Professional Documents
Culture Documents
Customer Presentation
Sun Microsystems
Business Imperatives
Identity management solutions must address multiple,
conflicting business goals
Portals Corporate
Governance
Extranets Internal
Threats
Operations Integration
Help
Desk Development
Federation
● Provisioning and Meta-
Directory Services
● Open and integratable to reduce
integration cost and complexity
Access Manager
Web-Based Administration
Source: Burton Group Telebriefing, Enterprise Identity Mgmt, The Strategic Infrastructure Imperative
Delete
Exchange and Oracle Financials Siebel CRM Chargeable Assets Other Assets
Active Directory • Mobile phone/service • Office space
• Conference call account • Phone
• Credit card • Laptop
Provisioning with Identity Manager
Streamlined, Automated and Secure
HR
System Reduced risk
Complete view of user’s
identity
Approving
Efficient,
Manager automated
operations
Exchange and Oracle Financials Siebel CRM Chargeable Assets Other Assets
Active Directory • Mobile phone/service • Office space
• Conference call account • Phone
• Credit card • Laptop
Identity Manager Capabilities
Automated user provisioning
Synchronization services
Auditing and reporting
Delegated administration
Password management
Cross platform support
Noninvasive, flexible architecture
Features and Benefits
Smart Forms
AutoDiscovery
Virtual Identity manager
Agentless Adapters
ActiveSync
Rules Engine
Dynamic Workflow
Centralized password policy management
Help desk integration
Pass-through authentication
Technical Architecture Diagram
Agent-less
Gateway
External
Unix Systems Agent
End User Workflow
Self-Service
HTTPS SSH Custom Apps
Any Web WSBPEL
Custom
Browser
RDBMS
JDBC
J2EE Groupware
JMAC/ABAP/JDBC Servlet
Application
HR Authoritative
Source Adapters JNDI
Directories
3270
Lightweight
Real-time interaction with managed resources
Can modify operation of connected application NOW!
No complex replication infrastrucre
Ability to generate reports on native data in resources
Virtual Identity Composition
Identity Manager ID
Basic Information (name, email)
List of resources
Key information for each resource
Extendable
Identity Manager Synchronization
Multiple synchronization types to best fit a given
resource
ActiveSync
Smart Polling
Event Listener
Full IDM workflow is available
Execute complex business logic
Approvals and notifications
Converting to and from flat data or nodal structures
Secondary system lookups
Reconciliation and Discovery
Bulk activity – Where batch process is needed.
Identity Manager Auditing & Reporting
Reporting types
User and Administrator
Summary Reports
Usage
Role
Resource
Report output options
Ad-hoc
Scheduled
Visual
Formatted for export
Risk analysis reports
Wizard to create new reports
Sun Proprietary/Confidential: Authorized Partner & Internal Use Only 20
Identity Manager Interface Options
Users
Resources
Any external data managed by Identity Manager
Roles and resource groups
Contain multiple resources
Contain behavior
Apply rules and policy
Organization and Virtual Organizations
Virtual Organizations map to org structures in remote directories
Relationships between objects and containers
Capabilities
Discrete
Can be assigned to a user that perform only one function
N-level delegation
Can be assigned from one administrator to another providing true n-level
delegation
Administrators are created
Granular authority
Any user can be an administrator
User's administration privileges may be limited
To a specific capability
In a specific organization
Using the web interfacce
Using rules, forms or workflow