Novell Nsure Identity Manager 2 Competitive Overview Deven Macdonald PM, Nsure Identity Manager Novell, Inc. [email protected] Justin J.

Download Report

Transcript Novell Nsure Identity Manager 2 Competitive Overview Deven Macdonald PM, Nsure Identity Manager Novell, Inc. [email protected] Justin J.

Novell Nsure Identity Manager 2 Competitive
Overview
Deven Macdonald
PM, Nsure Identity Manager
Novell, Inc.
[email protected]
Justin J. Taylor
Chief Strategist, Digital Identity
Board Member, Liberty Alliance
Novell, Inc.
[email protected]
Business goal = the agile enterprise
Employees
Partners
B2B
Marketing
Sales
Customers
Your business
Finance
2
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Customer service
Identity Management
Overview
Identity = How user information is represented in all the IT systems
throughout the organization…
Identity Management = Setting and acting on policies for identity
information, regarding security, organization, granting of access, etc.
Why do we care about Identity Management?
•
•
•
•
•
3
Reduce administration and help desk costs
Improve security
Enhance end-users’ productivity and satisfaction
Ensure business policies are followed
Provide confidence to be able to do business
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Islands of Isolated Data
HR
ERP
Operating
System
Database
Mail
Directory
PBX
4
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Sharing data through an identity vault
HR
Database
ERP
Operating
System
Identity Manager
Mail
Directory
PBX
5
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Managing the User Lifecycle
Provisioning
Relationship
Begins
Promotion
Routine User
Administration
Move
Locations
USER
LIFECYCLE
New
Project
Forgot
Password
De-provisioning
6
Relationship
Ends
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
Password
Expires
November 6, 2015
Password
Management
Identity Management
The need to understand competitive offerings
Growing Identity Management needs by
organizations world-wide continue to stimulate
growth in the Identity/Provisioning market.
On-going market growth = More Competition
What is the difference between these offerings?
What is the best solution for you?
7
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Decision Criteria?
Decision Criteria
Considering an Identity Management Solution
Areas of Consideration
Product
Functionality
•Automated
Administration
•Dynamic Rules
Engine
•Password
Management
Connectivity
Technical
Architecture
•Connectivity
•Architecture
•Platforms,
Directories
•Performance
•Database
• Security
•Applications
•Rapid
Development
and Deployment
•Role-based Access
•Workflow
•Platforms
Cost and
Viability
•Initial Investment
•Software and
Service Costs
•Hardware Costs
•Services Costs
•Financial, Market
Organizational
Viability
•History
9
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Vision and
Service
•Product Vision
•Services
•Company
•Professional
Services
•Support
Functionality
Product
Functionality
•Automated
Administration
•Dynamic Rules Engine
•Policy Based
Provisioning
•Password
Management
•Workflow
10
Administration
•Present data in a single location from which administrators applications and users
can access or manage the identity
•Robust and flexible rules for definition of data like associations, mapping, and
transformation policies
•Real-time event based provisioning (linking various sources of data to comprise and
identity and perform automated functions)
Dynamic Rules Engine
•Defining policy (rules) to manage flow, ownership and structure of information from
one or many systems into others (controlled automatic distribution of resources).
•Manage data and resolve conflicts between data to reduce duplication, inconsistent,
out-of-date or redundant data across multiple systems.
Policy Based Resource Provisioning
•Provisioning of access based on a users role, entitlements, rights, prerequisites, etc.
•Policy enforcement ensuring new policy and changes are pushed and tracked across
all platforms.
Password Management and Workflow
•Password strength, reset or change, self-service, bi-directional synchronization
•Password policy enforcement
•Routing, notification and approval (SMTP client or web service)
•Delegation and escalation
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Connectivity
Connectivity
•Connectivity
•Platforms,
directories and
database integration
•Applications
Connectivity
•Ability to integrate with target applications
• Real-time triggers
• Non-intrusive
•Secure communication and authentication
•Extensive connectivity to meet all business needs
Platforms, Directories, and Databases
•Provision user accounts, group’s and rights
•Integration with the following:
• Database
• Directory
• Mainframe
• UNIX
Applications
•Target business applications
•Web Servers
11
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Technical Architecture
Technical
Architecture
•Architecture
•Performance
•Platforms
• Security
•Rapid D&D
12
Architecture
•Infrastructure requisites for use (impact on existing architecture)
Performance
•Scalability in the enterprise
•Reliability and Usability
•Logging, monitoring ability
Platforms
•Flexibility and support of widespread platforms (Database,
Server, Client and Directory support)
Security
•Authentication, data integrity, password usage/encryption
Rapid Development and Deployment
•Ease of implementation
•Rich customization capabilities
•Supporting resources (documentation, product availability,
delivery)
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Cost and Viability
Cost and
Viability
•Initial Investment
•Software and
Service Costs
•Hardware Costs
•Financial, Market
and Organizational
Viability
13
Initial Investment
•Consideration of total initial acquisition costs (licensing,
deployment, consulting, training, on-going support)
Software and Service Costs
•Pricing availability (pre server and/or per seat)
•Subscription, straight purchase, etc.
Hardware Costs
•Percentage of existing architecture that can be leveraged
•Future priorities and areas of focus
Financial, Market, and Organizational Viability
•Vendor size, financial stability, existing customer base, market
growth
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Vision and Service
Vision and
Service
•Vision
•Company
•Professional
Services
•Support
14
Vision
•Proven vision and product strategy
•Long-term viability of an organization within the Identity
Management market
Company
•Company history
•Long-term goals improving on existing strengths and competencies
•Market exposure
Professional Services
•Availability of technical resources, quality, technical depth
•Demonstration of client satisfaction and long-term track record in
market
Support
•World-wide support infrastructure
•Proven problem resolution, on-going support and maintenance
throughout product lifecycle
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Competitors
Who are the key players?
Top Tier Vendors
These vendors:
•Provide a comprehensive
set of IdM products
•Own a directory/
metadirectory platform
•Provide related solutions
•WW value delivery ability
•Significant customer base
•Acknowledged leaders by
Analyst firms
Players
•IBM: Tight with CSIs.
Marketing muscle. Big
ticket.
•Novell: Technical
superiority, xplat
specialty, more
affordable.
16
Top Tier Contenders
Lack one or more key
attributes of Top Tier,
but could or will close
the gap.
Players
•Microsoft: Moving to Top
Tier.
•CA: Weaker offering
without integration
•Oracle: Moving into IdM,
but lacks metadirectory
•Sun/Waveset: Strongest
on SunOne but weak
solution
•HP: Only needs an
acquisition to play.
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Niche Vendors
Focus on one or two
specific functions.
Architectures tend to run
out of gas when scaled or
stressed. Seeking
investment, partnering or
acquisition by Top Tier.
Players
•BMC
•Courion
•M-Tech
•MaxWare
•Netegrity/Business
Layers
•Critical Path
•Etc.
Leadership Recognition
“Microsoft and Novell emerge as early and
obvious winners in the metadirectory
market with products that have
significant market penetration, the
backing of stable and committed
vendors and broad offerings in which
their metadirectories serve a strategic
purpose.”
-Giga Research, September 2003
IBM, Microsoft and Novell are currently
jockeying for position in the emerging
identity management market. Novell
currently leads the "full suite" market
segment with 25% market share, with
the others following closely.
-Radicati Group, November 2003
17
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Leadership Recognition
“The metadirectory service
Magic Quadrant shows the
metadirectory market is
maturing quickly, with Novell
leading the pack toward the
future.”
Gartner Research Note
August 2002
“We continue to view [Novell]
DirXML as market leading
technology”
Gartner Research Note
September 2003
18
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Functionality
Connectivity
Technical Architecture
Cost and Viability
Vision and Service
Things we do right…
• Centralized points of administration and web-based management
• Robust dynamic rules engine
• Flexible policy definition and policy based resource provisioning
• Provide a secure and consistent repository
• Open architecture
− Scalable
• Comprehensive connectivity
− Real-time, event based, non-intrusive
− Password synchronization
• Password Management
• Audit and Logging
• Rapid development and deployment
• Richest set of identity management solutions
• Proven software and services
Things to watch out for…
• Novell !
19
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Things they did right…
•
Web-based access and management
•
Functionality
Connectivity
Technical Architecture
Cost and Viability
Vision and Service
A nice wrapper around acquired pieces
–
MetaMerge Admin Console/Graphical Development
Environment
Things to watch out for…
•
Questionable architectural synergies of IBM’s acquisitions
•
Significant effort required to change policy configuration (role
definitions)
•
Limited connectivity
–
Heavy reliance on standards and protocols for integration
•
Limited password synchronization
–
Password interceptor (Win 2000)
•
Prohibitive long-term costs for product and services
•
Require customers to trust their ability to deliver
–
20
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
Result of their strategy to outspend and out position
competitors
November 6, 2015
Things they did right…
•
•
Good management interfaces
Relatively low cost ($25,000 for Enterprise Edition, $19,000 for
MS SQL)
Things to watch out for…
Functionality
•
Not cross-platform. Works only on Windows 2003 Server only
Connectivity
•
Requires MS Visual Studio for policy creation
Technical Architecture
•
Not integrated with Active Directory
Cost and Viability
–
Uses an intermediate data store (MS SQL)
Vision and Service
–
Not real-time
•
•
21
Limited connectors (generic/standards based). Do not plan to
provide any sort of connectivity with an ERP.
–
Vision demonstrates Meta-directory focus only
–
Missing key host integration components
Concentrates solely on the meta aspects of Identity Management
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Things they did right…
•
Strong use of LDAP, directory integration
•
Acquired niche “Cinderella” provisioning company
Things to watch out for…
•
Hasn’t seen development until recent years
Functionality
–
Connectivity
•
Limited connectors, connector development is very difficult
Technical Architecture
•
Overlap between products
–
Cost and Viability
Vision and Service
22
Compilation of several offerings
•
Sun’s meta-directory and Waveset’s Directory Master
products
Un-flexibile architecture
–
WaveSet’s rigid architecture is tactically oriented
–
Not able to scale as customer’s needs evolve
•
Historical weakness integration acquisitions
•
Weak supporting service programs
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
–
WaveSet had established strong CSI relationships, Sun’s
acquisition of WaveSet will have adverse impace
–
Consulting, technical support, developer support
November 6, 2015
Niche Vendors
(BMC, CA, Critical Path, MaXware, Thor, Courion, etc.)
Things they did right…
Functionality
Connectivity
Technical Architecture
•
Point solution for managing employees
•
Good management and configuration tools
•
Web-based management
•
Niche specific proficiencies (ie password management, reporting
and auditing)
Things to watch out for…
•
Not a comprehensive offering
Cost and Viability
–
Architectural concerns (no underlying directory)
Vision and Service
–
Mis-matched components
•
Scalability limitations
•
Uni-directional, not real time
•
No central point of administration
–
•
23
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
Hindrance to deployment and management
Wearing acquisition targets
November 6, 2015
Cumulative Return On Investment
Identity & Access Management
Identity-Enabled
Applications
Provisioning
Directory
Infrastructure
Access Control
•Process
automation
•Portals/content
management
•Collaboration
•SSO/reduced SSO
•CRM
•Directory
Services
•Workflow
•RBAC
•De-provisioning
•Help Desk
•Password Sync
•Policy-based
access control
•Auditing and
reporting
•Supply chain
integration
•Delegated admin
•Secure wireless
Web Services
24
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Award-winning solutions
Novell Nsure solution:
“…we gave Novell our Editor's Choice.”
― From Network Computing’s Secure Enterprise 2003 Identity
Management Suites Review
Novell Nsure:
“Finalist for Best Security Product.”
-LinuxWorld January 2004
Novell Nsure SecureLogin:
“Recommended”
- From SC Magazine February 2004 Single Sign-On Group Tests
26
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Other Sessions of Interest
Other Sessions of Interest
Introductions, Case Studies, Dev Hands-on
INTRODUCTIONS, OVERVIEWS, AND FUTURES
IO160: Provisioning Comes of Age
IO144: Nsure Audit: What's New and Beyond
IO163: Understanding the Big Picture of Secure Identity Management
IO164: Identity Integration: The Foundation for Becoming an Agile Enterprise
IO165: Novell Account Management Overview and Futures
IO166: Nsure Identity Manager 2 (formerly DirXML) Competitive Comparisons
IO264: Overview of the Nsure Identity Manager 2 (formerly DirXML) Deployment Studio
BUSINESS CASE STUDIES
BUS163: Making the Business Case for Secure Identity Management
BUS165: Case Study: Asset Management within the Context of Identity Management
BUS166: Layered Secure Identity Management: Balancing Business and Technical Needs
BUS250: Combining Corporate Trees with Nsure Identity Manager 2
BUS251: Creating an Identity-Based Portal at the State of Nebraska with Novell
BUS261: Implementing Secure Identity Management in Government Organizations
BUS269: Case Study: DirXML Implementation at Waste Management
BUS361: Building the Employee Portal at Lufthansa with SAP Enterprise Portal 6
DEVELOPER HANDS-ON
DHO260: Implementing DirXML Style sheets
DHO262: Provisioning for Developers with Novell Identity Manager
DHO361: Nsure Identity Manager 2 Hands-On Developer Lab
28
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Other Sessions of Interest
Developer Lectures, Technical Tutorials
DEVELOPER LECTURES
DL263: Nsure Identity Manager 2 (formerly DirXML) Developer Overview
DL361: Nsure Audit: Instrumenting Custom Applications
DL362: Nsure Audit Essentials
TECHNICAL TUTORIALS
TUT105: Hands-On: Implementing Nsure Identity Manager 2 (formerly DirXML)
TUT163: Configuring Nsure Identity Manager 2 (formerly DirXML) for Enterprise Applications
TUT165: Configuring Nsure Identity Manager 2 (formerly DirXML) for Schools Interoperability Framework
TUT166: Configuring Nsure Identity Manager 2 (formerly DirXML) for GroupWise®3
TUT259: Password Synchronization Across Novell eDirectory, Microsoft Active Directory* and Windows NT*
4
TUT264: Password Management with Novell Identity Manager 2 (formerly DirXML)
TUT265: Troubleshooting Nsure Identity Manager 2 (formerly DirXML)
TUT266: Implementing Nsure Identity Manager 2 (formerly DirXML) Policies
TUT267: Configuring Novell Nsure Identity Manager 2 (formerly DirXML) for JDBC
TUT268: Advanced Configuration for Active Directory Using Nsure Identity Manager 2 (formerly DirXML)
TUT285: Architecting Identity Management Solutions
TUT286: Comprehensive Password Management: From Policy Definition to Deployment
TUT287: Configuring Novell Nsure Identity Manager 2 for IBM Lotus Notes
TUT366: Designing Secure Identity Management Solutions
TUT367: Secure Identity Management: Assessing Your Requirements
TUT381: Installing and Configuring the Novell DirXML Mainframe and IBM AS/400* Drivers
TUT383: Upgrading to Nsure Identity Manager 2 (formerly DirXML)
TUT384: Understanding the Architecture of Nsure Identity Manager 2 (formerly DirXML)
29
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Questions & Answers
31
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015
Unpublished Work of Novell, Inc. All Rights Reserved.
This work is an unpublished work and contains confidential, proprietary, and trade secret
information of Novell, Inc. Access to this work is restricted to Novell employees who have
a need to know to perform tasks within the scope of their assignments. No part of this
work may be practiced, performed, copied, distributed, revised, modified, translated,
abridged, condensed, expanded, collected, or adapted without the prior written consent
of Novell, Inc. Any use or exploitation of this work without authorization could subject
the perpetrator to criminal and civil liability.
General Disclaimer
This document is not to be construed as a promise by any participating company to
develop, deliver, or market a product. Novell, Inc., makes no representations or
warranties with respect to the contents of this document, and specifically disclaims any
express or implied warranties of merchantability or fitness for any particular purpose.
Further, Novell, Inc., reserves the right to revise this document and to make changes to its
content, at any time, without obligation to notify any person or entity of such revisions or
changes. All Novell marks referenced in this presentation are trademarks or registered
trademarks of Novell, Inc. in the United States and other countries. All third-party
trademarks are the property of their respective owners.
32
© 2003 Novell Inc, All Rights Reserved. Confidential & Proprietary
November 6, 2015