- Interoperability with third party column level encryption/tokenization provider
- Custom masking rules defined in BlueTalon for sensitive data column helps seamlessly unencrypt or detokenize the data for authorized users. The normal users continues to see data in encrypted or tokenized form which is encrypted during ingest with help of third party encryption or tokenization tools. BlueTalon enforcement can restrict invoking decryption UDFs in GreenPlum or Hadoop to ensure that unauthorized users cannot access the original data.
- Support for TLS/SSL encryption over Kerberos authentication for Hive and Impala Enforcement poin
- The client (JDBC, ODBC, shell etc) can connect to BlueTalon Hive or Impala EP over Kerberos authentication with TLS/SSL encryption of the traffic betweek client and enforcement point.
- Support for SLES 12 SP2 for enforcement point
- The BlueTalon Hadoop enforcement points, Hive, Impala and HDFS can be installed on Cludera or HDP clusters running on SLEP 12. Note that the management components (Policy and Audit) are still only supported on CentOS and RHEL.
- Enabling running BlueTalon component services as non-root user.
- All the BlueTalon services (Policy, Audit and Enforcement Points) can run as any normal OS user (customizable during install). This relaxes the need for running non-system process as generic root user.
- Policy UI improvements for configuring trusted users for middleware applications to impersonate end-users.
- BlueTalon support multiple mechanism for middleware applications to impersonate end user identity while accessing data. In this release we have streamlined the administration options to configure trusted user for given mechanism, IP address etc.
- In-place rolling upgrade from BlueTalon 18.104.22.168 and later releases
- Starting 3.3.0, its now possible to upgrade 22.214.171.124 or newer version to BlueTalon 126.96.36.199 with practically no downtime (requires BlueTalon metadata repositories to be hosted on external database service (eg Postgres RDS).
- Ability to configure separate users for discovery and downstream connections for Greenplum enforcement point
- Support for installing BlueTalon components in Cloudera cluster using Cloudera Manager over https
- Validation of Hive and Impala enforcement point with Kerberos authentication using Active Directory KDC and cross realm trust with MIT KDC
- Certification of GreenPlum enforcement with European locale