Your SlideShare is downloading. ×
Con8833 access at scale for hundreds of millions of users   final
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Con8833 access at scale for hundreds of millions of users final

310
views

Published on

Venugopal Shastri and Selva Neelamegam's OOW2013 presentation

Venugopal Shastri and Selva Neelamegam's OOW2013 presentation

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
310
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
17
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Hi , Welcome to this Oracle Open World session on Access at Scale for Hundreds of Millions of UsersMy name is Venu Shastri and I am the Senior Product Manager in the Identity Management group with Oracle Fusion Middleware.I will be joined by my colleague, Selva Neelamegam from the IDM Performance team.
  • Here is a an overview of the agenda for this session.We will start with an overview and the key capabilities of the Oracle Access Management solution before we dive into Architecture and Deployment.We will learn how the Oracle Access Management solution supports deployment across multiple data centers which is a pretty typical requirement for large deployments supporting multi-million users.We will also learn some of the best practices to keep in mind for such large deployments.While this will provide you all with a good idea of how we achieve this kind of scalability, I am sure a lot of you will also be interested to know our benchmark figures. WE had already presented the results of our 250 million user benchmark testing in the last Open World. Our performance engineers have been busy all year optimizing it further.My colleague Selva Neelamegam from the IDM Performance team will be joining me to present our findings and share the latest benchmark figures.We will take some questions from the audience before we get into the next part of this session. The customer panel.We have a pretty interesting panel today with some real-world customers who would be sharing their experiences and challenges with their own large deployments.All in all, this will be a pretty packed agenda with a lot of exciting stuff. So lets get started with the…
  • Before we dive into the solution itself, we need to ask ourselves – Why is scalability so crucial? What is driving the demand ? In other words…why are we having this session here today.One of the most common use cases is providing access and SSO for large enterprises with a global work force - hundreds of thousands of employees, contractors, partners. Access management is a critical piece of their infra-structure to ensure their information is secure and access policies are uniformly applied across the enterprise.Over the last decade or so massive internet deployments providing online services or e-commerce have become more common-place. These typically have multi-million user base and need to be up 24 x7. They need to authenticate users accessing their site to provide relevant services.In almost all these cases, access is absolutely mission critical. Authenticating and identifying the user is almost always the first, critical step. Any down-time of the access piece would imply loss of service or loss of business.To add to this demand is what we call the Device Multiplier Effect. Smart phones and tablets are ubiquitous and corporate as well as consumer user’s assume that they will be able to access the same resources and services through these smart devices that they could do through their desktops. Where you had a million desktop requests earlier, you will now have to add a million smart phone requests, a million tablet requests and so on. And all this hits the same access infrastructure increasing the load and scalability requirements.Finally the explosion of social media through Facebook, Google, Twitter etc add another dimension to the demand. It not only adds traffic but also creates the desire to somehow tie the user’s social identity with his identity on the particular site or service and provide a seamless single sign on experience.
  • To cater to these ever-increasing demand on the access infrastructure we here at Oracle created the Oracle Access Management 11g. We believe this is one of the most comprehensive and scalable solutions in the market today.It goes beyond the usual point solutions in the market that address one specific access management requirement. We have taken a platform approach so customers can be confident of meeting not just their current but also future needs from their access infrastructure.
  • While designing the 11g Access solution, we kept the Large Extranets in mind, from scaling perspective.Apart from this internet level scalability, several other features introduced in 11g including mobile security, seamless integration with social identities (like Facebook or Google) combined with powerful fraud prevention capabilities and light weight user management via XE makes the 11g Access the platform of choice to build the next generation Extranet.
  • From an architecture perspective, as some of you may know, Oracle Access Mgmt 11gR2 server infrastructure is built as 100 % Java solution allowing us to leverage the scalability features of the Java platform.And OOTB it is deployed on an Oracle WebLogic Cluster. This not only simplifies installation but also helps us take advantage of the clustering and scalability features of the underlying WebLogic platform.Oracle Coherence provides the high-performance distributed cache that keeps all the nodes of a cluster in sync.And we achieve horizontal scalability within a single data center by adding nodes to the cluster. This provides for balancing the load across multiple nodes as well as failover if one or more nodes were to go down.As the deployment size increases and we need to cater to a global user-base, we need to scale beyond a single data center. Oracle Access Mgmt supports a robust multi data center deployment model allowing user sessions to seamlessly transfer from one DC to another.Finally, I should mention that we have tuned and benchmarked this on the Oracle Exa platform and will be sharing the numbers with you later in this session.
  • This is a quick 101 on the deployment of the Access Mgmt platform.We start off with the Access Mgmt cluster which will have the Access Mgmt admin server running on top of the Weblogic admin server. This provides the console and acts as the “Policy Administration point” or PAP to use the industry terminology . The AM runtime servers run on the managed nodes of the cluster and provide the “Policy Decision Point” for evaluating policies and providing access decisions – Allow or Deny.The administrator would create and manage policies using the consoleWhich get stored in the Policy Store – Oracle DB.When end users try to access any resource, their request gets intercepted by the webgates which act as the “Policy Enforcement Point” or PEP. These webgates interact with the AM runtime servers.If the user is not yet authenticated, the AM server would authenticate the user against the User Store. Once successfully authenticated it establishes a session for that user.It reads the policies for the particular resource in the policy store And based on the outcome of the policy evaluation either allows or denies access to the particular resource.The entire transaction gets recorded and stored in the Audit logs.
  • Now , what happens when we add the mobile clients to the mix.The server infrastructure remains the same – Access Management cluster, the Policy Store, the User store etc.But we added mobile clients which interact with the server infrastructure via the mobile SDK. This ensures that the same set of policies get applied however you access the resource.This also implies that the load of client requests on the server infrastructure increases. So your server infrastructure should scale up to cater to all these requests.
  • So we scale this up within the data center by adding nodes to the cluster. All the nodes read through the same policy store and authenticate against the same user store.The policy enforcements points or clients – whether these are webgates on your web servers or SDKs or custom access clients will be spread across the enterprise And these have specific nodes of the cluster configured as their primary And other nodes as secondary servers.These can be configured with different permutations based on expected load and application characteristics – the load gets spread across multiple nodes and if one or more nodes were to go down, your server infrastructure would still continue to function.
  • Customers can choose to deploy load balancers between the access manager components to simplify the configuration by using virtual host names.However, there are certain constraining requirements to keep in mind when you add a load balancer for managing OAP traffic:- OAP connections are persistent and need to be kept open for a configurable duration even while idle. - WebGates need to be configured to recycle their connections proactively prior to the Load Balancer terminating the connections- The Load Balancer should distribute the OAP connections uniformly across the active Access Manager Servers
  • Coherence is the high performance in-memory distributed caching layer and it is seamlessly integrated with the solution. Administrators do not have to configure or tweak Coherence.It keeps the session data across nodes in sync. So a user can be seamlessly and transparently transferred from one node to the other during his session.
  • Here are some of the high level points about the multi-data center deployment model that we support for Access Mgmt.We support all three models - Active - Active, Active - Passive or Active - Hot Standby deployments. The idea is to enable seamless User SSO as a user gets transferred from one data center to the other. And ensure that his session can continue without interruption.It is important to node that for MDC, the WebLogic domain does not span across data centers. Rather we recommend separate but identical clusters in each data center.In fact, we recommend a master-clone configuration where the policy and configuration changes are done at only one data center which is designated as the master and these changes are synchronized to other clone data centersAdministrators can also configure the Session Adoption Policy to control the behavior when a user gets transferred from one data center to the other and his session gets adopted. Whether the user should be forced to re-authenticate ? Whether the session in the previous data center should be invalidated ? Whether the session data from the previous data center should be retrieved.
  • Lets see how this plays out at run-time.Consider an MDC deployment with 2 data centers. One in New York is the master and the changes are synchronized with the clone data center at London.During normal operations, a User 1 from the US would be routed by the Global Load balancer to the NYDC – due to geographical proximity. And the LDC would be a stand-by for this user.Similarly, for User 2 in Europe, LDC would be the active DC and NYDC would be the stand-by.Both the DCs are active at the same time, catering to different sets of users. The user’s OAM ID cookie keeps track of which cluster does the user have a session.
  • Now , if the NYDC were to get overloaded is completely down, User 1 would get transferred to LDC by the GLB.Based on the session adoption policy, the user will either be challenged to re-authenticate or will be let thru in LDC which will create a new session for this user.The LDC cluster would also make back-channel OAP calls to the NYDC cluster to retrieve the remote session details and invalidate the remote session. Only in the case where the NYDC is completely down and inaccessible, the user would potentially lose his session data though the deployment itself would still continue to be operational.
  • This gives a more detailed picture of the MDC deployment showing the web gates as well as the AM cluster in each data center.The HTTP traffic is routed to appropriate data centers and the web gates in each DC interact with the AM cluster in the corresponding DC.
  • Again, customers could choose to configure local as well as global load balancers to route the OAP traffic across load balancers.So in cases where the data center itself is operational but the AM cluster is completely down, you could potentially have web gates in that data center failing over to the AM cluster in the second data center.These are just some high level scalability use cases for MDC that we are touching on.
  • But the idea is that you can use the MDC deployment to spread your access infrastructure and load across multiple data centers around the world.Reducing network latency for geographically spread out users and ensuring session continuity when users get transferred from one DC to another.
  • Finally, lets look at some best practices to keep in mind for large deployments. This list is by no means exhaustive. We recommend users to follow the EDG and high availability documentation on OTN.It is important to model your resources correctly so you are not evaluating policies unnecessarily. Using Excluded instead of Anonymous.Caching at the agent level has been improved in the 11g deployment and we recommend you to leverage those to reduce latency.Slow network connections between the Web, Middleware and Data Tiers are often the underlying problem. This should be rectified.There are a number of default OOTB settings in the Agent as well as server for connection mgmt, caching etc. These should not be used as-is but tuned for your deployment.Using load balancers have their pros and cons. Customers should leverage these where applicable to improve performance and manageability.There are a number of metrics as well as detailed diagnostics available via the Oracle Data Monitoring Service and exposed via the Enterprise Manager. Administrators should use these pro-actively to address issues before they escalate .
  • Finally, lets look at some best practices to keep in mind for large deployments. This list is by no means exhaustive. We recommend users to follow the EDG and high availability documentation on OTN.It is important to model your resources correctly so you are not evaluating policies unnecessarily. Using Excluded instead of Anonymous.Caching at the agent level has been improved in the 11g deployment and we recommend you to leverage those to reduce latency.Slow network connections between the Web, Middleware and Data Tiers are often the underlying problem. This should be rectified.There are a number of default OOTB settings in the Agent as well as server for connection mgmt, caching etc. These should not be used as-is but tuned for your deployment.Following Maximum Availability Architecture patterns is highly recommended Using load balancers have their pros and cons. Customers should leverage these where applicable to improve performance and manageability.There are a number of metrics as well as detailed diagnostics available via the Oracle Data Monitoring Service and exposed via the Enterprise Manager. Administrators should use these pro-actively to address issues before they escalate .
  • With this, I hand it over to Selva who will be sharing the benchmark figures.
  • Overview and Key Capabilities of the solution
  • Let me take a few minutes to introduce the guests on our panel.
  • With Fusion Middleware, you can extend and maximize your existing technology investment with the same technologies used in Fusion Applications, including embedded analytics and social collaboration, and mobile and cloud computing. Oracle’s complete SOA platform lets your IT organization rapidly design, assemble, deploy, and manage adaptable business applications and—with Oracle’s business process management tools—even bring the task of modeling business processes directly to the business analysts. Oracle Business Intelligence foundation brings together all your enterprise data sources in a single, easy-to-use solution, delivering consistent insights whether it’s through ad hoc queries and analysis, interactive dashboards, scorecards, OLAP, or reporting. And, your existing enterprise applications can leverage the rich social networking capabilities and content sharing that users have come to expect in consumer software. Oracle Fusion Middleware is based on 100 percent open standards, so you aren’t locked into one deployment model when your business requirements change.
  • Transcript

    • 1. 1 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 2. Access at Scale for Hundreds of Millions of Users Venugopal Shastri Senior Principal Product Manager, IDM Selva Neelamegam PMTS, IDM Performance
    • 3. The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 3 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 4. Program Agenda  Overview & Key Capabilities  Architecture & Deployment  Best Practices  250 Million User Benchmark  Customer Panel 4 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 5. Overview & Key Capabilities 5 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 6. Why Is Scalability So Crucial For Access?  Large enterprises with global work-force.  Massive Internet deployments – E-Commerce, Government Services etc  Access is mission-critical. Authentication is often the first, critical step.  Device Multiplier Effect. Hit the same access infrastructure.  Enabling social media further increases traffic. 6 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 7. Oracle Access Management ORACLE ACCESS MANAGEMENT 11G IS THE MOST COMPREHENSIVE AND SCALABLE ACCESS MANAGEMENT SOLUTION IN THE MARKET TODAY 7 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 8. Access for NextGen Extranet Federation & Social Identity  Scales to hundreds of millions of external users  Ability to secure mobile access for Mobile Security Extranet User Mgmt external users  Support for federated users as well as leading social providers  Real-time risk analytics & fraud prevention  Light weight user management and self service 8 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Internet Scalability Self Service FOCUS
    • 9. Architecture & Deployment 9 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 10. Architecture & Deployment  Server infrastructure – 100 % Java Solution  Deployed on a J2EE Container like Oracle WebLogic Cluster  Coherence provides distributed caching within a cluster  Horizontal Scalability achieved via – Addition of Nodes to the Cluster within a data center – Multi-data center Deployment  Tuned and benchmarked on Oracle Exa platform 10 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 11. Deployment Overview Resource Tries to access User Webgates on webservers (acting as PEP) Access Mgmt cluster Allow Or Deny Stores Audit Info Audit Logs Intercepts & Enforces Policies Authenticates against OAP User Store Access Manager Runtime Servers (acting as PDP) Reads Policies Manages Policies Administrator 11 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Stores Policies Access Mgmt Admin Server (acting as PAP) Policy Store
    • 12. Deployment Overview – With Mobile Client Layer Web Gates Access Mgmt cluster Stores Audit Info Audit Logs Authenticates against User Store Access Manager Runtime Servers (acting as PDP) Reads Policies OWSM Mobile SDK Stores Policies Mobile clients accessing same server infrastructure 12 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Access Mgmt Admin Server (acting as PAP) Policy Store
    • 13. Scaling up within a Data Center Webgate 1 Webgate 2 SDK Client 1 SDK Client 2 ... Client N Clients Primary Server Secondary Server Access Mgmt deployed on a WebLogic Cluster Access Mgmt -Node 1 Admin Console on Admin Server Access Mgmt -Node 2 Read Policies ... Access Mgmt -Node N Authenticate against Stores Policies Policy Store 13 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. User Store
    • 14. Scaling up within a Data Center Webgate 1 Webgate 2 SDK Client 1 SDK Client 2 ... Client N Clients Load Balancer Access Mgmt deployed on a WebLogic Cluster Access Mgmt -Node 1 Admin Console on Admin Server Access Mgmt -Node 2 Read Policies ... Access Mgmt -Node N Authenticate against Stores Policies Policy Store 14 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. User Store
    • 15. Coherence for Distributed Caching Coherence  Completely integrated with Access Management  Provides high-performance distributed caching  Keeps user session data in sync across cluster nodes 15 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 16. Session Management & Performance Server Session Management Client Session Management  Advanced Session Management across nodes via Coherence-based caching.  Essentially stateless. Session managed via browser cookies.  Excellent Reliable performance  Higher performance compared to Coherencebased approach. Lightweight.  Recommended for most deployments, especially internal ones where rich session management features are desirable. 16 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.  May be appropriate for very large internet deployments where advanced server-side session management may not be required.
    • 17. Multi Data Center Deployment - Conceptual  Supports Active - Active, Active - Passive or Active - Hot Standby deployments  Enables seamless User SSO across data centers with session continuity  Independent but identical WebLogic domains in each data center  Follows Master-Clone configuration. Policy and configuration changes synchronized from Master to Clones.  Behavior is configurable based on Session Adoption Policy – Re-authentication Required – Remote Session Invalidation – On-Demand Session Data Retrieval 17 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 18. Multi Data Center Deployment - Conceptual User 1 (Based in US) User 2 (Based in Europe) OAM ID Cookie Cluster=NYCluster OAM ID Cookie Cluster=LonCluster Global Load Balancer Active Active Access Mgmt Cluster in New York Data-Center (Master) 18 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Stand-by Stand-by Synchronized Access Mgmt Cluster in London Data-Center (Clone)
    • 19. Multi Data Center Deployment - Conceptual User 1 (Based in US) GLB routes to London Data-Center OAM ID Cookie Cluster=NYCluster Cluster=LonCluster User 2 (Based in Europe) OAM ID Cookie Cluster=LonCluster Global Load Balancer Re-authenticate User ? New York Data-Center is overloaded or down Access Mgmt Cluster in New York Data-Center (Master) Back-channel OAP call Retrieve Remote Session Data ? Continue if retrieval fails ? Invalidate Remote Session ? 19 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Access Mgmt Cluster in London Data-Center (Clone)
    • 20. Multi Data Center Deployment - Detailed 20 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 21. Multi Data Center Deployment - Detailed 21 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 22. Scaling across Data Centers 22 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 23. Best Practices for Large Deployments 23 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 24. Best Practices for Large Deployments  Modeling resources appropriately – Use Excluded over Anonymous, HTTP caching directives etc  Using Agent Caches to improve latency – 11g Agents significantly improve on 10g  Ensuring fast network connections between Web, Middleware and Data Tiers – Scale out requires matching Web Tier scale out and tuning  Tuning the default Agent and Server settings – OAP/LDAP Connection Mgmt, Caching 24 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 25. Best Practices for Large Deployments  Follow MAA Deployment Patterns  Use of Load Balancers for HTTP, OAP and LDAP – Leverage hardware acceleration of Crypto and SSL, if available  Leveraging metrics to proactively address issues – DMS Metrics, EM Grid Control Monitoring 25 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 26. 250 Million User Benchmark 26 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 27. Benchmark Summary  Oracle Access Manager (OAM) and Oracle Adaptive Access Manager (OAAM) were tested to serve extreme loads with 250 million users seeded in the Oracle Internet Directory (OID) and Oracle Database  Mid-tiers were deployed on Oracle Exalogic hardware with Oracle Exalogic Elastic Cloud Software (EECS) and Database on Oracle Exadata hardware.  Demonstrated the ability of the IDM products to serve extreme loads when deployed on Exalogic(EL) and Exadata(ED) hardware.  Identified the scalability characteristics for OAM and OAAM on EL and ED. 27 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 28. OAM Test Cases & Topology Test Cases  To demonstrate the linear scale out, one, two and three server tests were run.  To demonstrate the linear scale up, controlled tests with 4, 8, 16 physical cores as well as 32 logical cores (16 physical cores with hyperthreading) were run on a single server. 28 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 29. OAM Scale Out Benchmark OAM Login Scale Test Results enhancements, OAM showed great performance and linear scaling on multi EL nodes.  3 EL nodes can support up to 16.4 Million Logins/Hour 16.4M 16 Logins/Hour in Millions  Besides the strong functional improvements and 18 14 12.5M 12 10 8 7.7M 6 4 2 0 One Server 29 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Two Server Three Server
    • 30. OAM Scale Up Benchmark Results 2200 2000 1800 available to the operating system on a single Exalogic server.  OAM shows a linear scale up in 4, 8,16 and 32* core testing. 1600 Logins/Seconds  This test was run by limiting the number of cores 1400 1200 32 Core* 1000 16 Core 800 8 Core 600 4 Core 400 200 0 0 20 40 60 CPU % * - 16 Physical cores with hyper-threading to 32 Logical cores 30 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 80 100
    • 31. OAAM Test Cases & Topology Test Cases  To demonstrate the linear scale out, one and two server tests were run  Tests were also run with one OAAM server and two OAAM servers in the same EL node. 31 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 32. OAAM Benchmark Results Results feature set to help organizations prevent fraud and misuse, OAAM shows very robust performance.  2 EL nodes can support up to 20.6 Million Transactions/Hour Transactions / Hour in Millions  Besides providing an innovative, comprehensive 20.6M 20 18.3M 15 12.3M 11M 10 5 0 1EL - 1OAAM 32 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 1EL - 2OAAM 2EL - 2OAAM 2EL - 4OAAM
    • 33. Software • OS: Oracle Linux Server release 5.8 (Tikanga) • Exalogic Elastic Cloud Software (EECS) 2.0.4.0.0 • Exalogic Optimized WebLogic Server 10.3.6.0 • JRockit jdk1.6.0_37-R28.2.5-4.1.0 • Oracle Traffic Director (OTD) 11.1.1.7.0 • Oracle Http Server (OHS) 11.1.1.7 • OAM 11.1.2.1 • OAAM 11.1.2.1 • Oracle Internet Directory (OID) 11.1.1.7 33 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 34. Hardware Exalogic (X3-2) - ¼ Rack Exadata (X3-2) - ¼ Rack •Eight Compute Nodes (Intel® Xeon® CPU E52690; 2x8 core @ 2.90GHz; 256GB RAM) •Two Compute Nodes (Intel® Xeon® CPU E5-2690; 2x8 core @ 2.90GHz; 256GB RAM) •Total 512GB Memory •Disk Controller HBA with 512MB Battery Backed Write Cache •4 x 300 GB 10,000 RPM Disks •2 x QDR (40Gb/s) Ports •2 x 10 Gb Ethernet Ports based on the Intel 82599 10GbE Controller •3 x Exadata Storage Servers X 3-2 with 36 CPU cores for SQL processing, 12 x PCI •flash card with 4.8 TB Exadata Smart Flash Cache and, 36 x 600 GB 15,000 RPM •High Performance disks or 3 TB High Capacity disks •Total 128 Compute Cores •Total 2TB Compute Node Memory •One ZFS Storage 7320 Clustered Configuration •High-Speed InfiniBand Internal Network •42RU Rack Exposure 34 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 35. Conclusion  The OAM & OAAM Scale Up & Scale Out benchmark tests showcased the extreme scalability and performance over a huge user base of over 250 million users.  Illustrated the linear scalability characteristics for OAM and OAAM on EL and ED hardware. 35 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 36. Customer Panel Discussion 36 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 37. Customer Panel  Nirmal Rahi – Solution Architect, College Board  Chirag Andani – Senior Director, Identity Management Services, Oracle IT 37 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 38. Q&A 38 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 39. Oracle Fusion Middleware Business Innovation Platform for the Enterprise and Cloud  Complete and Integrated Web Social Mobile  Best-in-class User Engagement Business Process Management  Open standards Content Management Service Integration Business Intelligence Data Integration Identity Management Development Tools 39 Cloud Application Foundation Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Enterprise Management  On-premise and Cloud  Foundation for Oracle Fusion Applications and Oracle Cloud
    • 40. Innovation Awards 18 Winners Across Eight Categories Lam Research Theater (Next to Moscone North) Session ID: CON8082 Session Title: Oracle Fusion Middleware: Meet This Year’s Most Impressive Innovators Venue / Room: YBCA - Lam Research Theater Date and Time: Monday Sep 23, 4:45 - 5:45 p.m. 40 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 41. Join the Oracle IDM Community Twitter twitter.com/OracleIDM Facebook facebook.com/OracleIDM Blog blogs.oracle.com/OracleIDM oracle.com/identity 41 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 42. Don’t miss these IDM Sessions CON4535 Monday 09/23, 4:45PM CON8834 Tuesday, 09/24, 3:45PM CON8837 Wednesday 09/25, 11:45AM CON8836 Thursday 09/26, 11:00AM CON9024 Thursday 09/26, 2:00PM 42 Moscone West, Room 2012 Moscone West, Room 2018 Moscone West, Room 2018 Moscone West, Room 2018 Moscone West, Room 2018 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 200M: Real World Large Scale Access and Directory Deployment at Verizon Attract new customer and users by leveraging Bring Your Own Identity (BYOI) Leverage Authorization to Monetize Content and Media Subscriptions Leveraging the Cloud to simplify your Identity Management implementation Next Generation Optimized Directory - Oracle Unified Directory Verizon Wireless Forest Yin, Oracle Roger Wigenstam, Oracle Guru Shashikumar, Oracle Etienne Remillon, Oracle
    • 43. 43 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 44. 44 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.