New Generation Consultants, Inc

Identity And Access Management Overview

Friday, Feb 27th, 2008 3.00 PM – 3.40 PM CST

Introducing New Generation Consultants
www.newgenusa.com

• Oracle Certified Partner

– Founded 2001
– HQ in Des Plaines; branch in Chennai
– 6 Practice Areas
• Data and Process Integration
• Decision Support
• Enterprise Applications/OBAs
• Infrastructure Design, Deployment, Support
• Managed Services
• Education and Training
• Drawing at end of today’s presentation!
2
Identity And Access Management
Building an enterprise altogether
Agenda

State Of the enterprise and challenges

Identity and Identity Management : Overview

Business drivers for IAM implementation

A Glance at Oracle’s IAM suite

Infrastructure of a complete IAM implementation

Business and Technology advantages of IAM

Questions and Answers
Audience

Anyone who wants his/her companies to be successful
not only today but be ahead in the future as well.

Users who want a very easy life dealing with UserIds,
passwords and identity and access related issues.
3
Identity And Access Management
What is Identity Management: Overview
Identity

Who the user is

What is he entitled to

When is he allowed to
perform specific Functions

Why has the user been
granted permissions

Identity Management

Establishes the identity

Describes the identity

Follow identity activity

Destroys the identity 4
Identity And Access Management
State Of an IDMless Enterprise

Costs Of Compliance User IDs and passwords

Access Control not controlled

5
Identity And Access Management
Another IDMless enterprise

6
Identity And Access Management
Enterprise equipped with IDM solution

7
Identity And Access Management
Oracle IAM Suite

Access Identity Directory

Control Administration Services
Oracle Access Manager
Oracle Enterprise Oracle Virtual Directory
Single Sign-
Sign-On
Oracle Identity Manager Oracle Internet Directory
Oracle Identity Federation (with Directory Integration
Platform)
Oracle Web Services
Manager

Audit & Compliance

Oracle Identity & Access Management Suite

8
Identity And Access Management
Oracle Identity Manager

Identity and Role administration.(user and group

management, self-service functionalities for users, and
delegated administration)

Approval and request management.

Technology integration and Adapter
factory.

Increased security.

Provisioning (approval and request).

Improved business responsiveness.

Reduced costs and Streamlined operations.

Policy-based entitlement management.

Reconciliation and attestation support(for audit, regulatory,
and compliance purposes). 9
Identity And Access Management
Oracle Access Manager

Automates Identity and Access

Management.

Strengthens security and eliminates
latency.

Streamlines partner integrations.

Integrates with strategic applications.

Ensures enterprise-wide
interoperability.

Enables regulatory compliance.

Provides single and multi-domain
Single Sign On solutions.
10
Identity And Access Management
Oracle Internet Directory

Supports transparent data encryption.

Directory integration and provisioning
platform(DIP).

VSLDAP certified and EAL4 compliant.

RDBMS backend which provides
proven scalability and performance.

External authentication plugin for
authentication against AD, Novell, SUN and Open LDAP.

Replication and High availability using multi master and
Oracle AS clusters.

Server extensibility using Java and PL/SQL plugins.
11
Identity And Access Management
Oracle Virtual Directory

Single Interface for Identity.

Unify Identity data without
consolidation.

Re-Use Identity data without
copying.

Provide LDAP interface to
database and web services.

Directory Proxy and Firewall.

LDAP and Database adapters.

Reduce number of Identity stores.

Improve security and compliance.
12
Identity And Access Management
Oracle Identity Federation

Support for SAML 2.0, Liberty ID-FF 1.x and

WS-Federation.

Can be deployed both as a
identity or service provider.

Load balancing and failover
support.

Integrates with 3rd party identity
and access management solutions.

Oracle Database, OID, Microsoft
SQL-Server, Microsoft AD and Sun Java System Directory
Server.
13
Identity And Access Management
Oracle Adaptive Access Manager

Authentication Security – Virtual Hardware devices,

smartcards, biometrics, X.509 certificates and LDAP.

Risk Analytics – Based on IPs,
Geo-Locations and network data.

Behavior Profiling – Evaluates
user behavior against his own history

Fraud investigation and forensics.

Fraud intelligence

14
Identity And Access Management
Comparison of popular portfolios

Area Oracle Sun CA HP IBM NOV BMC

L
Federation Oracle Identity Federation    P  
Web Access Mgmt Oracle Access Manager       
Web Svcs Security Oracle Web Services Manager     
ESSO Oracle Enterprise Single Sign-  P   
On
Del Admin Oracle Access Manager       
Pwd. Mgmt. Oracle Identity Manager      
Provisioning Oracle Identity Manager       
Ent. Role Mgmt Oracle SmartRoles (TBA) P P P

Meta Directory Integration Platform    

AuthN/PKI Oracle Certificate Authority    
Virtual Dir Oracle Virtual Directory  P

Directory Oracle Internet Directory    P  

15
Identity And Access Management
Gartner Magic Quadrants
“Oracle’s offering of IAM products now pushes ahead of other IAM competitors such as
BMC, Computer Associates International, Hewlett-Packard, IBM, Microsoft, Novell and
Sun Microsystems” - Roberta Witty, Gartner

16
Identity And Access Management
Burton Group endorsement
“Oracle's acquisition of Thor and OctetString is a good move. These acquisitions coupled
with Oracle's unique application top down approach to Identity Management will send
ripples through the industry.”- Mike Neuenschwander, Burton Group

17
Identity And Access Management
The Forrester Wave
The Forrester Wave™: Identity And Access Management, Q1 2008
Oracle Emerges As Leader, With IBM, Sun Microsystems, Novell, And CA Close Behind

Forrester evaluated leading

identity and access management
(IAM) vendors across 117 criteria
and found that Oracle has
established itself as the IAM
market Leader due to its solid
technology base across the IAM
landscape and its compelling,
aggressive strategy around what
it refers to as application-centric
identity.

18
Identity And Access Management
Business Benefits

Reduce security risks with ease of usage

Ensure compliance with corporate policies and regulatory
requirements

Dramatically reduce the cost
of providing and managing
access to valuable corporate
Resources.

Increase productivity and
Operational efficiency

Enable IT to be more
responsive to evolving business requirements

Increased partner integration
19
Identity And Access Management
A demand of the future

Users will ask for more security of their identities.

Users will demand more control over identities(CardSpace and
OpenID).

Businesses will not survive without federations(Eg. Shibboleth).

IAM will save huge number of dollars from the help desk.

IAM will save phenomenal manual efforts and dollars spent in
Audit and Compliance.

“Identity management isn't something transient — it's not a fad,

nor will it go away. It's here to stay and it's decidedly not getting
any easier. Address it now, and you'll be ahead of the game.”
Dave Pickens
Principal Engineer – Sun Microsystems 20
Identity And Access Management

References:-
www.gcoug.org/presentations/Oracle%20AIM_JUNE_2006
.PPT by Rafael Torres

http://soug.acomp.usf.edu/TechDay2008/Bill_Nelson-
IdentityManagement.pdf by Bill Nelson

21
 Thanks for Supporting NCOAUG

• For more information contact:

– Eugene Breger
847-331-5554
gbreger@newgenusa.com

EMPOWER Your Business

–2400 E Devon Avenue
Suite 266
Des Plaines, IL 60018