Identity & Access GovernanceMitigate Risk, Ensure Compliance, Empower User Access
Agenda    •   Identity and Access Governance          ‒   Industry trends    •   Identity Manager          ‒   Markt, ontw...
Identity Management        Automatiseren                           CIO, CSO, Compliance Mgr, Auditor   Voorbeeld          ...
Access Governance    Toezichthouders                       CSO, Compliance Mgr, Auditor                                   ...
Future State    User Provisioning and Access Governance markets are converging      User Provisioning (IDM 4)             ...
Real-time inzicht in gebruik    Monitoring                       CSO, Compliance Mgr, Auditor                             ...
Maturity Roadmap7   © 2011 NetIQ Corporation. All rights reserved.
Identity Manager
Identity Manager                                  HR administratie                                          Overige admini...
Klanten              Province Noord-Brabant                                Red Spider                                     ...
Product Support Lifecycle11   © 2011 NetIQ Corporation. All rights reserved.
IdM 4      IdM 4                                                      Standard   A.E.12   © 2011 NetIQ Corporation. All ri...
IdM 4      IdM 4                                                      Standard   Adv13   © 2011 NetIQ Corporation. All rig...
Nieuwste versie IdM     •   Identity Manager 4.02 – juli / aug           ‒   Minor upgrade / refresh components           ...
Upsell     •   IdM 4 Advanced Edition           ‒   roles based provisioning           ‒   Reporting etc     •   Access Ma...
Identity tracking for Identity Manager16   16   © 2011 NetIQ Corporation. All rights reserved.
NetIQ Access Governance Suite 6Mitigate Risk, Ensure Compliance, Empower User Access
Agenda     •   Identity and Access Governance           ‒   The what and why           ‒   Key Functions           ‒   Con...
Why Does the Business Care?     Regulations                                      Agility   Business Continuity            ...
What does the Business want?       • Business intelligence and user experience       • Business process management       •...
Access Governance     Key functions
Effective Governance of Access     Key Functions                                                       Discover     Certif...
Effective Governance of Access     Key Functions                                                       Discover    Certify...
Effective Governance of Access     Key Functions                                                       Discover     Certif...
Effective Governance of Access     Requires a Dynamic, Ongoing     Process                                                ...
Identity and Access Governance (IAG)                        Convergence
Current State     IT and Business focused solutions led to two market     segments within Identity Management             ...
Future State     User Provisioning and Access Governance markets are converging       User Provisioning (IDM 4)           ...
Questions29   © 2011 NetIQ Corporation. All rights reserved.
Worldwide Headquarters                           +1 713.548.1700 (Worldwide)     1233 West Loop South                     ...
Wie en Waar31   © 2011 NetIQ Corporation. All rights reserved.
This document could include technical inaccuracies or typographical errors. Changes areperiodically made to the informatio...
Upcoming SlideShare
Loading in...5
×

NetIQ sessie Boudewijn van Lith

620

Published on

Published in: Education, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
620
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
11
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

NetIQ sessie Boudewijn van Lith

  1. 1. Identity & Access GovernanceMitigate Risk, Ensure Compliance, Empower User Access
  2. 2. Agenda • Identity and Access Governance ‒ Industry trends • Identity Manager ‒ Markt, ontwikkelingen en opportunities • Access Governance ‒ Architecture ‒ Product Overview ‒ Technical Details2 © 2011 NetIQ Corporation. All rights reserved.
  3. 3. Identity Management Automatiseren CIO, CSO, Compliance Mgr, Auditor Voorbeeld Identity Lifecycle Management LoB Manager •Koppelen bron-systemen o.a. SAP HR •Opzetten Identiteiten register – central view •Provisioning naar basis systemenAutomationDirect Management• Identity Management• User Provisioning• Access Management• Single Sign On Systemen waar veel gebruikers in bestaan 3 © 2011 NetIQ Corporation. All rights reserved.
  4. 4. Access Governance Toezichthouders CSO, Compliance Mgr, Auditor LoB Manager Beheren en valideren van autorisaties Periodieke controle • Inlezen en analyse van toegang (risico) • Rapportages • Valideren van autorisaties (certificering) • Verbeter akties inititeren Meest risicovolle applicaties en systemen4 © 2011 NetIQ Corporation. All rights reserved.
  5. 5. Future State User Provisioning and Access Governance markets are converging User Provisioning (IDM 4) Demanding business-centric user interfaces Next Generation Identity and Access Governance “Business Interface – Trusted Fulfillment” Demanding better Provisioning Access Governance (AGS)5 © 2011 NetIQ Corporation. All rights reserved.
  6. 6. Real-time inzicht in gebruik Monitoring CSO, Compliance Mgr, Auditor LoB Manager Monitoring Real-time Activity Detection • Security Event Management • Log Management • Access Monitoring Applications, Databases, Infrastructure6 © 2011 NetIQ Corporation. All rights reserved.
  7. 7. Maturity Roadmap7 © 2011 NetIQ Corporation. All rights reserved.
  8. 8. Identity Manager
  9. 9. Identity Manager HR administratie Overige administratie Bron systemen SAP HR Handmatig directe invoer of systeem Gebruikers GUI IdM Integration Modules zelf service, zelf registratie etc. Centraal ID User Application Identity Manager register Identiteiten, regels, Gedelegeerd beheer rollen, beleid etc. gegevens distributie Id services: zelf Basis rapportage en service, workflow etc monitoring Rapportages IdM Integration Modules Informatie systemen Windows Exchange FIle system Microsoft Eigen Fysieke Overige netwerk Mail Home SQL applicaties beveiliging Active Directory Directories9 © 2011 NetIQ Corporation. All rights reserved.
  10. 10. Klanten Province Noord-Brabant Red Spider ROC10 © 2011 NetIQ Corporation. All rights reserved.
  11. 11. Product Support Lifecycle11 © 2011 NetIQ Corporation. All rights reserved.
  12. 12. IdM 4 IdM 4 Standard A.E.12 © 2011 NetIQ Corporation. All rights reserved.
  13. 13. IdM 4 IdM 4 Standard Adv13 © 2011 NetIQ Corporation. All rights reserved.
  14. 14. Nieuwste versie IdM • Identity Manager 4.02 – juli / aug ‒ Minor upgrade / refresh components ‒ Ondersteuning voor RedHat Enterprise Server ‒ Updates on reports, performance, drivers, AD passwords policy, digital signatures.... etc14 © 2011 NetIQ Corporation. All rights reserved.
  15. 15. Upsell • IdM 4 Advanced Edition ‒ roles based provisioning ‒ Reporting etc • Access Manager 3.2 (mei) • Sentinel LogManager • Identity tracking for Idm ( * NIEUW *) • Access Governance Toegang partners Cloud Toezichthouderseol risico inzicht sharepoint BYOD Toegang klanten15 © 2011 NetIQ Corporation. All rights reserved.
  16. 16. Identity tracking for Identity Manager16 16 © 2011 NetIQ Corporation. All rights reserved.
  17. 17. NetIQ Access Governance Suite 6Mitigate Risk, Ensure Compliance, Empower User Access
  18. 18. Agenda • Identity and Access Governance ‒ The what and why ‒ Key Functions ‒ Convergence • Access Governance Suite 6 ‒ Architecture ‒ Product Overview ‒ Technical Details18 © 2011 NetIQ Corporation. All rights reserved.
  19. 19. Why Does the Business Care? Regulations Agility Business Continuity ConfidentialityInsider Audits Protect I.P.Threats Governance User Demands Identity Compliance Theft Risk Management Data protection19 © 2011 NetIQ Corporation. All rights reserved.
  20. 20. What does the Business want? • Business intelligence and user experience • Business process management • Business policy enforcement and risk management Access Access Role Risk Request Certification Management Modeling BusinessEnablement Lifecycle Policy BPM/ Audit & Event Mgmt Definition Workflow Reporting Flexible Automated Help Desk ManualFulfillment Provisioning 20 © 2011 NetIQ Corporation. All rights reserved.
  21. 21. Access Governance Key functions
  22. 22. Effective Governance of Access Key Functions Discover Certify Model Discovery and collection of • Enterprise-wide collection and user access data organization of millions of IT entitlements and role memberships • Translation of IT terminology into business-relevant terms ● For example: RACF 54-RS93 is translated to Pay Invoice22 © 2011 NetIQ Corporation. All rights reserved.
  23. 23. Effective Governance of Access Key Functions Discover Certify Model • Business reviewers review and Discovery and collection of certify access of users they are user access data responsible for • Automated notifications Application of policy analytics for decision • Business-relevant presentation support • Enforce fulfillment policy Regular review and • All actions are logged for audit certification of user access purposes23 © 2011 NetIQ Corporation. All rights reserved.
  24. 24. Effective Governance of Access Key Functions Discover Certify Model Discovery and collection of • Approved change requests user access data are automatically fed to IT systems to make the changes, including Application of policy analytics for decision ● User Provisioning support ● Helpdesk/ Service Request Mgmt Regular review and certification of user access • All change actions are logged for audit purposes Orchestration of automated controls for remediation24 © 2011 NetIQ Corporation. All rights reserved.
  25. 25. Effective Governance of Access Requires a Dynamic, Ongoing Process Regular Review and Certification Analytics for of User Access Decision Support Change Management for User Access Discovery and Collection of User Access Information Orchestration of Controls to Remediate Role Design and Inappropriate Access Maintenance25 © 2011 NetIQ Corporation. All rights reserved.
  26. 26. Identity and Access Governance (IAG) Convergence
  27. 27. Current State IT and Business focused solutions led to two market segments within Identity Management Driven by IT User Provisioning Driven by the Access Governance Business27 © 2011 NetIQ Corporation. All rights reserved.
  28. 28. Future State User Provisioning and Access Governance markets are converging User Provisioning (IDM 4) Demanding business-centric user interfaces Next Generation Identity and Access Governance “Business Interface – Trusted Fulfillment” Demanding better Provisioning Access Governance (AGS)28 © 2011 NetIQ Corporation. All rights reserved.
  29. 29. Questions29 © 2011 NetIQ Corporation. All rights reserved.
  30. 30. Worldwide Headquarters +1 713.548.1700 (Worldwide) 1233 West Loop South 888.323.6768 (Toll-free) Suite 810 info@netiq.com http://community.netiq.com Houston, TX 77027 USA NetIQ.com30 © 2011 NetIQ Corporation. All rights reserved.
  31. 31. Wie en Waar31 © 2011 NetIQ Corporation. All rights reserved.
  32. 32. This document could include technical inaccuracies or typographical errors. Changes areperiodically made to the information herein. These changes may be incorporated in neweditions of this document. NetIQ Corporation may make improvements in or changes to thesoftware described in this document at any time.Copyright © 2011 NetIQ Corporation. All rights reserved.ActiveAudit, ActiveView, Aegis, AppManager, Change Administrator, Change Guardian, Compliance Suite, thecube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain MigrationAdministrator, Exchange Administrator, File Security Administrator, Group Policy Administrator, Group PolicyGuardian, Group Policy Suite, IntelliPolicy, Knowledge Scripts, NetConnect, NetIQ, the NetIQ logo, PSAudit,PSDetect, PSPasswordManager, PSSecure, Secure Configuration Manager, Security Administration Suite,Security Manager, Server Consolidator, VigilEnt, and Vivinet are trademarks or registered trademarks of NetIQCorporation or its subsidiaries in the United States.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×