Novell Home

They say a picture is worth a thousand words, and in the complex world of Identity Management this maxim has never been more true. Novell Designer for Identity Manager (or just, Designer) is a powerful graphical environment that helps you visualize, architect, design and implement identity solutions based on Novell Identity Manager.

Implementing and managing an enterprise identity management infrastructure has never been a simple fix. After all, we're talking about facilitating secure and reliable communications between a myriad of participating systems, from data vaults, to back office databases, to applications, to end users. In fact, the complexity of the solution has prevented some from implementing the complete identity solution they need. And in today's information-driven world, that's a dangerous place to be.

Identity Management?
Identity is a critical component of most any online activity. Identity determines entry, access and content in almost all online transactions, whether inside or outside of an organization's firewall. Without confidence in your ability to properly identify a user, the whole concept of online security breaks down. And yet, today's complex computing environments involve sometimes hundreds of different touch points that require identity to properly manage access. Manually managing an identity environment such as this, while still providing a reasonable level of confidence, is simply impossible.

Novell Identity Manager (novell.com/products/identitymanager) simplifies the process of identity management. It provides automated user provisioning and password management; delivering first-day access to new users, modifying or rescinding access as necessary across all systems, and synchronizing multiple system passwords into a single strong password. Identity Manager controls user administration costs, eliminates complex manual processes, and enforces consistent security enterprise-wide–all while providing users access to the right resources to do their jobs.

Digging into Development

Designer represents a new type of development process at Novell. Known as Iterative Development, this process relies on fairly short (6–8 week) iterations during which new features are added, debugged and tested all at once. At the end of each iteration, the team produces a Milestone build of the product that incorporates all the additions of that iteration. The iteration schedule is an ongoing cycle, but every so often, as dictated by release schedules and other external events, a series of Milestone builds is rolled together to produce a version of the product that is ready to be shipped.

"This development process permits an unprecedented degree of customer involvement", said Bill Street, Engineering Manager for Novell's Designer team. "I really think this is the ideal way to do software development. It makes us validate early, and often, with our customers, and really helps us get it right." In fact, the Designer team provides customer access to its daily engineering builds (novell.com/coolsolutions/dirxml/designer) so they can participate in the development process, make comments and suggestions via the Novell bug tracking system, and even vote on feature importance to help the engineering team properly allocate its resources.

Identity Manager abstracts a user's identity complexity away from the user and the help desk. This is of tremendous benefit since it improves security, increases productivity and reduces costs. Unfortunately, the underlying problem of complexity remains. Behind the scenes, System Administrators, IT architects and CIOs are still saddled with the increasingly difficult task of managing all these identity relationships. Designer is the next step in simplifying enterprise identity management.

Novell recently released Designer 1.2 as part of Identity Manager 3.0.1. It provides new and enhanced features, and delivers an even more robust development environment for your identity solutions.

Novell Designer is a powerful graphical environment that helps you visualize, architect, design and implement identity solutions based on Novell Identity Manager.

So What is Designer?
Designer is a graphical design, implementation and documentation environment for Novell Identity Manager. It specifically addresses the needs of identity architects and consultants that are brought in to design and implement an organization's identity solution. It provides very granular control over an identity project, and delivers simplified tools that more efficiently move the project from inception, through design and implementation, to hand-off. This reduces time and costs associated with the project and a provides a quicker return on investment.

Identity Management is a complex problem, and identity solutions that leverage Novell Identity Manager make heavy use of XML and data transformation languages. By abstracting this complexity away from the designer and implementer, Designer lets them focus on creating the very best identity solution rather than struggling with the details of the implementation.

"Designer is all about the four D's: Design, Develop, Document, and Deploy", says Volker Scheuber of the Designer engineering team.

  • Design: Designer is a one-stop design shop for Identity Manager solutions. It provides a variety of views for architects and designer's T that let them model and review every aspect of the solution. In fact, Designer provides robust Project Management capabilities, including simultaneous project development, packaging projects into zip files, e-mailing project files, incorporating project docs, such as spreadsheets, and importing/ exporting projects or project components.

  • Develop: Designer provides tools for building the identity solution once it is designed. Configure drivers, filters and rules that implement the identity-related system communications you need. One of Designer's critical development features is its simulation and debugging tools, which let you put all, or any part of, an identity solution through its paces to make sure you are getting the desired results. All of this without connecting to a live environment.

  • Document: Once an identity solution is ready for deployment, one of the most difficult tasks is to go back and document the solution configuration. Designer eliminates the effort by automating the solution's document creation. With the push of a button, you can create the documentation necessary to hand off the solution to those who will manage it on a day-to-day basis. It is also an invaluable training resource.

  • Deploy: Designer is not just a modeling environment, but when connected to your production environment, it can push the solution out to involved systems, including Identity Vaults, database servers, application servers and infrastructure servers.

Novell Designer clears away the clutter and complexity so you can focus on designing and implementing the solution, and not get caught up in the minutiae of the underlying protocols and technologies.

Prior to Designer, Identity Manager relied solely on iManager plug-ins to provide the identity management interface. While iManager provides a Web-based, manage-from-anywhere, interface suitable for day-to-day administrative functions, it was not optimal for the design and modeling activities that are so crucial to a successful Identity Manager implementation. Designer complements Identity Manager's current iManager-based administrative options with a robust Integrated Design Environment (IDE) that you can carry with you for disconnected design, testing and documentation that is difficult or impossible with iManager.


How Does it All Work?
Designer is implemented as a series of plug-ins (roughly 50) to the Eclipse framework (eclipse.org.) Eclipse is an open source project that provides an extensible development platform and application framework for building software tools. By using Eclipse, Novell is able to exploit existing platform support and integration technology, liberating itself to concentrate on Designer's core value rather than first reinventing the wheel. The Eclipse Platform is written in Java and comes with extensive plug-in construction toolkits and examples. Designer leverages the Eclipse SWT Toolkit to provide native look and feel, and performance across both Linux and Windows platforms.

Designers by the Dozen

One interesting aspect of Designer for Identity Manager is how easy it is to apply this type of management solution to address other problems. Its very likely that Designer for Identity Manager will continue to sprout new functionality through the addition of new Eclipse plug-ins. In fact, work is already underway on a product that adds data validation and cleansing capabilities to Designer for Identity Manager.

And Designer may be destined for more than just Identity Manager. Because Designer is built on the Eclipse framework, there is no reason that additional "Designers" can't be built for other complex configuration and deployment scenarios.

Consider Novell ZENworks Suite, which provides robust management of network infrastructure. A ZENworks Designer could let you model and deploy resource management solutions using a similar methodology to that used by Identity Manager. Or how about an eDirectory Designer that lets you model and design a Novell eDirectory implementation, including replica design and placement, before installing a single server.

Although Novell hasn't committed to anything yet, its safe to say that Eclipse-based Designers may become more prevalent as a way to simplify the design, deployment and management of today's complex IT infrastructures.

Designer's user interface is familiar and easy to navigate, and the Eclipse plug-ins provide a broad range of tools for interacting with the Identity Manager environment. (See Figure 1.) Among these are the following:

  • Modeler: The modeler is Designer's primary work space. It is a visual editor from which you can design projects. It is your primary means of interacting with Designer. All other editors, views and dialog boxes support and provide functionality to the Modeler. To create a project, simply drag objects from the Palette into the Modeler. Then arrange and configure the project components as needed. Sounds easy, doesn't it. But we all know the devil is in the details.

  • Policy Builder: The Policy Builder view lets you drill down on specific data flows in your identity solution. It provides a Policy Flow diagram from which you can display current data flows, and define how to apply individual policies as data is synchronized between participating systems. (See Figure 2.)

Policies customize the flow of information into and out of Novell eDirectory for a particular environment. For example, one system's main user class might be User, while another's is OrgPerson. Policies let you identify this difference to make sure that user-related data is properly applied during data synchronization. Policies can also create new objects, update attribute values, make schema transformations, define matching criteria and maintain Novell Identity Manager associations, among many other things.

  • Workflow Designer: Workflow Designer is an add-on plug-in for Designer that supports Identity Manager-based User Applications (White pages, Org charts, User search, etc.) and the Provisioning Module for Identity Manager, which offers initiation and monitoring of business-level workflows (cell phone request, expense reports, facilities request, etc.)

  • Directory Abstraction Layer Editor (DALE): Related to the Workflow Designer, DALE lets you define directory abstraction layers used to create composite data objects that support the desired user application or provisioning task. Directory abstraction layers are a set of data definitions that provide a logical view of one or more Identity Vaults. DALE lets you change the abstraction layer's data definitions as needed to support the desired user application or provisioning workflow.

The descriptions above just scratch the surface of Designer's capabilities. To get the complete picture of Designer's capabilities, check out the Designer for Identity Manager documentation at novell.com/documentation/designer12.

Conclusion
Designer proves the old adage...a picture really is worth a thousand words...particularly when that picture gives you a clear idea of your identity solution. Designer clears away the clutter and complexity so you can focus on designing and implementing the solution, and not get caught up in the minutiae of the underlying protocols and technologies.

Novell Identity Manager is already the leading identity solution in the market, now Designer lets you leverage Identity Manager to create identity solutions more easily than ever before. And that's a picture you can spend some time admiring. red N

The Bull's Eye

Based on user response, Designer is hitting its target of making identity design and deployment easier. Consider the following:

"Using Designer for Identity Manager has cut our development time for an Identity Management project almost in half. Drag and drop, wizards and features like document generation increased our "get-the-job-done" efficiency whereas features such as Simulation and Workflow Editor enable us to do things we could not do in the past. A customer was stunned when we showed them how easy it is to build customized workflows in Designer for Identity Manager. As a matter of fact, this customer, without any IT knowledge, is now building their own workflows." (July 7, 2006)

R.G.A. Epping
Senior Identity Management Consultant
Webflex, The Netherlands

 

"Designer has really pushed our IDM practice further. Our discovery and design time has been shortened, we can develop more effectively with portable code wherever we need to be, our documentation is produced more completely, consistently, and in half the time, and we can provide post deployment support in almost real time from anywhere with only e-mail access. Designer has improved every phase of our IDM projects." (March 24, 2006)

Jim Gerken
Identity Management Lead
Novacoast, Inc.



© 2014 Novell