Securing Your Cloud Applications with Novell Cloud Security Service


Published on

As your company considers moving toward the cloud either by adopting more Software-as-a-Service applications or other cloud services, the complexity and management of security policies and identities increase. Learn how you can manage a multi-SaaS environment to consistently enforce your internal identity and policy roles in the cloud. Leverage your existing identity infrastructure to enable single sign-on, access the right resources and receive audit logs from the cloud

1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Securing Your Cloud Applications with Novell Cloud Security Service

  1. 1. Securing Your Cloud Applications with Novell Cloud Security Service ® Dale Olds, Distinguished Engineer Ben Fjeldstet, Sr. Engineer Tom Cecere, Product Strategy Novell Cloud Security Service March 24, 2010
  2. 2. Key Takeaways SaaS adoption is projected to increase three-fold to US$14 Billion by 2012, according to Gartner. “SaaS sprawl” is causing IT administration and security nightmare for enterprises. Enforcing consistent policies for internal and cloud applications is key to effective governance. Novell Cloud Security Service allows organizations ® to extend its internal policies, roles and workflow and manage a multi-SaaS environment consistently. Novell is a leading provider of identity and security solutions and has been for over 20 years. 2 © Novell, Inc. All rights reserved.
  3. 3. Agenda Why Novell Cloud Security Service (NCSS)? ® What Is NCSS and How Does It Work? Demo How Is NCSS Different? 3 © Novell, Inc. All rights reserved.
  4. 4. SaaS Adoption Growing As Model Matures: $8B in ’09 to $14.7B in ‘12 With Customer Relationship Management and Content/Communication and Collaboration leading the way 4 © Novell, Inc. All rights reserved. Source: Gartner Saas Trends 2007-2012
  5. 5. Creating IT Administration Nightmare User data/ permissions User data/ User data/ permissions permissions User data/ User data/ permissions permissions Users Enterprise Challenge Apps • IT Department Multiple usernames/passwords • Multiple identity silos • Disparate administration tools • Challenge in timely deprovisioning accountsSystems/ Directory User data/ of ex-employees permissions tools 5 © Novell, Inc. All rights reserved.
  6. 6. And Concerns Over Security • DuPont: “When a sales person leaves the company, it takes 10 days to de-provision their account in Until then, the sales person has access to his account. This is a real problem.” • International Fragrances & Flavors: At an executive briefing told us, “We cannot use SaaS until it uses our identity management systems.” • “What’s keeping us from getting more large enterprise customers? Trust.” –David Carroll, evangelist 6 © Novell, Inc. All rights reserved.
  7. 7. Agenda Why Novell Cloud Security Service (NCSS)? What Is NCSS and How Does It Work? Demo How Is NCSS Different? 7 © Novell, Inc. All rights reserved.
  8. 8. Novell Cloud Security Service (NCSS) ® NCSS is a Web-based identity and access solution that enables an enterprise to manage a multi-SaaS environment and enforce its policies, roles and workflows in the cloud. User Identity and Roles Simplified Single Sign-on Enterprise-directed Provisioning/Deprovisioning Enterprise with Leveraging Enterprise-defined Identities & Roles Cloud vendor any credentials with NCSS system Security Montioring/Compliance Reporting Inspecting WRT Specific Tenants Compliance Events 8 © Novell, Inc. All rights reserved.
  9. 9. How Does NCSS Work? Enterprise Relying Party User Store Participant Novell Cloud 2 Security Services NCS IdP SAML 1, Secure SAML 2, User Store Bridge SaaS Application AuthN Service WS-Fed User User Access 1 Authentication SaaS Resources 3 NCSS handles both use cases: A user directly logging into a cloud 1 service or user logging into their enterprise system first. 9 © Novell, Inc. All rights reserved.
  10. 10. NCSS Key Features 1. Active security services for annexing cloud services into an enterprise, including • Federated authentication and provisioning, role mapping, and audit NCSS Dashboard “Risk Meter” event routing 2. Connectors to • SaaS and PaaS providers • Enterprise identity systems 3. Deployment, configuration and monitoring tools for service management of NCSS by cloud providers 4. Per-enterprise view and management of their use of SaaS and PaaS, and the connections to their internal systems 10 © Novell, Inc. All rights reserved.
  11. 11. Demo of Novell Cloud Security Service ®
  12. 12. Benefits • Automatic identity federation • Single sign-on to SaaS applications securely and automatically • Enforce your internal policies, roles and workflows in the cloud • Keep sensitive information behind the firewall • Zero day start/stop • Get detailed audit logs from your cloud applications • Manage all your SaaS applications via a single dashboard interface • Reduce IT costs from better SaaS administration • Supports multiple industry standards 12 © Novell, Inc. All rights reserved.
  13. 13. Agenda Why Novell Cloud Security Service (NCSS)? What Is NCSS and How Does It Work? Demo How Is NCSS Different? 13 © Novell, Inc. All rights reserved.
  14. 14. Competitive Advantages High Security – Firewall safe – Automated alerts Ease of Use and Management – Audit report – Intuitive management dashboard interface Integration with On-premise Infrastructure – Leverage existing identity infrastructure – Extend enterprise roles, policies and workflows into the cloud – Future integrations with SIEM, workflows, usage data – Support for multiple industry standards 14 © Novell, Inc. All rights reserved.
  15. 15. Competitive Advantages Intangibles – Only vendor to offer identity and access solutions for both sides of the cloud – Foundational block for an enterprise intelligent workload management strategy – Financially stable vendor: US$1B cash—able to build and buy – Extensive network of ISVs – 24x7 Worldwide support 15 © Novell, Inc. All rights reserved.
  16. 16. Questions and Answers
  17. 17. Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.