12
© 2009 VMware Inc. All rights reserved Managing Oracle IdM with VMware vSphere 4.0 Steve Tout Sr. Security Engineer September, 2010

Managing Oracle IdM on VMware vSphere

Embed Size (px)

Citation preview

© 2009 VMware Inc. All rights reserved

Managing Oracle IdM with

VMware vSphere 4.0

Steve Tout

Sr. Security Engineer

September, 2010

2

Managing Oracle IdM at VMware

Refresh

Scale

Build

Building new IdM environments in

the most efficient way possible

Manage data, apply

patches and hot

fixes, firmware

updates and system

upgrades

Scale out your

infrastructure to

satisfy your

growing business

needs and IT

requirements

3

Build: Cloning OAM & OID Solution Overview

1. Clone the Database Instance

2. Clone the OID instance

3. Reconfigure cloned OID

4. Rename the existing

container in OID

5. Clone/Provision (or install)

OAM components against

cloned OID

6. Copy config from the old

namespace to the new

namespace

7. Update all OAM References

MacBook Pro Monster © 2010 Mac Mcrae http://macmcrae.com

Prod IdM

LT UAT QAI

OID

Identity

WebPassIdentity Console

Access

Access Manager

4

Refresh: Automated User Data Refresh Solution Overview

1. Shell Command initiated to

backup app configuration from

Source OID

2. PPM gets response back for

job completion

3. Shell Command initiated to

purge all app data (Optional: or

optimize for later retrieval)

4. Shell command initiated to

restore app configuration to

Source OID.

5. PPM gets response back for

job completion

PPM

Console

Source LDAP

Target LDAP5

1

4

2

Unix

Shell

3

5

Scale: Provision New Servers On Demand

Clone your servers to efficiently scale your infrastructure

6

Environment Proliferation – No New Environments!

IdM Footprint at VMware

High

Cost To MaintainLow

Dev

Prod

Key IT Issues: Consolidation, Management and Scalability

Leverage Private Cloud to reduce cost and complexity

Test

NIM

Stage

Perf

The IdM footprint is ripe for consolidation

and resource sharing

Troubleshooting and supporting13 IdM

environments is a drag on developer

productivity and IT agility

Costs are compounded due to lack of

automated configuration management

and migration/sync tools

7

Rethinking IdM for 2010 And Beyond

It’s not business-as-usual. Private Cloud adoption

must be guided on a fast track to realize time-to-

value and improve operational efficiency

Higher level conversations are required to organize

IT resources with the mindset of moving towards a

Private Cloud and enabling IT-As-A-Service for IdM

with standards like SAML, XACML, SPML,

OAuth2, et al.

The cost of not capitalizing on the potential of

Private Cloud is so high that it warrants a closer

look at how IdM (in particular) and SDLC

environments (in general) should be architecturally

viewed

Identify leverage points for managing IdM in your environment

8

Further Reading

Steve’s Blog

http://www.stevetout.com

VMware & Oracle Alliance Website

http://www.vmware.com/solutions/partners/alliances/oracle-vmware-support.html

© 2009 VMware Inc. All rights reserved

Questions

10

AppendixAdditional Reference Slides

11

PPM Workflow Overview

12

Step 2 – Block Level Replication of Oracle Data

RM Server

Primary Symmetrix Target Symmetrix

Source System Target System

User data loaded from target to source system using SRDF

15-36x faster than Bulkdelete and Bulkload (than OID alone)