• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
How to solve modern integrations challenges
 

How to solve modern integrations challenges

on

  • 357 views

In today’s modern, hyper-connected world, it is critical that organizations have visibility into the ‘big picture’ of what is happening in their IT environments. But integrating silos of data ...

In today’s modern, hyper-connected world, it is critical that organizations have visibility into the ‘big picture’ of what is happening in their IT environments. But integrating silos of data — held in sources such as LDAP, databases, and flatfiles — into a single, authoritative data source, becomes a tremendous challenge.

Join us during this webinar where we will explore ways to solve these modern integration challenges with new features in our IBM Security Directory Integrator product.


View the On-demand webinar: https://www2.gotomeeting.com/register/226831138

Statistics

Views

Total Views
357
Views on SlideShare
357
Embed Views
0

Actions

Likes
0
Downloads
4
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Solving a security issue is a complex, four-dimensional puzzle blurring the perimeter Complex requirements are spread across multiple security domains of People, Data, Application and Infrastructure
  • Safeguard mobile, cloud and social interactionsValidate “who is who“ when users connect from outside the enterpriseEnforce proactive access policies on cloud, social and mobile collaboration channelsPrevent insider threat and identity fraudManage shared access inside the enterprise Defend applications and access against targeted web attacks and vulnerabilitiesSimplify identity silos and directory integrationsProvide visibility into all available identities within the enterprise Unify “Universe of Identities” for security managementDeliver intelligent identity and access assuranceEnable Identity Management for the Line of BusinessEnhance user activity monitoring and security intelligence across security domains
  • In this release we are addressing primarily 4 use cases:Federated Directory Services (FDS) helps create a single authoritative data source by integrating and correlating identities sitting in various sources such as Directories, Databases, FlatFiles and Applications. It is the core theme of this release. Using its hybrid approach described later, FDS would solve several problems more effectively and efficiently which are traditionally solved by Virtual Directory products.White Pages helps create the hierarchical structure of an organization on the top of the authoritative data source. It is based on IBM Connections and has limited social networking capability.User Management in Cloud is the System for cross domain identity management (SCIM [System for Cross Domain Identity Management] ) implementation. It helps with on-boarding and off-boarding of user identities in cloud.Audit and Reporting give the insight of user activity. The OOTB connectivity with IBM Qradar SIEM helps with the analytics and intelligence of user activity. Sample reports have been added to make administrators’ lives easier.

How to solve modern integrations challenges How to solve modern integrations challenges Presentation Transcript

  • IBM Security Systems Simplifying Identity Silos and Cloud Integrations December 2013 Rajeev Saxena Product Manager David Druker Executive Security Architect IBM Security Systems 1 © 2013 IBM Corporation
  • IBM Security Systems Defining the security perimeter is increasingly difficult… EXAMPLE 1 People EXAMPLE 2 Employees Consultants Data Structured Applications Systems Applications Outsourcers Attackers EXAMPLE 3 Customers Partners Unstructured Unstructured Web Applications Suppliers At Rest In Motion Web 2.0 Mobile Applications Infrastructure Defense approach is shifting from „Secure the perimeter‟ to „Think like an attacker‟ 2 © 2013 IBM Corporation
  • IBM Security Systems Threat-Aware Identity and Access Management Capabilities to help organizations secure enterprise identity as a new perimeter Safeguard mobile, cloud and social interactions • Validate “who is who” when users connect from outside the enterprise • Enforce proactive access policies on cloud, social and mobile collaboration channels Intelligent identity and access assurance Prevent insider threat and identity fraud • Manage shared access inside the enterprise • Defend applications and access against targeted web attacks and vulnerabilities Simplify identity silos and cloud integrations • Enable identity management for the line of business • Enhance user activity monitoring and security intelligence across security domains 3 • Provide visibility into all available identities within the enterprise • Unify “Universe of Identities” for security management © 2013 IBM Corporation
  • IBM Security Systems Simplify identity silos and cloud integrations Key requirements “Untangle” identity silos to support business growth and increase efficiency Reduce costs of integrating and maintaining multiple identity stores Enable identity expansion into Cloud and Social environments Capture user insight for audit, compliance and reporting 4 © 2013 IBM Corporation
  • IBM Security Systems IBM Introducing New Directory Services Simplify identity silos and cloud integrations NEW IBM Security Directory Server and Integrator Federated Directory Services* White Pages Search Federate Cache User Management in Cloud  Universal directory to transform identity silos and to support “virtual directory”-like deployments  Scalable directory backbone leveraging existing infrastructure for enterprise-wide Identity and Access Management  Simplified sourcing of identities and attributes for enterprise applications, Cloud/SaaS integrations Virtualize  Intelligent White Pages search with social networking feature to enable intuitive identity store browsing  In-depth user insight with out of the box reports and IBM SIEM QRadar integration 5 © 2013 IBM Corporation
  • IBM Security Systems IBM Solutions for Key Scenarios Simplify identity silos and cloud integrations IAM Analytics & Security Intelligence Directories, Databases, Files, SAP, Web Services, Applications Search Federation Management Federated Service Access • Federated Directory Service to bridge identity silos • Using SCIM for User On/Off-boarding with Cloud Environments • White Pages Application ready for social business • Ease of use with new installer and other Directory enhancements 6 © 2013 IBM Corporation
  • IBM Security Systems “Untangle” identity silos to support business expansion Simplify identity silos and cloud integrations Migrate or co-exist Selective “writes” of changes to the original source Join multiple directories Federate authentication back to original source Enrich with data from other sources 7  FDS is a hybrid architecture that provides distributed authentication and data integration © 2013 IBM Corporation
  • IBM Security Systems Federated Directory Service – Simple to deploy, configure & use Simplify identity silos and cloud integrations  Enriched OOTB integration assets for endpoint connectivity  Data sources could be anything like v3 compliant LDAP, Data Bases, Flat Files etc.  Brand new GUI for simplified User Experience  Speed and performance of the centralized view of data is not constrained by the slowest data source 8 © 2013 IBM Corporation
  • IBM Security Systems White pages Application ready for social business Simplify identity silos and cloud integrations  Based on IBM Profiles.  Profiles is configured to a FDS instance to pull information from multiple repositories 9 Federated Service © 2013 IBM Corporation
  • IBM Security Systems Using SCIM for User On/Off-boarding with Cloud Environments Simplify identity silos and cloud integrations SCIM Enabled Targets IBM Security Identity Manager SCIM Repository Connector SaaS IBM Security Identity Manager Enterprise Repository REST / JSON IBM Security Access Manager White Pages Others SCIM Service SDS SaaS  REST/JSON interface for user & group management(irrespective of repository).  Implementation is based on SDI and provides both a service as well as a connector (to connect to other SCIM systems) 10 © 2013 IBM Corporation
  • IBM Security Systems Demo: FDS enables ISAM to Authenticate Against Multiple Directories Simplify identity silos and cloud integrations IBM Security Access Manager Reverse Proxy Application Application Federated Service User Sync Active Directory 1 11 Active Directory 2 © 2013 IBM Corporation
  • IBM Security Systems Directory Services to help Distributed Collaboration Government entity to grow quickly to 800K application users Simplify identity silos and cloud integrations Improved solution design and integration allowed the environment to grow from 40,000 users to 800,000+users 12 © 2013 IBM Corporation
  • IBM Security Systems IBM Identity and Access Management Key Themes Key Themes Safeguard mobile, cloud and social interactions 13 Prevent insider threat and identity fraud Simplify identity silos and directory integrations Deliver Intelligent Identity and Access assurance © 2013 IBM Corporation
  • IBM Security Systems Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. www.ibm.com/security © Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. © 2013 IBM Corporation 14