SlideShare a Scribd company logo

Office 365 integration using organizational identities

Nixu Corporation
Nixu Corporation

Presentation held at SharePoint User Group & Office 365 User Group Finland September meeting 17.9.2014 by Joonatan Henriksson.

Presentations & Public Speaking
1 of 16
Office 365 integration using organizational identities Joonatan Henriksson Nixu Oy 9.10.2014 © Nixu 2014 1
9.10.2014 © Nixu 2014 One-stop shop for security consulting
Keys for success in security consulting 9.10.2014 © Nixu 2014 • Security consulting since 1988 • Capacity and reliability: 120 persons, 14 M€ turnover • Secure premises: Finnish Defence Forces audited facilities • No strings attached: Product vendor independent Trust • Certifications: CISSP, CISA, CISM, CSSLP, CPTS, GCIH, GCFA, GCIA, GSNA, GSSPC, CCNA, ISO27001 Auditor, MCSE, QSA, PA-QSA, etc • Payment Card Industry (PCI DSS) Qualified Security Assessor and ASV company • ca. 140 clients in over 400 assignments during year 2013 • Assignments in around 20 countries Experience • Productized methodology for projects guarantees high quality • Global standards: TOGAF, ITIL, OWASP, ISO27001, ISF, PCI DSS, etc • Quality assurance included in each project, each project has a team • Secure practices for transmitting, storing and destroying confidential data Methodology 99% of our clients say they can recommend Nixu* * Fall 2013 Customer satisfaction study
We have SAML 2.0 support!! (March 2014) 9.10.2014 © Nixu 2014 4 Source: http://blogs.office.com/2014/03/06/announcing-support-for-saml-2-0-federation-with-office-365/
…well, at least soon?! “…the following scenarios are blocked when using SAML 2.0 or Shibboleth.  Lync desktop client  Applications such as Word, Excel, PowerPoint, Visio, etc. when accessing files from SharePoint Online  Office 365 ProPlus licensing for Office desktop applications  PowerShell access to Office 365 The update to the Office 2013 client applications is expected to be released later in 2014.”* 9.10.2014 © Nixu 2014 5 Source: http://blogs.office.com/2014/03/06/announcing-support-for-saml-2-0-federation-with-office-365/
Possibilities until then (and with legacy clients)  Standards support – SAML 2.0 support has evolved slowly during 2013-2014 – WS-Federation – WS-Trust 9.10.2014 © Nixu 2014 6
Customer requirements (in 2013)  Office 365 “reseller” business case  Existing local user base with external users  Existing authentication service with SAML 2.0 support (non-ADFS)  Flexible authentication to Office 365 for email  Mobile clients must work with Active Sync  IMAP must work  Multitenant and multidomain environment 9.10.2014 © Nixu 2014 7
High level architecture for passive authentication 9.10.2014 © Nixu 2014 8 SSO Outlook Web Access Azure AD IDM Browser Access AuthN AuthZ User store first name last name display name UPN=[default email address] immutableID=[unique ID] license type location (SMTP address if other value than UPN is required) Forms based authentication
High level architecture for proxy authentication 9.10.2014 © Nixu 2014 9 SSO Exchange Online Azure AD IDM Client Basic auth AuthN AuthZ User store SAML 2.0 ECP first name last name display name UPN=[default email address] immutableID=[unique ID] license type location (SMTP address if other value than UPN is required)
Challenges with integration  Active Sync client requires the use of the SAML 2.0 ECP-profile (Enhanced Client or Proxy) with HTTP Basic Auth  Multitenancy, i.e. separating different domains in the IdP/SSO  Lack of logging in O365  Converting and modifying identities might take time 9.10.2014 © Nixu 2014 10
Multiple clients in multiple platforms Client Platform AuthN mechanism Browser for MS Online and Outlook Web Access PC / MAC SAML 2.0 (Passive authentication) Outlook 2007/Outlook 2010/2013?, Exchange ActiveSync, POP/IMAP/SMTP client PC / MAC? Basic authentication over SSL, SAML 2.0 (Proxy authentication) Lync 2010 PC / MAC? WS-Federation and WS- Trust Lync mobile >5.2 iOS, Windows Phone SAML 2.0 (Passive authentication) Office 2010/Office 2007/2013? applications PC / MAC? Active authentication with WS-Trust 9.10.2014 © Nixu 2014 11
Identity provisioning alternatives  Manual  PowerShell  DirSync  Forefront Identity Manager (Windows Azure Active Directory Connector)  Azure AD Graph API (2014) 9.10.2014 © Nixu 2014 12
Other uses for SAML based federation  Many SaaS and cloud providers support SAML 2.0 – E.g. SalesForce, Yammer, Zendesk, Google Apps etc. 9.10.2014 © Nixu 2014 13
Main takeaways  Standards based integration is still in the making  Plan your business case  Plan your use cases  You need to know your authentication protocols  ADFS not the only option, other SSO products work as well – Currently with mixed protocols, in the future with SAML 2.0* 9.10.2014 © Nixu 2014 14 * source: http://blogs.office.com/2014/03/06/announcing-support-for-saml-2-0-federation-with-office-365/
Links  Announcing support for SAML 2.0 federation with Office 365 http://blogs.office.com/2014/03/06/announcing-support-for-saml-2- 0-federation-with-office-365/  O365 SAML 2.0 implementors guide http://go.microsoft.com/?linkid=9844221 9.10.2014 © Nixu 2014 15
Thank you! Nixu Oy www.nixu.fi/blogi - www.tietovastuu.fi - twitter: @nixutigerteam P.O. Box 39 (Keilaranta 15), FI-02150 Espoo, Finland Tel +358 9 478 1011, Fax +358 9 478 1030, nixu.sales@nixu.com Joonatan Henriksson joonatan.henriksson@nixu.com +358 50 342 3472 Twitter: @jonttuh 9.10.2014 © Nixu 2014 16

Recommended

Framework WSo2 orientato ai servizi
Framework WSo2 orientato ai serviziFramework WSo2 orientato ai servizi
Framework WSo2 orientato ai serviziProfesia Srl, Lynx Group
 
WSO2Con ASIA 2016: An Introduction to the WSO2 Integration Platform
WSO2Con ASIA 2016: An Introduction to the WSO2 Integration PlatformWSO2Con ASIA 2016: An Introduction to the WSO2 Integration Platform
WSO2Con ASIA 2016: An Introduction to the WSO2 Integration PlatformWSO2
 
Boost Your Managed Services and Profits by Adding Disaster Recovery to any Ac...
Boost Your Managed Services and Profits by Adding Disaster Recovery to any Ac...Boost Your Managed Services and Profits by Adding Disaster Recovery to any Ac...
Boost Your Managed Services and Profits by Adding Disaster Recovery to any Ac...Kaseya
 
Office 365 and Cloud Identity – What Does It Mean For Me?
Office 365 and Cloud Identity – What Does It Mean For Me?Office 365 and Cloud Identity – What Does It Mean For Me?
Office 365 and Cloud Identity – What Does It Mean For Me?Scott Hoag
 
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...WSO2
 
365 Command: Managing Exchange in Office 365
365 Command: Managing Exchange in Office 365365 Command: Managing Exchange in Office 365
365 Command: Managing Exchange in Office 365Kaseya
 
Kaseya Monitoring Suite Overview
Kaseya Monitoring Suite OverviewKaseya Monitoring Suite Overview
Kaseya Monitoring Suite OverviewKaseya
 
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...Yenlo
 

Recommended

Framework WSo2 orientato ai servizi
Framework WSo2 orientato ai serviziFramework WSo2 orientato ai servizi
Framework WSo2 orientato ai serviziProfesia Srl, Lynx Group
 
WSO2Con ASIA 2016: An Introduction to the WSO2 Integration Platform
WSO2Con ASIA 2016: An Introduction to the WSO2 Integration PlatformWSO2Con ASIA 2016: An Introduction to the WSO2 Integration Platform
WSO2Con ASIA 2016: An Introduction to the WSO2 Integration PlatformWSO2
 
Boost Your Managed Services and Profits by Adding Disaster Recovery to any Ac...
Boost Your Managed Services and Profits by Adding Disaster Recovery to any Ac...Boost Your Managed Services and Profits by Adding Disaster Recovery to any Ac...
Boost Your Managed Services and Profits by Adding Disaster Recovery to any Ac...Kaseya
 
Office 365 and Cloud Identity – What Does It Mean For Me?
Office 365 and Cloud Identity – What Does It Mean For Me?Office 365 and Cloud Identity – What Does It Mean For Me?
Office 365 and Cloud Identity – What Does It Mean For Me?Scott Hoag
 
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...WSO2
 
365 Command: Managing Exchange in Office 365
365 Command: Managing Exchange in Office 365365 Command: Managing Exchange in Office 365
365 Command: Managing Exchange in Office 365Kaseya
 
Kaseya Monitoring Suite Overview
Kaseya Monitoring Suite OverviewKaseya Monitoring Suite Overview
Kaseya Monitoring Suite OverviewKaseya
 
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...Yenlo
 
Coral Active HTML5 Agent Desktop
Coral Active HTML5 Agent DesktopCoral Active HTML5 Agent Desktop
Coral Active HTML5 Agent DesktopPSS Help
 
Coral Active HTML5 Agent Desktop
Coral Active HTML5 Agent DesktopCoral Active HTML5 Agent Desktop
Coral Active HTML5 Agent DesktopPSS Help
 
Software as a Service .pptx
Software as a Service .pptxSoftware as a Service .pptx
Software as a Service .pptxjuergenJaeckel
 
RapidScale CloudOffice
RapidScale CloudOfficeRapidScale CloudOffice
RapidScale CloudOfficeRapidScale
 
Proven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and ManagementProven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and ManagementPerficient, Inc.
 
Mobilize employees with the cisco mobile workspace solution
Mobilize employees with the cisco mobile workspace solutionMobilize employees with the cisco mobile workspace solution
Mobilize employees with the cisco mobile workspace solutionCisco Mobility
 
BWW KickOff DMS-Mia.2.pptx
BWW KickOff DMS-Mia.2.pptxBWW KickOff DMS-Mia.2.pptx
BWW KickOff DMS-Mia.2.pptxDeni Nasrullah
 
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2WinWire Technologies Inc
 
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...Nuno Árias Silva
 
Transform IT services-
Transform IT services-Transform IT services-
Transform IT services-Prasanth Konoth
 
Love Cloud: 28 June 2017
Love Cloud: 28 June 2017 Love Cloud: 28 June 2017
Love Cloud: 28 June 2017 Chloe Mustafa
 
Atelier Poste de travail - FWT15 Paris Citrix
Atelier Poste de travail - FWT15 Paris CitrixAtelier Poste de travail - FWT15 Paris Citrix
Atelier Poste de travail - FWT15 Paris CitrixFujitsu France
 
Bridgeworks IT Solutions 2013
Bridgeworks IT Solutions 2013Bridgeworks IT Solutions 2013
Bridgeworks IT Solutions 2013StraightDrive Softlab LLP
 
Session 1: Einführung in Windows Azure
Session 1: Einführung in Windows AzureSession 1: Einführung in Windows Azure
Session 1: Einführung in Windows AzureDigicomp Academy AG
 
Bhadale group of companies multi cloud services catalogue
Bhadale group of companies multi cloud services catalogueBhadale group of companies multi cloud services catalogue
Bhadale group of companies multi cloud services catalogueVijayananda Mohire
 
Get Started with Microsoft Azure.pptx
Get Started with Microsoft Azure.pptxGet Started with Microsoft Azure.pptx
Get Started with Microsoft Azure.pptxAnjaliMishra647628
 
Cloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud ServicesCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud ServicesCloud Standards Customer Council
 
Azure_Business_Opportunity
Azure_Business_OpportunityAzure_Business_Opportunity
Azure_Business_OpportunityNojan Emad
 
WEBINAR: Uncover the Benefits of Office 365 and Windows Azure
WEBINAR: Uncover the Benefits of Office 365 and Windows Azure WEBINAR: Uncover the Benefits of Office 365 and Windows Azure
WEBINAR: Uncover the Benefits of Office 365 and Windows Azure Sentri
 
RapidScale Product Training
RapidScale Product TrainingRapidScale Product Training
RapidScale Product TrainingRapidScale
 
Cyber warfare in the context of major military innovations by mattias almeflo...
Cyber warfare in the context of major military innovations by mattias almeflo...Cyber warfare in the context of major military innovations by mattias almeflo...
Cyber warfare in the context of major military innovations by mattias almeflo...Nixu Corporation
 
oAuth presentation
oAuth presentationoAuth presentation
oAuth presentationNixu Corporation
 

More Related Content

Similar to Office 365 integration using organizational identities

Coral Active HTML5 Agent Desktop
Coral Active HTML5 Agent DesktopCoral Active HTML5 Agent Desktop
Coral Active HTML5 Agent DesktopPSS Help
 
Coral Active HTML5 Agent Desktop
Coral Active HTML5 Agent DesktopCoral Active HTML5 Agent Desktop
Coral Active HTML5 Agent DesktopPSS Help
 
Software as a Service .pptx
Software as a Service .pptxSoftware as a Service .pptx
Software as a Service .pptxjuergenJaeckel
 
RapidScale CloudOffice
RapidScale CloudOfficeRapidScale CloudOffice
RapidScale CloudOfficeRapidScale
 
Proven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and ManagementProven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and ManagementPerficient, Inc.
 
Mobilize employees with the cisco mobile workspace solution
Mobilize employees with the cisco mobile workspace solutionMobilize employees with the cisco mobile workspace solution
Mobilize employees with the cisco mobile workspace solutionCisco Mobility
 
BWW KickOff DMS-Mia.2.pptx
BWW KickOff DMS-Mia.2.pptxBWW KickOff DMS-Mia.2.pptx
BWW KickOff DMS-Mia.2.pptxDeni Nasrullah
 
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2WinWire Technologies Inc
 
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...Nuno Árias Silva
 
Love Cloud: 28 June 2017
Love Cloud: 28 June 2017 Love Cloud: 28 June 2017
Love Cloud: 28 June 2017 Chloe Mustafa
 
Atelier Poste de travail - FWT15 Paris Citrix
Atelier Poste de travail - FWT15 Paris CitrixAtelier Poste de travail - FWT15 Paris Citrix
Atelier Poste de travail - FWT15 Paris CitrixFujitsu France
 
Session 1: Einführung in Windows Azure
Session 1: Einführung in Windows AzureSession 1: Einführung in Windows Azure
Session 1: Einführung in Windows AzureDigicomp Academy AG
 
Bhadale group of companies multi cloud services catalogue
Bhadale group of companies multi cloud services catalogueBhadale group of companies multi cloud services catalogue
Bhadale group of companies multi cloud services catalogueVijayananda Mohire
 
Get Started with Microsoft Azure.pptx
Get Started with Microsoft Azure.pptxGet Started with Microsoft Azure.pptx
Get Started with Microsoft Azure.pptxAnjaliMishra647628
 
Cloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud ServicesCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud ServicesCloud Standards Customer Council
 
Azure_Business_Opportunity
Azure_Business_OpportunityAzure_Business_Opportunity
Azure_Business_OpportunityNojan Emad
 
WEBINAR: Uncover the Benefits of Office 365 and Windows Azure
WEBINAR: Uncover the Benefits of Office 365 and Windows Azure WEBINAR: Uncover the Benefits of Office 365 and Windows Azure
WEBINAR: Uncover the Benefits of Office 365 and Windows Azure Sentri
 
RapidScale Product Training
RapidScale Product TrainingRapidScale Product Training
RapidScale Product TrainingRapidScale
 

Similar to Office 365 integration using organizational identities (20)

Coral Active HTML5 Agent Desktop
Coral Active HTML5 Agent DesktopCoral Active HTML5 Agent Desktop
Coral Active HTML5 Agent Desktop
 
Coral Active HTML5 Agent Desktop
Coral Active HTML5 Agent DesktopCoral Active HTML5 Agent Desktop
Coral Active HTML5 Agent Desktop
 
Software as a Service .pptx
Software as a Service .pptxSoftware as a Service .pptx
Software as a Service .pptx
 
RapidScale CloudOffice
RapidScale CloudOfficeRapidScale CloudOffice
RapidScale CloudOffice
 
Proven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and ManagementProven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and Management
 
Mobilize employees with the cisco mobile workspace solution
Mobilize employees with the cisco mobile workspace solutionMobilize employees with the cisco mobile workspace solution
Mobilize employees with the cisco mobile workspace solution
 
BWW KickOff DMS-Mia.2.pptx
BWW KickOff DMS-Mia.2.pptxBWW KickOff DMS-Mia.2.pptx
BWW KickOff DMS-Mia.2.pptx
 
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
 
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
 
Transform IT services-
Transform IT services-Transform IT services-
Transform IT services-
 
Love Cloud: 28 June 2017
Love Cloud: 28 June 2017 Love Cloud: 28 June 2017
Love Cloud: 28 June 2017
 
Atelier Poste de travail - FWT15 Paris Citrix
Atelier Poste de travail - FWT15 Paris CitrixAtelier Poste de travail - FWT15 Paris Citrix
Atelier Poste de travail - FWT15 Paris Citrix
 
Bridgeworks IT Solutions 2013
Bridgeworks IT Solutions 2013Bridgeworks IT Solutions 2013
Bridgeworks IT Solutions 2013
 
Session 1: Einführung in Windows Azure
Session 1: Einführung in Windows AzureSession 1: Einführung in Windows Azure
Session 1: Einführung in Windows Azure
 
Bhadale group of companies multi cloud services catalogue
Bhadale group of companies multi cloud services catalogueBhadale group of companies multi cloud services catalogue
Bhadale group of companies multi cloud services catalogue
 
Get Started with Microsoft Azure.pptx
Get Started with Microsoft Azure.pptxGet Started with Microsoft Azure.pptx
Get Started with Microsoft Azure.pptx
 
Cloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud ServicesCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services
 
Azure_Business_Opportunity
Azure_Business_OpportunityAzure_Business_Opportunity
Azure_Business_Opportunity
 
WEBINAR: Uncover the Benefits of Office 365 and Windows Azure
WEBINAR: Uncover the Benefits of Office 365 and Windows Azure WEBINAR: Uncover the Benefits of Office 365 and Windows Azure
WEBINAR: Uncover the Benefits of Office 365 and Windows Azure
 
RapidScale Product Training
RapidScale Product TrainingRapidScale Product Training
RapidScale Product Training
 

More from Nixu Corporation

Cyber warfare in the context of major military innovations by mattias almeflo...
Cyber warfare in the context of major military innovations by mattias almeflo...Cyber warfare in the context of major military innovations by mattias almeflo...
Cyber warfare in the context of major military innovations by mattias almeflo...Nixu Corporation
 
Mitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo NixuMitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo NixuNixu Corporation
 
Infosec2018 NL IAM archeaology Presentation
Infosec2018 NL IAM archeaology PresentationInfosec2018 NL IAM archeaology Presentation
Infosec2018 NL IAM archeaology PresentationNixu Corporation
 
Nixu Cyber Defense Center - You have one fear less.
Nixu Cyber Defense Center - You have one fear less.Nixu Cyber Defense Center - You have one fear less.
Nixu Cyber Defense Center - You have one fear less.Nixu Corporation
 
Koko rahalla palomuureja?
Koko rahalla palomuureja? Koko rahalla palomuureja?
Koko rahalla palomuureja? Nixu Corporation
 
Digitaalinen identiteetti turvallisen verkkoliiketoiminnan mahdollistajana
Digitaalinen identiteetti turvallisen verkkoliiketoiminnan mahdollistajanaDigitaalinen identiteetti turvallisen verkkoliiketoiminnan mahdollistajana
Digitaalinen identiteetti turvallisen verkkoliiketoiminnan mahdollistajanaNixu Corporation
 
Kuinka toimitaan oikeammin kun havaitaan tietoturvapoikkeama
Kuinka toimitaan oikeammin kun havaitaan tietoturvapoikkeamaKuinka toimitaan oikeammin kun havaitaan tietoturvapoikkeama
Kuinka toimitaan oikeammin kun havaitaan tietoturvapoikkeamaNixu Corporation
 
Tekninen näkökulma: Lokienhallinta vai SIEM?
Tekninen näkökulma: Lokienhallinta vai SIEM?Tekninen näkökulma: Lokienhallinta vai SIEM?
Tekninen näkökulma: Lokienhallinta vai SIEM?Nixu Corporation
 
Tietoturva teollisen internetin vauhdittajana
Tietoturva teollisen internetin vauhdittajanaTietoturva teollisen internetin vauhdittajana
Tietoturva teollisen internetin vauhdittajanaNixu Corporation
 
What has changed in Corporate Cybersecurity?
What has changed in Corporate Cybersecurity?What has changed in Corporate Cybersecurity?
What has changed in Corporate Cybersecurity?Nixu Corporation
 
Mittaristot kyberturvan tilannejohtamiseen
Mittaristot kyberturvan tilannejohtamiseenMittaristot kyberturvan tilannejohtamiseen
Mittaristot kyberturvan tilannejohtamiseenNixu Corporation
 
TIEKE IoT Business-treffit: Virusten Internet, Kairinen, Nixu 2014
TIEKE IoT Business-treffit: Virusten Internet, Kairinen, Nixu 2014TIEKE IoT Business-treffit: Virusten Internet, Kairinen, Nixu 2014
TIEKE IoT Business-treffit: Virusten Internet, Kairinen, Nixu 2014Nixu Corporation
 
PCI DSS 3.0 - Merkittävimmät muutokset
PCI DSS 3.0 - Merkittävimmät muutoksetPCI DSS 3.0 - Merkittävimmät muutokset
PCI DSS 3.0 - Merkittävimmät muutoksetNixu Corporation
 
PCI DSS 3.0 muutokset – “editor’s pick”
PCI DSS 3.0 muutokset – “editor’s pick”PCI DSS 3.0 muutokset – “editor’s pick”
PCI DSS 3.0 muutokset – “editor’s pick”Nixu Corporation
 
"Hakkerihyökkäys terveydenhoitoalan organisaatioon – näin se tapahtuisi”
"Hakkerihyökkäys terveydenhoitoalan organisaatioon – näin se tapahtuisi”"Hakkerihyökkäys terveydenhoitoalan organisaatioon – näin se tapahtuisi”
"Hakkerihyökkäys terveydenhoitoalan organisaatioon – näin se tapahtuisi”Nixu Corporation
 
Miten tietomurron voi havaita lokeista?
Miten tietomurron voi havaita lokeista?Miten tietomurron voi havaita lokeista?
Miten tietomurron voi havaita lokeista?Nixu Corporation
 
Verkkopalveluiden tietoturva markkinointi- ja viestintäasiantuntijoille, kevä...
Verkkopalveluiden tietoturva markkinointi- ja viestintäasiantuntijoille, kevä...Verkkopalveluiden tietoturva markkinointi- ja viestintäasiantuntijoille, kevä...
Verkkopalveluiden tietoturva markkinointi- ja viestintäasiantuntijoille, kevä...Nixu Corporation
 
Kysely NSA-vakoilusta yrityspäättäjille
Kysely NSA-vakoilusta yrityspäättäjilleKysely NSA-vakoilusta yrityspäättäjille
Kysely NSA-vakoilusta yrityspäättäjilleNixu Corporation
 

More from Nixu Corporation (20)

Cyber warfare in the context of major military innovations by mattias almeflo...
Cyber warfare in the context of major military innovations by mattias almeflo...Cyber warfare in the context of major military innovations by mattias almeflo...
Cyber warfare in the context of major military innovations by mattias almeflo...
 
oAuth presentation
oAuth presentationoAuth presentation
oAuth presentation
 
Mitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo NixuMitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo Nixu
 
Infosec2018 NL IAM archeaology Presentation
Infosec2018 NL IAM archeaology PresentationInfosec2018 NL IAM archeaology Presentation
Infosec2018 NL IAM archeaology Presentation
 
Cyber Defense in 2016
Cyber Defense in 2016Cyber Defense in 2016
Cyber Defense in 2016
 
Nixu Cyber Defense Center - You have one fear less.
Nixu Cyber Defense Center - You have one fear less.Nixu Cyber Defense Center - You have one fear less.
Nixu Cyber Defense Center - You have one fear less.
 
Koko rahalla palomuureja?
Koko rahalla palomuureja? Koko rahalla palomuureja?
Koko rahalla palomuureja?
 
Digitaalinen identiteetti turvallisen verkkoliiketoiminnan mahdollistajana
Digitaalinen identiteetti turvallisen verkkoliiketoiminnan mahdollistajanaDigitaalinen identiteetti turvallisen verkkoliiketoiminnan mahdollistajana
Digitaalinen identiteetti turvallisen verkkoliiketoiminnan mahdollistajana
 
Kuinka toimitaan oikeammin kun havaitaan tietoturvapoikkeama
Kuinka toimitaan oikeammin kun havaitaan tietoturvapoikkeamaKuinka toimitaan oikeammin kun havaitaan tietoturvapoikkeama
Kuinka toimitaan oikeammin kun havaitaan tietoturvapoikkeama
 
Tekninen näkökulma: Lokienhallinta vai SIEM?
Tekninen näkökulma: Lokienhallinta vai SIEM?Tekninen näkökulma: Lokienhallinta vai SIEM?
Tekninen näkökulma: Lokienhallinta vai SIEM?
 
Tietoturva teollisen internetin vauhdittajana
Tietoturva teollisen internetin vauhdittajanaTietoturva teollisen internetin vauhdittajana
Tietoturva teollisen internetin vauhdittajana
 
What has changed in Corporate Cybersecurity?
What has changed in Corporate Cybersecurity?What has changed in Corporate Cybersecurity?
What has changed in Corporate Cybersecurity?
 
Mittaristot kyberturvan tilannejohtamiseen
Mittaristot kyberturvan tilannejohtamiseenMittaristot kyberturvan tilannejohtamiseen
Mittaristot kyberturvan tilannejohtamiseen
 
TIEKE IoT Business-treffit: Virusten Internet, Kairinen, Nixu 2014
TIEKE IoT Business-treffit: Virusten Internet, Kairinen, Nixu 2014TIEKE IoT Business-treffit: Virusten Internet, Kairinen, Nixu 2014
TIEKE IoT Business-treffit: Virusten Internet, Kairinen, Nixu 2014
 
PCI DSS 3.0 - Merkittävimmät muutokset
PCI DSS 3.0 - Merkittävimmät muutoksetPCI DSS 3.0 - Merkittävimmät muutokset
PCI DSS 3.0 - Merkittävimmät muutokset
 
PCI DSS 3.0 muutokset – “editor’s pick”
PCI DSS 3.0 muutokset – “editor’s pick”PCI DSS 3.0 muutokset – “editor’s pick”
PCI DSS 3.0 muutokset – “editor’s pick”
 
"Hakkerihyökkäys terveydenhoitoalan organisaatioon – näin se tapahtuisi”
"Hakkerihyökkäys terveydenhoitoalan organisaatioon – näin se tapahtuisi”"Hakkerihyökkäys terveydenhoitoalan organisaatioon – näin se tapahtuisi”
"Hakkerihyökkäys terveydenhoitoalan organisaatioon – näin se tapahtuisi”
 
Miten tietomurron voi havaita lokeista?
Miten tietomurron voi havaita lokeista?Miten tietomurron voi havaita lokeista?
Miten tietomurron voi havaita lokeista?
 
Verkkopalveluiden tietoturva markkinointi- ja viestintäasiantuntijoille, kevä...
Verkkopalveluiden tietoturva markkinointi- ja viestintäasiantuntijoille, kevä...Verkkopalveluiden tietoturva markkinointi- ja viestintäasiantuntijoille, kevä...
Verkkopalveluiden tietoturva markkinointi- ja viestintäasiantuntijoille, kevä...
 
Kysely NSA-vakoilusta yrityspäättäjille
Kysely NSA-vakoilusta yrityspäättäjilleKysely NSA-vakoilusta yrityspäättäjille
Kysely NSA-vakoilusta yrityspäättäjille
 

Recently uploaded

Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Mathematics of Finance Presentation.pptx
Mathematics of Finance Presentation.pptxMathematics of Finance Presentation.pptx
Mathematics of Finance Presentation.pptxMoumonDas2
 
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Delhi Call girls
 
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...NETWAYS
 
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024eCommerce Institute
 
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxNikitaBankoti2
 
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceDelhi Call girls
 
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...Sheetaleventcompany
 
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesVVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesPooja Nehwal
 
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Salam Al-Karadaghi
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024eCommerce Institute
 
Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AITatiana Gurgel
 
Introduction to Prompt Engineering (Focusing on ChatGPT)
Introduction to Prompt Engineering (Focusing on ChatGPT)Introduction to Prompt Engineering (Focusing on ChatGPT)
Introduction to Prompt Engineering (Focusing on ChatGPT)Chameera Dedduwage
 
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Kayode Fayemi
 
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝soniya singh
 
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyCall Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyPooja Nehwal
 
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Hasting Chen
 
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...henrik385807
 
Presentation on Engagement in Book Clubs
Presentation on Engagement in Book ClubsPresentation on Engagement in Book Clubs
Presentation on Engagement in Book Clubssamaasim06
 
Thirunelveli call girls Tamil escorts 7877702510
Thirunelveli call girls Tamil escorts 7877702510Thirunelveli call girls Tamil escorts 7877702510
Thirunelveli call girls Tamil escorts 7877702510Vipesco
 

Recently uploaded (20)

Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Mathematics of Finance Presentation.pptx
Mathematics of Finance Presentation.pptxMathematics of Finance Presentation.pptx
Mathematics of Finance Presentation.pptx
 
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
 
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
 
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
 
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
 
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
 
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
 
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesVVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
 
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024
 
Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AI
 
Introduction to Prompt Engineering (Focusing on ChatGPT)
Introduction to Prompt Engineering (Focusing on ChatGPT)Introduction to Prompt Engineering (Focusing on ChatGPT)
Introduction to Prompt Engineering (Focusing on ChatGPT)
 
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
 
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
 
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyCall Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
 
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
 
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
 
Presentation on Engagement in Book Clubs
Presentation on Engagement in Book ClubsPresentation on Engagement in Book Clubs
Presentation on Engagement in Book Clubs
 
Thirunelveli call girls Tamil escorts 7877702510
Thirunelveli call girls Tamil escorts 7877702510Thirunelveli call girls Tamil escorts 7877702510
Thirunelveli call girls Tamil escorts 7877702510
 

Office 365 integration using organizational identities

  • 1. Office 365 integration using organizational identities Joonatan Henriksson Nixu Oy 9.10.2014 © Nixu 2014 1
  • 2. 9.10.2014 © Nixu 2014 One-stop shop for security consulting
  • 3. Keys for success in security consulting 9.10.2014 © Nixu 2014 • Security consulting since 1988 • Capacity and reliability: 120 persons, 14 M€ turnover • Secure premises: Finnish Defence Forces audited facilities • No strings attached: Product vendor independent Trust • Certifications: CISSP, CISA, CISM, CSSLP, CPTS, GCIH, GCFA, GCIA, GSNA, GSSPC, CCNA, ISO27001 Auditor, MCSE, QSA, PA-QSA, etc • Payment Card Industry (PCI DSS) Qualified Security Assessor and ASV company • ca. 140 clients in over 400 assignments during year 2013 • Assignments in around 20 countries Experience • Productized methodology for projects guarantees high quality • Global standards: TOGAF, ITIL, OWASP, ISO27001, ISF, PCI DSS, etc • Quality assurance included in each project, each project has a team • Secure practices for transmitting, storing and destroying confidential data Methodology 99% of our clients say they can recommend Nixu* * Fall 2013 Customer satisfaction study
  • 4. We have SAML 2.0 support!! (March 2014) 9.10.2014 © Nixu 2014 4 Source: http://blogs.office.com/2014/03/06/announcing-support-for-saml-2-0-federation-with-office-365/
  • 5. …well, at least soon?! “…the following scenarios are blocked when using SAML 2.0 or Shibboleth.  Lync desktop client  Applications such as Word, Excel, PowerPoint, Visio, etc. when accessing files from SharePoint Online  Office 365 ProPlus licensing for Office desktop applications  PowerShell access to Office 365 The update to the Office 2013 client applications is expected to be released later in 2014.”* 9.10.2014 © Nixu 2014 5 Source: http://blogs.office.com/2014/03/06/announcing-support-for-saml-2-0-federation-with-office-365/
  • 6. Possibilities until then (and with legacy clients)  Standards support – SAML 2.0 support has evolved slowly during 2013-2014 – WS-Federation – WS-Trust 9.10.2014 © Nixu 2014 6
  • 7. Customer requirements (in 2013)  Office 365 “reseller” business case  Existing local user base with external users  Existing authentication service with SAML 2.0 support (non-ADFS)  Flexible authentication to Office 365 for email  Mobile clients must work with Active Sync  IMAP must work  Multitenant and multidomain environment 9.10.2014 © Nixu 2014 7
  • 8. High level architecture for passive authentication 9.10.2014 © Nixu 2014 8 SSO Outlook Web Access Azure AD IDM Browser Access AuthN AuthZ User store first name last name display name UPN=[default email address] immutableID=[unique ID] license type location (SMTP address if other value than UPN is required) Forms based authentication
  • 9. High level architecture for proxy authentication 9.10.2014 © Nixu 2014 9 SSO Exchange Online Azure AD IDM Client Basic auth AuthN AuthZ User store SAML 2.0 ECP first name last name display name UPN=[default email address] immutableID=[unique ID] license type location (SMTP address if other value than UPN is required)
  • 10. Challenges with integration  Active Sync client requires the use of the SAML 2.0 ECP-profile (Enhanced Client or Proxy) with HTTP Basic Auth  Multitenancy, i.e. separating different domains in the IdP/SSO  Lack of logging in O365  Converting and modifying identities might take time 9.10.2014 © Nixu 2014 10
  • 11. Multiple clients in multiple platforms Client Platform AuthN mechanism Browser for MS Online and Outlook Web Access PC / MAC SAML 2.0 (Passive authentication) Outlook 2007/Outlook 2010/2013?, Exchange ActiveSync, POP/IMAP/SMTP client PC / MAC? Basic authentication over SSL, SAML 2.0 (Proxy authentication) Lync 2010 PC / MAC? WS-Federation and WS- Trust Lync mobile >5.2 iOS, Windows Phone SAML 2.0 (Passive authentication) Office 2010/Office 2007/2013? applications PC / MAC? Active authentication with WS-Trust 9.10.2014 © Nixu 2014 11
  • 12. Identity provisioning alternatives  Manual  PowerShell  DirSync  Forefront Identity Manager (Windows Azure Active Directory Connector)  Azure AD Graph API (2014) 9.10.2014 © Nixu 2014 12
  • 13. Other uses for SAML based federation  Many SaaS and cloud providers support SAML 2.0 – E.g. SalesForce, Yammer, Zendesk, Google Apps etc. 9.10.2014 © Nixu 2014 13
  • 14. Main takeaways  Standards based integration is still in the making  Plan your business case  Plan your use cases  You need to know your authentication protocols  ADFS not the only option, other SSO products work as well – Currently with mixed protocols, in the future with SAML 2.0* 9.10.2014 © Nixu 2014 14 * source: http://blogs.office.com/2014/03/06/announcing-support-for-saml-2-0-federation-with-office-365/
  • 15. Links  Announcing support for SAML 2.0 federation with Office 365 http://blogs.office.com/2014/03/06/announcing-support-for-saml-2- 0-federation-with-office-365/  O365 SAML 2.0 implementors guide http://go.microsoft.com/?linkid=9844221 9.10.2014 © Nixu 2014 15
  • 16. Thank you! Nixu Oy www.nixu.fi/blogi - www.tietovastuu.fi - twitter: @nixutigerteam P.O. Box 39 (Keilaranta 15), FI-02150 Espoo, Finland Tel +358 9 478 1011, Fax +358 9 478 1030, nixu.sales@nixu.com Joonatan Henriksson joonatan.henriksson@nixu.com +358 50 342 3472 Twitter: @jonttuh 9.10.2014 © Nixu 2014 16

Editor's Notes

  1. CCNA  Cisco Certified Network Associate  1  CISA  Certified Information Systems Auditor  4  CISM  Certified Information Security Manager  2  CISSP  Certified Information Systems Security Professional  10  CompTIA Security+    1  CPTS  Certified Penetration Testing Specialist  2  CSSLP  Certified Secure Software Lifecycle Professional  5  GCFA  Giac Certified Forensic Analyst  1  GCIA Gold  Giac Certified Intrusion Analyst  1  GCIH  Giac Certified Incident Handler  2  GSEC  Giac Security Essentials Certification  1  GSNA  Giac Systems and Network Auditor  2  GSSPC  Giac Secure Software Programmer - C  2  ISO/IEC 27001:2005 Certified Auditor (BVQI)    1  ISO/IEC 9000:2000 series Certified Auditor (BVQI)    1  ITIL foundations v2    2  ITIL foundations v3    2  MCSE  Microsoft Certified Systems Engineer  1  PA-QSA  Payment Application Qualified Security Assessor  1  QPASP  Qualified Payment Application Security Professional  1  QSA  Qualified Security Assessor  6  RHCT  Red Hat Certified Technician  1  Terena Certified CSIRT member    1  Ubisecure IAM Academy Qualified    2  VMWare Certified Professional    1