TDNF Seminar

639 views

Published on

Short seminar style overview of EmpowerID and the Dot Net Workflow platform

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
639
On SlideShare
0
From Embeds
0
Number of Embeds
10
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

TDNF Seminar

  1. 1. Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />1<br />
  2. 2. Security Challenges<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />2<br />It should be easier to get access to the IT resources I need to work<br />I want to delegate management but not lose control<br />How can we report on who has access to what across all our systems<br />
  3. 3. The Make Like Bob ProblemSecurity Based On a Moving Target<br />Protected Resources<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />Year N<br />Day 1<br />Year 2<br />New Access Granted<br />New Access Granted<br />?<br />Multiple sites and roles<br />Who are you?<br />SharePoint<br />?<br />?<br />?<br />PO Approver<br />?<br />AD User: CMH OU<br />X<br />?<br />Custom Applications<br />CRM LDAP User<br />Send As<br />Bob<br />Sales Executive”<br />?<br />?<br />Payroll & Unix User<br />Person<br />?<br />Full Access<br />?<br />?<br />Sales Share<br />Conference Room 5401<br />New Hire: Jim<br />“Sales Executive”<br />New Hire: Sarah<br />“Sales Executive”<br />
  4. 4. The Challenge with an AD Groups-only Approach?<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />Access Granted<br />Protected Resources<br />?<br />Groups<br />Multiple sites and roles<br />John’s User Accounts<br />?<br />What can you access, when, and why?<br />Who are you?<br />SharePoint<br />?<br />?<br />PO Approver<br />Helpdesk Manager<br />?<br />?<br />No Reportable or Auditable Link<br />?<br />Custom Applications<br />Mailbox Helpdesk I<br />Send As<br />John<br />?<br />?<br />Person<br />Full Access<br />Shared Mailbox<br />?<br />?<br />?<br />Conference Room 5401<br />
  5. 5. Protected ResourcesEmpowerID enforces security across systems<br />Custom Application<br />Windows Servers<br />SAP<br />Microsoft SharePoint Web<br />Types of Protected Resources<br />Active Directory Group<br />Groups<br />Web Resources<br />Microsoft Exchange Mailbox<br />EmpowerID is an authorization platform that can be extended to support any type of application and application resource. Protected systems containing resources are called “Resource Systems”. EmpowerID inventories Resource Systems and enforces permissions. <br />Permissions Management<br />=<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />
  6. 6. New Tools: Windows PowerShell<br /><ul><li>New command line and scripting language</li></li></ul><li>New Tools: Windows PowerShell<br />
  7. 7. <ul><li>Over 2 million downloads in first 18 months
  8. 8. Adopted by Citrix, VMware, Exchange, SharePoint, SQL…
  9. 9. CEC 2010 requirement
  10. 10. CEC = Common Engineering Criteria.  PowerShell is part of the CEC for 2010.  This means that all Microsoft products released in 2010 must have PowerShell built in.
  11. 11. Strong community engagement</li></ul>Shipped with<br />Windows Server 2008<br />Phenomenal Adoption Rate<br />
  12. 12. New Tools: Windows Workflow Foundation<br />Workflow engine shipped as part of the .NET 3.0 Framework<br />Model workflows as state machines or sequential steps<br />Long-running and stateful <br />
  13. 13. EmpowerID and Dot Net WorkflowBring It All Together<br />Windows PowerShell<br />Windows Workflow Foundation (WF)<br />Windows Communication Foundation (WCF)<br />Windows Presentation Foundation (WPF)<br />Windows Identity Foundation (WIF) - Federation<br />ASP.NET AJAX<br />Silverlight<br />SQL Server<br />Active Directory Domain Services<br />Active Directory Lightweight Directory Services (ADAM)<br />SharePoint 2007/2010<br />Exchange 2003/2007/2010<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />
  14. 14. EmpowerID Capabilities<br />EmpowerID’s Role-Based Identity and Entitlement Management answers the question, “who should have access to which IT resources and for how long?” and then enforcesthe results across all enterprise systems. <br />With EmpowerID's workflow platform, organizations visually design business processes as workflows to automate the lifecycle of enterprise identities, roles, and resources.<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />11<br />
  15. 15. Identity Management Challenges<br />Automate user provisioning<br />Gartner estimates organizations can save 300% of the cost by automating user provisioning<br />Automate Group Management<br />This will reduce cost and improve efficiency<br />Reduce or eliminate Password reset calls <br />Gartner estimates this accounts for up to 50% of all Help Desk calls at a cost of $20 to $50 each <br />Automate Compliance Reporting<br />Eliminate delays in granting and revoking access <br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />12<br />
  16. 16. EmpowerID Solutions<br />Password Self-Service Reset<br />Group Management and Self-Service<br />SharePoint Audit and Permissions Management<br />SharePoint and .NET Extranet Directory Solution<br />Role-Based User Provisioning and Directory Sync<br />User and Exchange Mailbox Management<br />Secure Workflow Automation<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />13<br />
  17. 17. EmpowerID Quick Facts<br />Currently used to provision, manage, and audit user and system security in global organizations with 100’s of thousands of users running >20,000 workflows per month<br />Multiple modules enable organizations to custom design a solution to fit their needs<br />Only solution on the market offering:<br />A visual design studio for drag and drop Microsoft Windows Workflow Foundation development<br />A library of self-service workflows that automate processes with flexible approval routing and built-in audit trails<br />Enterprise role management that extends beyond Active Directory to enforce permissions across all managed systems <br />A scalable multi-instance relational Metadirectory and synchronization engine<br />A unified management console supporting the broadest range of directories and enterprise applications including Active Directory, LDAP, Microsoft Exchange, Microsoft SharePoint, and even custom applications<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />14<br />
  18. 18. MetadirectoryManagement of a Person and Their User Accounts<br />EmpowerID Person<br />SAP<br />LDAP<br />Active Directory<br />Payroll<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />.NET Applications<br />Authentication<br />John Smith<br />Authentication<br />Account Stores<br />Directories containing a Person’s user accounts managed by EmpowerID<br />LOB Apps<br />EmpowerID continually inventories and monitors Accounts Stores for changes. New user accounts are discovered and processed through a workflow to evaluate if they should be “Joined” to an existing Person, “Ignored”, or a new Person should be “Provisioned”. <br />
  19. 19. Role-Based Access ControlMulti-Hierarchy RBAC using Job Function and Location<br />16<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />
  20. 20. A New Breed Of Identity ManagementFrom Code to Visual Process Management <br />EmpowerID WF Process<br />Traditional Identity Management<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />
  21. 21. Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />18<br />Dot Net Workflow Studio is a drag and drop design environment for secure process automation. What You See Is What You Get user interface designers generate code free user interfaces.<br />Secure Business Processes DesignWorkflow Studio: Visual Process Designer<br />
  22. 22. Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />19<br />Workflow OperationsAutomatic Role-Based Authorization and Approvals<br /><ul><li>Entitlement management and authorization system built-in – workflows automatically routed for approval using Rights-Based Approval Routing (RBAR)
  23. 23. Wizards convert PowerShell Commandlets or custom code into secure workflow Operations.</li></li></ul><li>User Experience: Resource ManagerIndustry’s Only Unified Management Console<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />20<br />
  24. 24. User Experience: Service Catalog<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.TheDotNetFactory.com<br />21<br />
  25. 25. User Experience : Inside SharePoint “Service Catalog”<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.TheDotNetFactory.com<br />22<br />
  26. 26. User Experience : Inside SharePoint - Running a Workflow<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.TheDotNetFactory.com<br />23<br />
  27. 27. User Experience :Workflow Task List<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.TheDotNetFactory.com<br />24<br />
  28. 28. User Experience : Inside SharePoint “Workflow Task List”<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.TheDotNetFactory.com<br />25<br />
  29. 29. User Experience : EmpowerID Pages<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.TheDotNetFactory.com<br />26<br />
  30. 30. User Experience : Inside SharePoint – “Theme Inheritance”<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.TheDotNetFactory.com<br />27<br />
  31. 31. User Experience: Click Once Rich Client<br />Copyright © 2010. Dot Net Workflow is a trademark of The Dot Net Factory, LLC. |www.DotNetWorkflow.com<br />28<br />
  32. 32. User Experience: Workflow for SharePoint<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />29<br />
  33. 33. User Experience: Workflow for SharePoint<br />Copyright © 2010. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com<br />30<br />
  34. 34. Thank you<br />

×