How oracle-uses-idm-chirag-v2

  • 3,325 views
Uploaded on

 

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
3,325
On Slideshare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
93
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. How Oracle UsesIdentity ManagementChirag AndaniDirector,Identity Management Services 1 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 2. Oracle Identity and Access Management Project: Why Did We Do It? •  Security •  Establish Single Sign On •  Zero downtime period26 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  • 3. Scope of Identity Management Requirements •  Internal applications deployed included •  1000+ partner applications •  SSO, Email, Beehive, Files (Content), Portals, eBiz, SSA, WebCenter •  External applications deployed included •  www.oracle.com, OTN, Oracle Partner Network, Oracle Forums, eBiz, My Oracle Support (MOS)/Sun Support27 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  • 4. Oracle Access Manager 11g What We Set Out to Do •  Replace Oracle Single Sign-On 10g (" $" (OSSO) and $6$ =< (" converge Oracle )) Access Manager 10g -$ &$ 
  • 5. $( (OAM) and Sun Open == (" )) Single Sign-On
  • 6. $( =< (OSO)28 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  • 7. How We Did It Without Disruption Architected for zero downtime29 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  • 8. Rollout in Phased Approach •  Phase 1 : Pilot User rollout (200 Users) •  Phase 2 : Pilot applications (2 applications) •  Phase 3 : 10% of all production traffic •  Phase 4 : 20% of all production traffic •  Phase 5 : 50% of all production traffic •  Phase 6 : 100% of all production traffic30 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  • 9. With Immediate Rollback if Required •  35 application-based issues •  Zero downtime Rollback plan: –  10g SSO servers available via LBR –  Live traffic to flip to 100% 10g SSO31 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  • 10. Measurement of Operational Success Oracle Access Manager Application Stats Item Metric Total Partner Apps 1000 Total Monthly OAM 23.1 M Operations (External) Total Monthly OAM 16 M Operations (Internal)32 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  • 11. Oracle Internet Directory •  Create a single identity store •  Reduce cost •  Eliminate data discrepancies33 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  • 12. Oracle Internet Directory Configuration Topology •  Internal Environment •  2 MMR Replicas, 2 Fan-outs •  Each MMR Replica is 4-node OID and 4-node RAC cluster, two geographic sites •  OID 11.1.1.1.0, RDBMS 11.2.0.2 •  External Environment •  2 MMR Replicas, cluster configuration, two geographic sites •  OID 11.1.1.1.0, RDBMS 11.2.0.234 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  • 13. Oracle Internet Directory Global Oracle Identity Management Architecture35 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  • 14. How Much Traffic Does Our OID Handle? •  54 Million LDAP ops/day on single replica •  5 Billion operations/month •  Expanded LDAP footprint •  Internal – 2.5 Million entries •  External – 14.5 Million users •  Groups – 250K+ static groups, up to 1M members/group, 600+ dynamic groups36 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  • 15. What’s Next: Oracle Identity Manager 11g •  Consolidate internal user and access provisioning •  Expand scalability •  Reduce provisioning cost and lead times37 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  • 16. Oracle Identity Manager 11g Oracle Identity Manager Architecture38 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  • 17. The story continuesProvisioning/migrating toOIM 25%complete39 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  • 18. Oracle Fusion Middleware 11g application infrastructure foundation Complete – Integrated Hot-pluggable – Best-of-breed40 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.