Upload
hitachi-id-systems-inc
View
3.685
Download
4
Tags:
Embed Size (px)
DESCRIPTION
Hitachi ID Management Suite Demo: Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications. Using automation and self-service to secure and automate user and entitlement management. http://hitachi-id.com/
Citation preview
1 ID Management Suite Demo
Managing the User LifecycleAcross On-Premises andCloud-Hosted Applications
Using automation and self-service to secure and automate user and entitlement management.
© 2012 Hitachi ID Systems, Inc.. All rights reserved. 1
Slide Presentation
2 HiIM Features
Automation:
• Provision joiners, deactivate leavers.• Multiple HR feeds.
Requests portal:
• Self-service profile updates.• Delegated security change requests.
Security controls:
• Access certification.• RBAC and SoD.• Reports on current entitlements, history.
Workflow process:
• Authorizers.• Implementers.• Certifiers.
Integrations:
• 110+ connectors, included.• Incident management, SIEM, e-mail interfaces.• Manage building access, physical assets.
Identity synchronization:
• Consistent data among apps.
© 2012 Hitachi ID Systems, Inc.. All rights reserved. 2
Slide Presentation
3 Access Certifier Features
Hitachi ID Access Certifier automates periodic audits of all users and their access rights:
• Orgchart integration:
– Managers are reminded to review their direct subordinates.
• Certification:
– Each manager’s review is completed by an electronic signature, to certify that remainingentitlements are appropriate.
• Completion:
– Managers are motivated to complete the audit, since failure to do so prevents their superiors’own audits.
• Roll-up:
– At the end of the process, executives can attest to appropriate entitlements enterprise-wide.
© 2012 Hitachi ID Systems, Inc.. All rights reserved. 3
Slide Presentation
4 HiPM Features
Password synch:
• Reduce the number of passwords per user.
Self service:
• Password reset.• Clear lockout.• Smart card PIN reset.• Token PIN reset.• HDD key recovery.
Access from:
• PC browser or login screen.• At the office or remote.• Smart phone or voice call.
Assisted service:
• Password, token PIN, intruder lockout.
Policy enforcement:
• Password complexity, expiry, history.• Non-password authentication.
Managed enrollment:
• Security questions.• Login IDs.• Mobile phone numbers.
© 2012 Hitachi ID Systems, Inc.. All rights reserved. 4
Slide Presentation
5 Enabling Technologies
Hitachi ID Identity Manager includes technology that enables deployment in real-world, complexorganizations:
Challenge Technology ImpactDiversity of login systems. 110 connectors built-in. Easy to integrate with existing
infrastructureDifferent, disconnected loginIDs.
Auto-discovery, automaticand self-servicereconciliation.
Efficient processes todiscover and connect loginIDs.
Thousands of change requesttypes.
Dynamic workflow: a single,parametric process used toauthorize all change types.
Significantly reduces setupand maintenance effort forrequest forms and changeapprovals.
No pre-existing modelassociating users with roles,roles with entitlements.
Functional without a rolemodel: users can requestresources directly. AccessCertifier available to find,remove inappropriate rights.
Get to production withoutwaiting for a role miningproject to complete.
6 Enabling Technologies
Hitachi ID Password Manager includes technology that enables deployment in real-world, complexorganizations:
Challenge Technology ImpactMany systems and apps. 110 connectors built-in. Rapid, broad integration.Forgotten primary password. SKA, WinXP/GINA,
Win7/Cred Provider, IVR.Self service available at OSlogin prompt.
Inconsistent login IDs. Auto-discovery, auto-mapping,self-service mapping.
Rapid deployment, minimalconsulting.
Security question data. Automated enrollmentprocess, built-in forms.
Rapid deployment, high useradoption
Too many login prompts. Hitachi ID Login Managerauto-populates ID/PW.
Fewer IDs/PWs to type.
© 2012 Hitachi ID Systems, Inc.. All rights reserved. 5
Slide Presentation
7 Enabling Technologies (2)
Challenge Technology ImpactSeamless integration withcorporate IT.
Embeddable, customizable UI.Call tracking and e-mailintegration.
Easily ties in with portal, helpdesk and other systems.
Cached domain PWs.Intruder lockouts after web PWchange.
ActiveX in Hitachi ID PasswordManager UI refreshes cachedPW.
Eliminate lockouts.
Mobile users: forgotten PW. SSPR over temporary VPN. Business continuity.Lower help desk call volume.
8 Enabling Technologies (3)
Challenge Technology ImpactSmart cards: forgotten PIN,lost card.
PIN reset, backup passwords. Business continuity.Lower help desk call volume.
Tokens: forgotten PIN, losttoken.
PIN reset, emergencypass-code.
"
Full disk encryption: forgottenkey.
Self-service key recovery. "
Require multi-factorauthentication.
Authentication chains. Example: PIN via SMSfollowed by security questions.
© 2012 Hitachi ID Systems, Inc.. All rights reserved. 6
Slide Presentation
9 Closed Loop IAM
IntegratedSystems
of Record Autodiscovery
Auto-provisioningIdentity synch.
IdentityCache
IntegratedTarget Systems
Non-integratedSystems
Transaction Manager
Connectors
List accounts
Create,delete,update
accountsUpdates
UpdatesDetectedchanges
Listpeople
Authorizers Approve,reject,delegate
Invitations
ApprovalsWeb UI
Certifiers Review,certify,correct
Invitations
CertificationWeb UI
Requesters Manualrequest
RequestsWeb UI
- Validate requests- Route for approval- Invite authorizers- Send reminders- Escalate- Delegate
Manualfulfillment
Auto-fulfillment
Create,delete,updateaccounts
Automaticrequest
ImplementersAccept,confirm
Invitations
ImplementerWeb UI
RequestQueue
WorkflowManager
Hitachi ID Management Suite
WorkQueue
© 2012 Hitachi ID Systems, Inc.. All rights reserved. 7
Slide Presentation
10 Multi-Master Architecture
UserPasswordSynchTriggerSystems
Load Balancer
SMTP or Notes Mail
IncidentManagementSystem System of
Record
IVRServer
ReverseWeb Proxy
Target Systemswith local agent:OS/390, Unix, older RSA
Firewall
TCP/IP + AES
Various Protocols
Secure Native Protocol
HTTPS
Remote Data Center
Firewall
Local Network
Target Systemswith remote agent:AD, SQL, SAP, Notes, etc
Target SystemsEmails
Tickets
Lookup & Trigger
Native
password
change
AD, Unix,
OS/390,
LDAP,
AS400
Validate PW
Web Services
Proxy Server(if needed)
Hitachi IDApplicationServer(s)
SQL/Oracle
SQLDB
SQLDB
Cloud-hosted,
SaaS apps
VPNServer
© 2012 Hitachi ID Systems, Inc.. All rights reserved. 8
Slide Presentation
11 Included Connectors
Many integrations to target systems included in the base price:
Directories:Any LDAP, AD, WinNT, NDS,eDirectory, NIS/NIS+.
Servers:Windows NT, 2000, 2003,2008, Samba, Novell,SharePoint.
Databases:Oracle, Sybase, SQL Server,DB2/UDB, Informix, ODBC.
Unix:Linux, Solaris, AIX, HPUX, 24more.
Mainframes, Midrange:z/OS: RACF, ACF2,TopSecret. iSeries,OpenVMS.
HDD Encryption:McAfee, CheckPoint.
ERP:JDE, Oracle eBiz, PeopleSoft,SAP R/3 and ECC 6, Siebel,Business Objects.
Collaboration:Lotus Notes, Exchange,GroupWise, BlackBerry ES.
Tokens, Smart Cards:RSA SecurID, SafeWord,RADIUS, ActivIdentity,Schlumberger.
WebSSO:CA Siteminder, IBM TAM,Oracle AM, RSA AccessManager.
Help Desk:BMC Remedy, SDE, HP SM,CA Unicenter, Assyst, HEAT,Altiris, Track-It!
Cloud/SaaS:WebEx, Google Apps,Salesforce.com, SOAP(generic).
12 Simple Integration with Custom Apps
• ID Management Suite easily integrates with custom, vertical and hosted applications using flexibleagents .
• Each flexible agent connects to a class of applications:
– API bindings (C, C++, Java, COM, ActiveX, MQ Series).– Telnet / TN3270 / TN5250 / sessions with TLS or SSL.– SSH sessions.– HTTP(S) administrative interfaces.– Web services.– Win32 and Unix command-line administration programs.– SQL scripts.– Custom LDAP attributes.
• Integration takes a few hours to a few days.• Fixed cost service available from Hitachi ID.
© 2012 Hitachi ID Systems, Inc.. All rights reserved. 9
Slide Presentation
13 Demo
14 Corporate Overview
14.1 Hitachi ID Corporate Overview
Hitachi ID is a leading provider of identityand access management solutions.
• Founded as M-Tech in 1992.• A division of Hitachi, Ltd. since 2008.• Over 900 customers.• More than 11M+ licensed users.• Offices in North America, Europe and
APAC.• Partners globally.
© 2012 Hitachi ID Systems, Inc.. All rights reserved. 10
Slide Presentation
14.2 Hitachi ID Value Proposition
© 2012 Hitachi ID Systems, Inc.. All rights reserved. 11
Slide Presentation
14.3 Hitachi ID Advantages
14.4 Representative Hitachi ID Customers
www.Hitachi-ID.com
500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: [email protected]
File: PRCS:presDate: March 1, 2012