2.
The UENCRYPT utility now supports the ability to allow customers to create their own encryption key and configure the UENCRYPT utility to use this encryption key. User generated encryption keys are stored in the new Universal Broker key store. This further enhances the security provided for objects encrypted with the UENCRYPT utility.

Platform Support Changes
From Universal Agent 6.4.0.0 we are no longer supporting IBM z/OS 1.12 and 1.13. Universal Agent for zOS now requires IBM z/OS 2.1.x or higher.

End of Life UA 5.2
With the release of Universal Agent 6.4.x we are announcing the withdrawal of support for Universal Agent releases 5.2.x effective at the end of March 2018 pursuant to our product release support policy http://docs.stonebranch.com/confluence/display/SMLRI/Stonebranch+Product+Release+End+of+Support+Dates. Customers using Uinversal Agent for the IBM i and HP NonStop platforms are not affected by this announcement.