Published Release Notes

Support for encrypted traffic in a cluster

The Pega 7 Platform includes the Ignite platform, which supports encryption for intra-cluster communications. You can now configure encryption for intra-cluster traffic for compliance with regulatory or organizational security requirements.

For more information, see Enabling encrypted traffic between nodes.

Chart drilldown capabilities extended to dashboard widgets

When the chart for a report is displayed in a dashboard widget, you now can click any part of the chart to drill down and view the subset of data for that part. This enhancement provides you with an accurate view of the data that determines the report results. Previously, this capability was provided only in the Report Viewer.

Enhancements to exporting report results to Excel

When you export report results to Excel, the .xlsx file that the export process generates is smaller, opens faster, and no longer displays a security warning when you open it. Excel handles more of the formatting, and DateTime, Date, TimeOfDay, and Numeric properties are exported in a format that Excel recognizes. In addition, columns have sorting and filtering enabled by default.

These enhancements are enabled by default and provide improvements to performance and memory usage, especially with large data sets. You can disable this new default behavior by modifying the pyEnableExportToAdvancedExcelFormat when rule. For more information, see Disabling the default functionality for exporting reports to Excel.

Monitor standard and custom security events

From the new Security Event Configuration landing page, you can select the standard and custom security events that you want the Pega 7 Platform to log automatically for every user session. The security events are grouped into the following types:

• Authentication
• Data access
• Security administration
• Custom

The API logCustomEvent() is provided so that you can create custom security events that are specific to your applications and that can be monitored by the Pega 7 Platform. For more information, see Security Event Configuration.

SAML configuration supports global resource settings

In the SAML Authentication Service form, you can now use global resource settings, which allow greater flexibility for values that change compared to using fixed text values. Apply global resource settings, which are dynamic values, in the Identity Provider (IdP) information section and the Service Provider (SP) settings section of the form.

For more information, see Authentication Service form - Completing the SAML 2.0 tab.

Restrict visibility of scalar property values for certain users

You can use the Access Control Policy rule to mask individual scalar property values from specified users. You can restrict visibility for the following property types:

• DateTime
• Integer
• Text

For more information, see Masking property visibility for users.

Disable inactive operators

As a system administrator, you can control access to an application by disabling Operator IDs. To disable an Operator ID, you can use one of the following options in Designer Studio:

• Call the Service REST: user.
• Change settings on the Operator Access tab on the System Settings landing page or on the Security tab on the Operator ID form.
• Define the number of inactive days in the security policies before an Operator ID is automatically disabled.

For more information, see System Settings - Operator Access tab, Enabling Security Policies, Security tab on the Operator ID form.

Improved data security for BIX extracts for Pega Cloud customers

Data security is improved for BIX extracts in the Pega Cloud. BIX extracts are now processed through the use of a HIPAA-compliant system. As a result of this improvement, the method for obtaining BIX extracts has changed. For more information, see Process for obtaining BIX extracts has changed for Pega Cloud customers.

New process for Pega Cloud customers to obtain BIX extract files

The process for obtaining Business Intelligence Exchange (BIX) extract and manifest files for Pega^® Cloud customers has changed as a result of data security enhancements for HIPAA compliance. By default, after upgrading to Pega 7.3, you must obtain the BIX extract and manifest files from the Pega SFTP server. From within Designer Studio, you can configure the BIX extract and manifest files to be sent to a remote SFTP server by a file listener. For Pega Cloud customers who have purchased a Pega Cloud SFTP Server subscription, you can configure BIX to send the BIX extract and manifest files to the SFTP server's folders for remote SFTP client download.

For more information about obtaining files from the Pega SFTP server, see Obtaining BIX extract files from the Pega SFTP server.

For more information about having files sent to your SFTP server, see Defining SFTP-related data instances.

Security landing pages and features require privileges

Security-related landing pages and features are no longer visible and accessible to every user. To view and configure the following security features, you must have the appropriate privileges:

• Attribute-based access control (ABAC) policies require the pzCanManageSecurityPolicies privilege.
• The Authentication Services landing page requires the pzCanCreateAuthService privilege.