Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

How oracle-uses-idm-chirag-v2

4,433 views

Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

How oracle-uses-idm-chirag-v2

  1. 1. How Oracle UsesIdentity ManagementChirag AndaniDirector,Identity Management Services 1 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  2. 2. Oracle Identity and Access Management Project: Why Did We Do It? •  Security •  Establish Single Sign On •  Zero downtime period26 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  3. 3. Scope of Identity Management Requirements •  Internal applications deployed included •  1000+ partner applications •  SSO, Email, Beehive, Files (Content), Portals, eBiz, SSA, WebCenter •  External applications deployed included •  www.oracle.com, OTN, Oracle Partner Network, Oracle Forums, eBiz, My Oracle Support (MOS)/Sun Support27 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  4. 4. Oracle Access Manager 11g What We Set Out to Do •  Replace Oracle Single Sign-On 10g ( $ (OSSO) and $6$ = ( converge Oracle )) Access Manager 10g -$ $
  5. 5. $( (OAM) and Sun Open == ( )) Single Sign-On
  6. 6. $( = (OSO)28 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  7. 7. How We Did It Without Disruption Architected for zero downtime29 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  8. 8. Rollout in Phased Approach •  Phase 1 : Pilot User rollout (200 Users) •  Phase 2 : Pilot applications (2 applications) •  Phase 3 : 10% of all production traffic •  Phase 4 : 20% of all production traffic •  Phase 5 : 50% of all production traffic •  Phase 6 : 100% of all production traffic30 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  9. 9. With Immediate Rollback if Required •  35 application-based issues •  Zero downtime Rollback plan: –  10g SSO servers available via LBR –  Live traffic to flip to 100% 10g SSO31 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  10. 10. Measurement of Operational Success Oracle Access Manager Application Stats Item Metric Total Partner Apps 1000 Total Monthly OAM 23.1 M Operations (External) Total Monthly OAM 16 M Operations (Internal)32 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  11. 11. Oracle Internet Directory •  Create a single identity store •  Reduce cost •  Eliminate data discrepancies33 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  12. 12. Oracle Internet Directory Configuration Topology •  Internal Environment •  2 MMR Replicas, 2 Fan-outs •  Each MMR Replica is 4-node OID and 4-node RAC cluster, two geographic sites •  OID 11.1.1.1.0, RDBMS 11.2.0.2 •  External Environment •  2 MMR Replicas, cluster configuration, two geographic sites •  OID 11.1.1.1.0, RDBMS 11.2.0.234 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  13. 13. Oracle Internet Directory Global Oracle Identity Management Architecture35 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  14. 14. How Much Traffic Does Our OID Handle? •  54 Million LDAP ops/day on single replica •  5 Billion operations/month •  Expanded LDAP footprint •  Internal – 2.5 Million entries •  External – 14.5 Million users •  Groups – 250K+ static groups, up to 1M members/group, 600+ dynamic groups36 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  15. 15. What’s Next: Oracle Identity Manager 11g •  Consolidate internal user and access provisioning •  Expand scalability •  Reduce provisioning cost and lead times37 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  16. 16. Oracle Identity Manager 11g Oracle Identity Manager Architecture38 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  17. 17. The story continuesProvisioning/migrating toOIM 25%complete39 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  18. 18. Oracle Fusion Middleware 11g application infrastructure foundation Complete – Integrated Hot-pluggable – Best-of-breed40 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.

×