PINGONE IDAAS:
What You Need to Know
Ian Jaffe
Email: ijaffe@pingidentity.com
Copyright © 2014 Ping Identity Corp.All righ...
OVERVIEW
PingOne Service
Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 3
What is PingOne?
Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 4
• Cloud-based...
What are the various versions of PingOne?
Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights ...
Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 6
What are the various versions ...
Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 7
More to Know about PingOne for...
Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 8
How does the Cloud User Store ...
What does the PingOne infrastructure look like?
Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All r...
What can be found in the App Catalog?
Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights rese...
How does AD Connect with IIS work?
Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserve...
How does AD Connect work?
Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 12
•  ...
What other IdPs are Supported?
Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 1...
What about Provisioning?
Copyright © 2014 Ping Identity Corp.All rights reserved. 14
• Provisioning
–  Many applications a...
Exercise One: Joining PingOne For Groups
Copyright © 2014 Ping Identity Corp.All rights reserved. 15
•  https://www.pingid...
Exercise Two: Utilizing Basic SSO
Copyright © 2014 Ping Identity Corp.All rights reserved. 16
•  From the CloudDesktop, se...
Exercise Three: Train your own Basic SSO app
Copyright © 2014 Ping Identity Corp.All rights reserved. 17
•  Login to the P...
Exercise Four: Mobile Access
Copyright © 2014 Ping Identity Corp.All rights reserved. 18
•  The PingOne mobile application...
Any Questions?
Copyright © 2014 Ping Identity Corp.All rights reserved. 19
CIS14: PingOne IDaaS: What You Need to Know
Upcoming SlideShare
Loading in …5
×

CIS14: PingOne IDaaS: What You Need to Know

767 views

Published on

Ian Jaffe, Ping Identity
How to manage identities, how you can get a jump start for the identity revolution, and how to do it all using your existing infrastructure without having a duplicate identity in the cloud, using PingOne.

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
767
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
42
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

CIS14: PingOne IDaaS: What You Need to Know

  1. 1. PINGONE IDAAS: What You Need to Know Ian Jaffe Email: ijaffe@pingidentity.com Copyright © 2014 Ping Identity Corp.All rights reserved. 2
  2. 2. OVERVIEW PingOne Service Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 3
  3. 3. What is PingOne? Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 4 • Cloud-based SSO Solution • Secure with certificate trust • Built on standards (SAML) • Federated and Basic Apps • Quick to deploy • Optimized for any device
  4. 4. What are the various versions of PingOne? Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 5 •  Employee SSO PingOne for Groups – Free Offering •  Desktop and Mobile •  Basic SSO and SAML •  Cloud Directory •  Web/Email Support •  Limited to 5 Applications PingOne for Enterprise •  Adds AD Connect Capability •  Multi-Factor Authentication •  Provisioning •  24x7x365 Support (email, phone & web) •  Adds On-Premise Identity Store Integration (AD/LDAP/DB,WAM) •  Adaptive Authentication
  5. 5. Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 6 What are the various versions of PingOne? •  PingOne SSO For SaaS Apps – SAML enable your applications – Single connection to PingOne for all your customers – REST-based API and source code available – Supports both private and public applications
  6. 6. Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 7 More to Know about PingOne for Groups •  Supports SSO to virtually any application –  Basic SSO for apps with a username and password –  Federated SSO for standards based SSO using SAML •  1,000’s of applications via the PingOne app catalog –  Other applications can be added manually •  Authentication Policy Support •  Autostart Application Functionality
  7. 7. Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 8 How does the Cloud User Store work? •  Web based administration screens – Manually create users – Bulk load via CSV in PingOne for Enterprise – Attribute mapping depends on the available attributes •  Search through user list
  8. 8. What does the PingOne infrastructure look like? Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 9 •  Deployment/Infrastructure – Composed of many different services and subsystems – Three primary data centers in the US – 24/7/365 Supervision. 99.9% uptime – All data centers are SOC II compliant – Detailed logging and monitoring http://uptime.pingidentity.com/ https://status.pingidentity.com/ https://www.pingone.com/security
  9. 9. What can be found in the App Catalog? Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 10 •  Application Catalog – Self-Service Configuration and Management – Hundreds of SAML Applications – Over 1,000 Additional Basic SSO Applications – Through a SaaS SSO Account after SAML enabling and integrating an application it can be added to the catalog
  10. 10. How does AD Connect with IIS work? Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 11 •  AD Connect with IIS – Authentication Utility – Leverages Active Directory – Uses the SAML Standard – Provisioning Capability – “Point, Click and Configure” Deployment Requirements: Windows 2008 R2 or Windows 2008 R1 - 32-bit and 64-bit or Windows 2012 Processor: Single processor with 1.4 GHz (x64 processor) or 1.3GHz (Dual Core) Memory: 1024 MB RAM
  11. 11. How does AD Connect work? Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 12 •  AD Connect (AD Agent) –  Does not require IIS –  No need for certificates –  Ping-managed High Availability –  Provides Delegated Authentication Capability –  Receives Authentication Requests,Validates Credentials, and Sends User Attributes –  Option in the AD Connect Installer
  12. 12. What other IdPs are Supported? Confidential — do not distribute Copyright © 2014 Ping Identity Corp.All rights reserved. 13 •  PingFederate – 80 integration kits. Connect to any identity store and application, on-premise and cloud •  Cloud User Store – Built into PingOne •  Salesforce as an IdP – Use Salesforce’s Identity Info •  Google as an IdP – Use Google’s Identity Via OpenID •  Other Third-Party Options – ADFS,Any SAML Solution
  13. 13. What about Provisioning? Copyright © 2014 Ping Identity Corp.All rights reserved. 14 • Provisioning –  Many applications are supported via their Provisioning APIs –  Works with both AD Connect and PingFederate –  Provides one convenient + central location to manage users –  Supports multiple domains/forests and child domains
  14. 14. Exercise One: Joining PingOne For Groups Copyright © 2014 Ping Identity Corp.All rights reserved. 15 •  https://www.pingidentity.com/en/products/pingone/sign-up-free.html •  Get your welcome e-mail and click ‘Activate’ •  Fill in profile information including a password. Logo is optional. •  Click ‘Create Account’ and select four applications for your desktop •  Click ‘Next’ and Install the Browser Plugin •  Define a privacy key. These applications are Basic SSO so let’s try out the functionality
  15. 15. Exercise Two: Utilizing Basic SSO Copyright © 2014 Ping Identity Corp.All rights reserved. 16 •  From the CloudDesktop, select an application •  Follow the CloudDesktop extension prompts and click ‘Save’ •  Logout of this Application •  Return to the portal and click the Application Link (Credentials replayed at this point) •  Return once again and select ‘Customize’ •  Select ‘Manage Application Passwords’ and view Application info
  16. 16. Exercise Three: Train your own Basic SSO app Copyright © 2014 Ping Identity Corp.All rights reserved. 17 •  Login to the PingOne Administrative Console •  Click ‘Applications’ and click ‘Add Application’, ‘New Basic SSO’ •  Click the ‘Begin’ button and specify URL to train •  Follow the steps including selecting Username + Password fields •  Optionally add images for logo and icon and select ‘Save’
  17. 17. Exercise Four: Mobile Access Copyright © 2014 Ping Identity Corp.All rights reserved. 18 •  The PingOne mobile application works for both SAML + Basic SSO •  Download the app from either iOS App or Android Play Store •  Launch the App and enter your Company ID •  Enter login credentials •  Select the app of your choice here that is configured for Basic SSO
  18. 18. Any Questions? Copyright © 2014 Ping Identity Corp.All rights reserved. 19

×