View
223
Download
0
Category
Preview:
Citation preview
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 1/29
Identity Mangement
OverView
Pablo LambertPráctica de Software
Sun Microsystems
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 2/29
Sun Proprietary/Confidential: Internal Use Only
Software
Software una Prioridad para Sun
Services Storage
Servers
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 3/29
Sun Proprietary/Confidential: Internal Use Only
Java Enterprise System
I d e n t i t y
M
a n a g e m e n
t
ApplicationPlatform B2B
ESBWebInfrastructure
Composite
Application Platform
C o m m u n i t y
A v a i l a b i l i t y
D a t a C e n t e r M a n a g e m e n t
D
e v e l o p e r T o o l s
Traditional Client•
Sun Ray, Star/OpenOffice, JavaDesktop System
Secure GlobalDesktop
Mobile Client•
Java ME
•
Java Card
Traditional Client
Sun Ray, Star/
OpenOffice, Java Desktop System
La Infraestructura para la Web 2.0
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 4/29
Sun Proprietary/Confidential: Internal Use Only
Agenda
●
Estrategia de Software
●
Identity Management
●
Access Manager
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 5/29
Sun Proprietary/Confidential: Internal Use Only
Varios Modelos de Negocio
• Source code
• Binary product
• Basic training
• Security support
• Developer programs
• Subscriptions or tradicional license
• Support• Services
• Training• Indemnification
Free and
Open
What We Sell
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 6/29Sun Proprietary/Confidential: Internal Use Only
What Is Project GlassFish?• Java EE 5 Reference Implementation
>
Included in Java EE 5 SDK
• Enterprise Quality> High availability / clustering
> Advanced administration> World record performance
•
Open Source> CDDL & GPL v2 (w/ClassPath Exception)
• Community> Sources, bug DBs, discussions at Java.Net
> Roadmaps, Architecture Documents
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 7/29Sun Proprietary/Confidential: Internal Use Only
GlassFish Adoption
• 3.8 million downloads since July '06
•
Dozens of external committers
• Over 7,000 members
• Evans data survey of Linux usersputs GF at #3 behind JBoss and“other” (Tomcat)> JBoss and IBM fell 5% while
GlassFish / Sun increased
Feb07
Mar 07
Apr 07
May07
Jun07
Jul 07 Aug07
0
10000
20000
30000
40000
50000
60000
70000
80000
90000
100000
110000
120000
130000
140000
150000
Active Users
Joe Ottinger – Editor TheServerSide
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 8/29Sun Proprietary/Confidential: Internal Use Only
Agenda
●
Estrategia de Software
●
Identity Management
●
Access Manager
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 9/29Sun Proprietary/Confidential: Internal Use Only
Las soluciones de administración de identidades deben de resolver múltiples necesidades de negocio.
Mejorar Acceso
y Servicios
Seguridad
Reducir Costos
Single
Sign-on
Federación
Portales
Automatización
Help
Desk
Desarrollo
Integración
Leyes
Riesgos
Internos
RiesgosExternos
Políticas
AuditoriasAuto
Servicio
Motivadores del Negocio
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 10/29
First Complete & Integrated SolutionSun Identity Manager
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 11/29
Identity Lifecycle Mgmt: Value Proposition
Enabling Enhanced Security, Reduced Costs,Improved Productivity
Sources: Gartner, Giga
•
Self-Service Password Management
–Help Desk Costs: Reduce by at least 35% with savingsup to $75 per user per call
•
Delegated Administration
–IT Security: Improve with rule and role-based delegationof privileges and comprehensive auditing and reportingof all activity
•
Identity Data Synchronization
–TCO: Deploy and maintain a single solution for handlingmeta-directory and provisioning projects
•
Automated User Provisioning
–IT Security: Ensure appropriate level of access is giveninitially and removal of all access when relationship ends
–IT Efficiency: $70,000/user savings for every 1,000managed users
–User Productivity Gains: $1,000/new employee and$350/existing employee
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 12/29
Identity Auditing: Value PropositionEnabling Sustainable and Repeatable Compliance
0
20
40
60
80
100
120
1 2 3 4
% users
reviewed
Stage 1, Basic Review
100% of the users beingreviewed
Stage 2, Review WithAudit Policy, reduce
reviewed users by up to40%
Stage 3, Review WithAudit Policy and On-going Audit Scans, reduces
up to 80%
Stage 4, Review onlyUpdated Users, reducesup to 90%
•
Policy based certification and manager attestation
–IT Efficiency: Reduce the time to days frommonths
•
Separation of duties checking
–IT Cost: Customers can save up to $300k
per year per system
•
Automated Remediation
–Compliance: Fix violations as they aredetected and capture approvals
•
Preventative Compliance
–Compliance: Check SOD policy atprovisioning, tie policy to user
•
Reconciliation of Expected and Actual Access
–Compliance: Compare user roles to actual
system access% of users
reviewed
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 13/29Sun Confidential: Internal Only 13SUN PROPRIETARY/CONFIDENTIAL - Sun Employees and Authorized Partners Only
IDM Architecture
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 14/29
Identity Manager Provisioning
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 15/29Sun Confidential: Internal Only 15SUN PROPRIETARY/CONFIDENTIAL - Sun Employees and Authorized Partners Only
Virtual Identity Manager Real-Time Identity Management
•
Real-time interaction with managedresources
> Can modify operation of connected application NOW!
>
No complex replicationinfrastructure
> Ability to generate reports onnative data in resources
•
Virtual Identity Composit ion
>
Identity Manager ID
> Basic info (name, email, manager)>
List of resources
>
Key information for each resource
• Extensible storage of other attributes as required
“Virtual Identity
Manager”
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 16/29
Sun Confidential: Internal Only 16SUN PROPRIETARY/CONFIDENTIAL - Sun Employees and Authorized Partners Only
Dynamic WorkflowComponents
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 17/29Sun Proprietary/Confidential: Internal Use Only
Agenda
●
Estrategia de Software
●
Identity Management
●
Access Manager
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 18/29
Sun Java System
Access Manager
NEW GRAPHIC
Secure and scalable
access managementBenefits:●
Improve security
●
Enhance user experience
●
Increase revenue opportunities
●
Reduce administrative costs
Features:●
Standards-based single sign-on
●
Role/rule-base authorization for centralized policy enforcement
●
Federation services for enabling trusted partnerships
●
Proven scalability for largescale, dynamic service provider environments
●
Instant auditing of crit icalaccess-related information
Delivering single sign-on,access control and federation
services across intranets and extranets
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 19/29
Access Manager Architecture
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 20/29
Sun Proprietary/Confidential: Internal Use Only
Access ManagerHow does it work?• Intercepts access to a resource
•
Authenticates the user and, if the user
is successfully authenticated, issues atoken
• Evaluates the policies associated withthe requested resource
• If the user is authorized, allows accessto the resource, providing identity data
•
Repeats the process
>
Intercepts access to resource>
Uses token to authorize accessdepending on policy
>
Provides identity data to resource
>
Logs everything that happens
• Until session expires
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 21/29
Centralized Access ManagementWeb Applications
Java/.Net Applications
Enterprise Applications
Web Services
-
Authentication
- Single Sign-On-
Policy Enforcement
-
Auditing
Access Manager
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 22/29
Secure Web ServicesWeb Service Service Consumer
SOAP
SOAP
Trust Authority
Security Tokens
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 23/29
Sun Proprietary/Confidential: Internal Use Only
Agenda
●
Estrategia de Software
●
Identity Management
●
Access Manager
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 24/29
Why Sun?
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 25/29
Sun Confidential: Internal Only 25SUN PROPRIETARY/CONFIDENTIAL - Sun Employees and Authorized Partners Only
Deployment Success & Product Maturity
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 26/29
Sun Identity Management SuiteIntegrated. Integratable. Innovative.
Extended Enterprise
Everything required to manageidentities within the extendedenterprise and across collaborativenetworks—all completelyintegratable with dynamic,heterogeneous IT environments.
Collaborative Enterprise
3+ billion identities under management
Federation Manager OpenSSO
Identity Manager Access Manager Directory Server
Enterprise Edition
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 27/29
Sun Confidential: Internal Only 27SUN PROPRIETARY/CONFIDENTIAL - Sun Employees and Authorized Partners Only
Sun Leads in Forrester Wave™ Forrester Wave™ User Account Provisioning
•
Sun Microsystems is a market leader for
a reason — its product delivers superior provisioning functionality with the highestease of use.
•
By a large margin, Sun Java SystemIdentity Manager came in as the mostfunction-rich solution…
•
Sun stands out as functionally superior.
•
Sun sets the gold standard for user account provisioning.
•
Ranked #1 in both current offering andmarket presence
The Forrester Wave is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarksof Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester's call on a market
and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester doesnot endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on bestavailable resources. Opinions reflect judgment at the time and are subject to change.
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 28/29
Sun Confidential: Internal Only 28SUN PROPRIETARY/CONFIDENTIAL - Sun Employees and Authorized Partners Only
• Leaders demonstrate balancedprogress and effort in all execution andvision categories.
•
•
Their actions raise the competitive bar
for all products in the market, and theycan change the course of the industry.
•
Magic Quadrant for User Provisioning, 1H06•
Roberta J. Witty, Ant Allan, Ray Wagner
•
25 April 2006
This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report.The Gartner report is available upon request from Sun. The Magic Quadrant is copyrighted April 2006 by Gartner, Inc. and is reused with permission. TheMagic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner’s analysis o f how certain vendorsmeasure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the MagicQuadrant, and does not advise technology users to select only those vendors placed in the “Leaders” quadrant. The Magic Quadrant is intended solely asa research tool, and is not meant to be a specific gu ide to action. Gartner disclaims all warranties, express or implied, with respect to this research,including any warranties of merchantability or fitness for a particular purpose.
Sun is Positioned in Leaders QuadrantGartner User Provisioning Magic Quadrant
8/8/2019 Software Practice Overview Identity
http://slidepdf.com/reader/full/software-practice-overview-identity 29/29
¿Preguntas?
Recommended