Your SlideShare is downloading. ×
CIS14: PingAccess 101
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

CIS14: PingAccess 101

373
views

Published on

John DaSilva, Ping Identity …

John DaSilva, Ping Identity
Scott Tomlinson, Ping Identity

A detailed overview of PingAccess, giving you insight into Ping Identity’s next-generation web access management solution to solve your access management challenges.

Published in: Technology

0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
373
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
25
Comments
0
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. PINGACCESS 101 Scott Tomilson – Technical Product Manager John DaSilva – Technical Training
  • 2. Web Access Management How did we get here …
  • 3. Web Access Management – circa 2000 • Designed for Web applications • Agent focused architectures • Single Organization Focus – Federation Standards support as “Add-on” • API Protection for SOAP Web ServicesBuilt for 2000
  • 4. PingAccess 101 a next generation mobile, web and API access management solution
  • 5. What can you do with PingAccess? • Securely expose Web apps and APIs externally • Ease OAuth integration with APIs • Centralize URL level access control policies • Centrally manage Web Sessions • Audit access to everything
  • 6. What Makes PingAccess Unique ? Centralized Web & API Control Lightweight Open Standards Powerful Migration Strategies Identity Auditing
  • 7. PingAccess 101
  • 8. PingAccess 101 – Architecture
  • 9. Front-end Security •  Web –  JWT Session Cookies –  3rd Party WAM Tokens •  API –  OAuth 2.0 Access Tokens
  • 10. Access Control •  URL & Pattern associated policies –  Application and Resource level •  Available Rules –  Authentication Requirements –  Identity Attributes (RBAC & ABAC) –  OAuth Token Scope –  HTTP Request Information –  Time of Day –  IP Address –  Scripting (Groovy) –  Custom (Add-on SDK)
  • 11. Confidential — do not distribute •  HTTP Header Injection •  Mutual TLS •  HTTP Basic •  OpenToken •  3rd Party WAM Tokens •  Custom (Add-on SDK) Unparalleled Flexibility Application Integration - Gateway Copyright © 2014 Ping Identity Corp.All rights reserved. 16
  • 12. Confidential — do not distribute •  HTTP Header Injection •  Web Server Agents –  IIS –  Apache •  Open Agent Protocol –  Enables partners & customers Lightweight & Focused Application Integration - Agents Copyright © 2014 Ping Identity Corp.All rights reserved. 17
  • 13. Administration Beautiful, design focused administration console
  • 14. Administration Backed by developer friendly REST APIs
  • 15. •  Security Hardened •  Performance Engineered •  Built-in Clustering •  Session Management that scales securely –  Client-side Tracking –  Server-side Session Revocation Lists Production Ready Resilient & Scalable
  • 16. •  Heartbeat Endpoint •  Complete Audit trail for: –  Resource Access –  Policy Enforcement –  Administrative Actions –  Splunk/DB/.log storage •  Capacity Planning: –  Response Time Metrics –  Performance Guides Options Monitoring & Auditing
  • 17. PingAccess – How we got here … April ‘13 September ‘13 December ‘13 July ‘14 •  Limited Release •  API Access Management •  Policy Engine •  ABAC / RBAC •  OAuth Scopes •  Request Info •  IP Address •  Time of Day •  Groovy •  OAuth Token Caching •  Initial GA Release •  Web Access Management •  OpenID Connect RP •  Token Mediation •  Clustering Improvements •  Performance Guides •  App-scoped Web Session •  Composite Site Authenticators •  Policy Engine •  Any/All Criteria •  Authentication Selection •  Step-up Authentication •  Auditing & Monitoring Improvements •  Access Control Agents •  IIS 8.x •  Apache 2.2 •  Open Policy Protocol •  Central Session Management •  Single Log Out •  Server-side Tracking •  Add-on SDK •  Administration •  Application Modeling •  Anonymous Resources •  PingFederate Configuration •  Config Backup •  TLS SNI Support •  Auditing/Logging •  Response Time 3.0  2.1  2.0  1.0  
  • 18. THANK YOU! Scott Tomilson – stomilson@pingidentity.com John DaSilva – jdasilva@pingidentity.com