Overview of Hitachi Id Management Suite


Published on

Identity and Access Needs are Ever-Changing

Digital identities require constant administration to reflect business changes:

Complexity creates delay and reliability problems.

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Overview of Hitachi Id Management Suite

  1. 1. 1 ID Management Suite Managing the User Lifecycle Across On-Premises and Cloud-Hosted ApplicationsFully integrated identity and access management.2 Agenda • Hitachi ID corporate overview. • Identity problems and ID Management Suite benefits. • ID Management Suite technology. • Example deployments. • Discussion.3 Hitachi ID Corporate Overview © 2011 Hitachi ID Systems, Inc. All rights reserved. 1
  2. 2. Slide Presentation3.1 Hitachi ID Corporate Overview Hitachi ID is a leading provider of identity and access management solutions. • Founded as M-Tech in 1992, a division of Hitachi, Ltd. as of 2008. • Hitachi, Ltd.: – Founded in 1910. – $105 billion revenue in FY2010. – 360,000 employees. • Hitachi ID has 840+ customers with a combined 10.4M+ licensed users. • Offices in North America and partners overseas. • Approximately 140 employees. Award: SC Magazine Best Buy for the ID Management Suite.3.2 Representative Hitachi ID Customers4 Identity Problems and ID Management Suite Benefits © 2011 Hitachi ID Systems, Inc. All rights reserved. 2
  3. 3. Slide Presentation4.1 User Lifecycle: Business Challenges Slow: Role changes: • More IT → more too much paper, add/remove rights. too many people. users to manage. Expensive: Policies: enforced? • There are too many administrators Audit: doing redundant work. are privileges appropriate? challenges Org. relationships: throughout the track and maintain. user lifecycle. • Support cost. • User service. • Security. Reliable: Passwords: notification of terminations. too many, too weak, Fast: often forgotten. response by sysadmins. Access: Complete: Why can’t I access that deactivation of all IDs. application / folder / etc.4.2 ID Management Suite © 2011 Hitachi ID Systems, Inc. All rights reserved. 3
  4. 4. Slide Presentation4.3 Identity Manager Benefits Feature Impact Benefit Auto-provisioning Changes on a system of record Cost, Service, Security: trigger account creation, Less manual administration. deactivation. New hires setup on time. Reliable termination. Self-service workflow Change requests via web form. Service, Cost: Authorizers selected by built-in More efficient change logic. management. E-mail invitations, web Less manual administration. approvals. Consolidated administration Security officers can manage Cost, Security: any user on any system from a More efficient to manage by web console. user than by system. Reports show entitlements Known account ownership across systems. establishes accountability.4.4 Password Manager Benefits Hitachi ID Password Manager is an authentication management platform, providing a consistent process for managing passwords, tokens, smart cards and more. Feature Impact Benefit Password synchronization Fewer passwords to Improved ease-of-use. remember. Fewer password problems. Self-serve password, PIN Users resolve their own Fewer help desk calls. reset problems. Assisted password reset Faster call resolution. Lower cost per incident, improved service. Policy enforcement Password complexity, history, Passwords harder to periodic changes. compromise. Single signon Automated application logins. Users happier with IT. © 2011 Hitachi ID Systems, Inc. All rights reserved. 4
  5. 5. Slide Presentation4.5 Privileged Access Manager Impact Feature Impact Benefit Randomize passwords daily Eliminate static, shared Disconnect former IT staff. passwords. Controlled disclosure Control who can see The right users and programs passwords. can access privileged accounts, others cannot. Logging & Reporting Monitor password disclosure. Accountability. Faster troubleshooting. Encryption Secure passwords in storage Physical compromise does not and transit. expose passwords. Replication Passwords stored on multiple Survive server crashes and site servers, in different sites. disasters.5 ID Management Suite Technology5.1 Closed Loop IAMIntegrated Hitachi ID Management Suite Integrated Systems List accounts Target List of Record people Auto Systems discovery Updates Detected changes Create, Non-integrated Auto-provisioning Identity delete, Systems Identity synch. Cache update Updates accounts Automatic request - Validate requests Auto- Manual Requests - Route for approval Requesters fulfillment request Web UI - Invite authorizers Work - Send reminders Queue Create, - Escalate delete, Invitations - Delegate Manual update Connectors accounts fulfillment Request Transaction Approvals Queue Manager Authorizers Approve, reject, Web UI delegate Invitations Invitations Workflow Certification Manager Implementer Certifiers Review, Accept, Implementers certify, Web UI Web UI confirm correct © 2011 Hitachi ID Systems, Inc. All rights reserved. 5
  6. 6. Slide Presentation5.2 Included Connectors Many integrations to target systems included in the base price: Directories: Servers: Databases: Any LDAP, AD, WinNT, NDS, Windows NT, 2000, 2003, Oracle, Sybase, SQL Server, eDirectory, NIS/NIS+. 2008, Samba, Novell, DB2/UDB, ODBC. SharePoint. Unix: Mainframes, Midrange: HDD Encryption: Linux, Solaris, AIX, HPUX, 24 z/OS: RACF, ACF2, McAfee, CheckPoint. more. TopSecret. iSeries / OS400. ERP: Collaboration: Tokens, Smart Cards: JDE, Oracle eBiz, Lotus Notes, Exchange, RSA SecurID, SafeWord, PeopleSoft, SAP R/3, Siebel, GroupWise, BlackBerry ES. RADIUS, ActivIdentity, Business Objects. Schlumberger. WebSSO: Help Desk: Cloud/SaaS: CA Siteminder, IBM TAM, BMC Remedy, BMC SDE, HP WebEx, Google Apps, Oracle AM, RSA Access Service Manager, CA Salesforce, SOAP (generic). Manager. Unicenter, Assyst, HEAT, Altiris, Track-It!, etc.5.3 Scriptable Integrations • ID Management Suite easily integrates with custom, vertical and hosted applications using flexible agents . • Each flexible agent represents a standard process for connecting to a whole class of target systems, including: – API bindings (C, C++, Java, COM, ActiveX, MQ Series). – Telnet / TN3270 / TN5250 / sessions with TLS or SSL. – SSH sessions. – HTTP(S) administrative interfaces. – Web services. – Win32 and Unix command-line administration programs. – SQL scripts. – Custom LDAP attributes. • Typically a few hours to a few days to add an integration. • Hitachi ID can build these at fixed-cost. © 2011 Hitachi ID Systems, Inc. All rights reserved. 6
  7. 7. Slide Presentation5.4 Network Architecture , nix , U 0, AD S/39 P, d O DA 0 e tiv or L S40 d, Na assw ge A st e p han Password -ho pps User c Synch ud a Trigger Target Systems Clo aaS Systems S with local agent: OS/390, Unix, PW Reverse ate Hitachi ID older RSA lid Web Proxy Va Application VPN s Target Systems Server(s) ce Server rvi with remote agent: IVR SQL b Se Server DB We AD, SQL, SAP, Notes, etc ork Load SQL etw Balancer DB lN ca ails Lo Target Systems Em r nte SQL/Oracle Firewall SMTP or ke ts r a Ce Tic ge at Notes Mail g Tri Incident ok up & ot eD TCP/IP + AES Management Lo m Various Protocols System System of Firewall Re Record Proxy Server Secure Native Protocol (if needed) HTTPS6 Example Deployments6.1 Case Study: US Bank Customer description: US bank Product: Hitachi ID Password Manager Industry: Banking Number of users: 150,000 Functionality: Password reset via telephone, web browser Main business driver: Reduce IT support cost, improve authentication security when users call for help. Business impact: Eliminated 33,000 help desk calls/month. Saved at least US$ 4,000,000/year. © 2011 Hitachi ID Systems, Inc. All rights reserved. 7
  8. 8. Slide Presentation 6.2 Case Study: Restaurant Chain Customer description: Global restaurant chain Products: Hitachi ID + HitachiID Identity Manager Password Manager Number of users: 110,000 Functionality: Simplify onboarding, deactivation of users in 12 countries. Main business driver: Reduce IT administration cost. Eliminate orphan accounts. Business impact: Create and delete thousands of user accounts/year without involvement by corporate security. 6.3 Case Study: Semiconductor Company Customer description: Semiconductor company Product: Hitachi ID Privileged PW Manager Industry: Semiconductor Number of servers: 3,000 – Unix, Windows, SQL Server, VMWare ESX Functionality: Randomize local administrator passwords on mission-critical servers, daily. Control disclosure to 200+ users. Main business driver: Secure sensitive password and discontinue manual effort. Business impact: Improved system security, reduced monthly cost of manually changing thousands of passwords. 6.4 Case Study: Insurance Company Customer description: Insurance company. Products: Hitachi ID Password Manager Industry: Financial Number of users: 40,000 Functionality: Browser-based password synchronization and reset. Main business driver: Reduce IT support call volume. Business impact: Automate 25,000 password resets and unlocks per month.500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@Hitachi-ID.com File: PRCS:preswww.Hitachi-ID.com Date: March 22, 2011