Next generation access management
December 13th, 2006 by Jeff Jaffe
In my last posting, I listed the key challenges facing IT managers in having a simple, easy-to-use access management solution. Among the requirements that I catalogued were:
- Support for federation
- Support for access to Web resources
- Support for access to enterprise applications
- Single sign-on
- Support for a wide variety of I/T solutions (applications and directory structures)
A month ago, Novell began shipping Novell Access Manager 3. It is the first product that addresses all of these needs. It is the first true access manager product for 21st century IT needs, which include Web access, J2EE role calculation, policy-based identity control and identity federation. No other product has the extensive support for Web and federation. The detailed support provided for different computing environments (e.g. eDirectory, Active Directory, Sun One server, any Web application, fine-grained support for J2EE applications) ensures leadership.
Providing this base capability is significant enough. Notable about this product is the additional features and capabilities that it has, as follows:
- Data abstraction layer to deal with different directory access methods. This ensures scalability and growth to deal with diversity of underlying directory solutions.
- Real time auditing, monitoring, reporting, together with reports for Sarbanes-Oxley or HIPAA compliance. In April 2006 Novell acquired e-Security, a leader in secure event management. This was done because of the need to tightly integrate these capabilities into identity management frameworks. After all, the audit trail of who achieved access to what applications is critical to SOX compliance. Novell is now a leader in integrating these capabilities since the connections are built between Novell Access Manager 3 and the Sentinel (e-Security) product (cf. my posting of June 12).
- Support for a wide variety of security approaches including multi-factor authentication and data encryption.
- An administration tool which greatly simplifies access management. We have built in policy-driven management techniques to vastly simplify administration. This also makes access revocation to be as easy as access enablement.
- Scale: Novell Access Manager 3 can support billions of users
- Fault tolerance
- Web content security. Our security solution is not limited to access control.
- Complete Liberty Alliance solution. Liberty Alliance is the standard for identity federation. Other access management vendors have provided toolkits to enable Liberty Alliance, but that is not the same as getting it well integrated, tested, and easy to use; out-of-the-box from the vendor.
- Enhanced enterprise support. Standard identity federation is enhanced for enterprise use by providing extensive control over the types of federation allowed and the source of identity information. While standard identity federation is fully supported, the tools necessary to help an enterprise to consolidate identity to reduce the proliferation of identities are also provided.
For several years, Novell has been an industry leader and thought leader in Identity Management. Recent initiatives such as Project Higgins, the Bandit project (cf. my posting of Aug. 21, 2006), and the e-Security acquisition (cf. my posting of May 15, 2006) have advanced this leadership further. Novell Access Manager 3 is another great example of a thought – leading product that provides immediate customer benefit.