Intelligent Workload Security
Dynamic Control, Portability and Flexibility with WorkloadIQ—Secure
Written by Ken Baker
In your physical and virtual environments when a user logs into a server and accesses certain files, you have the ability to view that activity within your log files. However, when you move your workloads to the cloud, its services and operating system might not be in your control. The workload might be hosted on a service provider’s machine with layers of firewalls and proxies that prevent you from establishing the peer-to-peer, or point-to-point connections you need to make sure that the right people can access the workload services for the right reasons. The “secure” component of WorkloadIQ solves that problem by allowing you to inject intelligence inside of those workloads with the security and identity and access management layers you need.
As part of its unique approach to enabling intelligent workload management, WorkloadIQ focuses on enabling IT organizations to better manage and optimize their computing resources in a policy-driven, secure and compliant manner across physical, virtual and cloud environments. It gives you a simple way to securely manage workloads across physical, virtual and cloud environments by leveraging the Novell ability to integrate identity and security into everything you do. Using a broad portfolio of WorkloadIQ products, solutions and partners, you can take advantage of those aspects of its intelligent workload management that make the most sense for your organization. While four critical functions make up WorkloadIQ—build, secure, manage and measure—this article deals with the “secure” component of WorkloadIQ.
By leveraging Novell Identity Manager 4, as soon as one of your intelligent workloads comes online, Novell Identity Manager can recognize it as a unique, identifiable entity that can be dynamically provisioned by policy with the appropriate security, user access controls, monitoring and reporting.
Embedded Security Intelligence
Security and compliance are one of the major concerns for any enterprise. You have to ensure that you have the right levels of data protection and access control to protect your intellectual property, control access and to comply with government and industry regulations. That becomes increasingly difficult in a workload management scenario that needs to leverage physical, virtual and cloud environments. Your identity services need to be able to grow as dynamically as your cloud and virtual environment. You need to be able to flexibly manage security within the individual workloads themselves, including user activity monitoring across all of your different environments independent of where the workload actually resides. This type of balanced flexibility and control requires intelligence embedded inside your workloads.
WorkloadIQ delivers that ability by letting you inject or embed an intelligent identity footprint into your workloads. By leveraging Novell Identity Manager 4, as soon as one of your intelligent workloads comes online, Novell Identity Manager can recognize it as a unique, identifiable entity that can be dynamically provisioned by policy with the appropriate security, user access controls, monitoring and reporting. That built-in intelligence can allow Novell Identity Manager to recognize the purpose or context of that workload, talk to it, and act upon it in an appropriate and dynamic manner.
For example, you can use the user application in Novell Identity Manager 4 to trigger provisioning workflows, including leveraging its Role Mapping Administrator to provision the workload with user access authorizations and permissions based on their business roles in your organization. You could have it kick off a workflow process that notifies business managers about the availability of the workload’s services. It could ask them if they want to turn on its access and security, and if so what type of security they want to turn on. Such options might be to leverage policy to automatically provision the workload with Novell Sentinel, Novell Privileged User Manager, Novell Access Manager, or any or all of the components that make up the Novell Compliance Management Platform.
Also, by using standard REST APIs to interact with the workload via the REST interface in Novell Identity Manager, you could also have other services interact with the workload to secure and provision it. The key is that it provides dynamic, flexible and intelligent access based on the purpose or context of the workload. You can determine what you want to happen when that certain type of workload comes online. As a result, you can create very lightweight, highly portable workloads that once injected with this intelligent footprint can be dynamically acted upon, expanded and secured as needed within a matter of hours, rather than the weeks and months that would be required to manually provision and secure other vendors’ workload management solutions. Furthermore, at anytime you have the ability to change or apply new policies that can automatically and dynamically update and change how the workload is provisioned, secured and managed.
With the secure component of WorkloadIQ you also have the ability to easily and dynamically administer your workloads’ access management services from anywhere.
Dynamic, Portable Workloads
With the secure component of WorkloadIQ you also have the ability to easily and dynamically administer your workloads’ access management services from anywhere. This ability ties back to the intelligent identity footprints embedded into your workloads, as well as to the content package manager in Novell Identity Manager.
The content package manager in Novell Identity Manager allows you to easily create, distribute, consume and control your workload policies through modular packages that act as the building blocks for all your policies. This lets you create lightweight workloads with a baseline set of standard policies, and then as needed apply custom policies on top of them in a dynamic matter without having to do any hard-coded point-to-point scripting. So, instead of having to bring in a team of consultants or engineers to write policy code every time you deploy new workloads, with a few simple clicks you can dynamically apply the needed policy packages. In fact, you can even use a smart phone to easily add, modify, or remove policies from any of your workloads, regardless of whether those workloads are physical, virtual or in the cloud. The content package manager also automatically provides you notification of any conflicts or dependencies between policies and then helps resolve them.
- 01. Novell Identity Manager +
- 02. Novell Sentinel +
- 03. Novell Privileged User Manager +
- 04. Novell Access Manager +
- 05. Novell Compliance Management Platform +
- 06. WorkloadIQ Secure +