Pulse Secure has released SBR (Steel-Belted Radius) version 6.20 with enhanced security and multi-platform support. The SBR 6.20 release enables you to deploy improved cryptographic hash functions for user passwords stored in LDAP or OS databases and additional enhancement listed below.
SBR 6.2 Highlights:
- Support for SHA-2 for LDAP/AD
- SBR communicates with backend LDAP & AD servers using the LDAP protocol to fetch the user credentials
- The LDAP protocol supports storing passwords in the encrypted format on the LDAP server and SBR LDAP module supports only SHA1 encryption
- Support for SHA-2 encryption for LDAP external authentication has been added
- Support for SHA256, SHA512
- SBR uses the Linux OS user groups and login accounts, as one of the authentication methods
- Support user passwords stored in OS DB are limited to MD5 and Blowfish algorithms only
- The feature is to support SBR GUI authentication with stronger encryption (SHA256 and SHA512)
- Support user passwords stored in OS DB using SHA256 & SHA512 encryption
- Update to OpenSSL libraries
- OpenSSL upgrade feature: The OpenSSL version used in SBR has been upgraded to OpenSSL 1.0.0s to support features like SHA2 and to fix various vulnerabilities reported.
- Update to OpenLDAP libraries
- OpenLDAP upgrade feature: The LDAP libraries used in SBR are migrated to OpenLDAP on Linux and the MS LDAP SDK on Windows.
SBR 6.2 documentation is available on Pulse Secure Techpubs Upgrade Process and Considerations:
You can upgrade to SBR 6.20 from SBR 6.1.x version. However, upgrades from earlier version of SBR (e.g 4.x, 5.x, 6.0.x), require you to upgrade to SBR Version 6.1.x first and then upgrade to SBR Version 6.20.
Refer to the SBR 6.20 Install document for upgrade process - also available on Pulse Secure Techpubs
Licensing Process and Considerations:
Updated: 05/20/2016: 2.30PM PST.
At the time of SBR version 6.20 release, Pulse Secure was working on populating the SBR ver 6.2x license keys for customers with an active support contract . In order to facilitate the upgrade to SBR 6.2 version and cause no disruption to the customer's environment, Pulse Secure made changes to the built-in license which allows running SBR 6.20 version after the upgrade for 150 days.
Pulse Secure have completed the process of populating the SBR version 6.2x license keys for customers with an active support contract. KB40219
will help customers self retrieve the SBR version 6.2x License key.