Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

NCU Business Development on NetIQ IDM

245 views

Published on

Business Development on NetIQ IDM

By Novell Consulting Ukraine (NCU)Overview on value add of NCU
• Built new integration modules (drivers)
• Build a Risk Assesment System inside NetIQ IDM
• Enhanced user interface features of the portal IDM
UserApplication
• Comprehensive Separation of Duties management on
the application request stage.
• Other examples of enhancements made to NetIQ IDM

IDM integration module for Microstrategy
Risk Assessment System inside NetIQ IDM
Enhanced user interface features of the portal IDM UserApplication
Comprehensive Separation of Duties management


Published in: Software
  • Be the first to comment

  • Be the first to like this

NCU Business Development on NetIQ IDM

  1. 1. Business Development on NetIQ IDM  By Novell Consulting Ukraine (NCU)
  2. 2. Overview on value add of NCU • Built new integration modules (drivers) • Build a Risk Assesment System inside NetIQ IDM • Enhanced user interface features of the portal IDM UserApplication • Comprehensive Separation of Duties management on the application request stage. • Other examples of enhancements made to NetIQ IDM
  3. 3. Built new drivers Why ?
  4. 4. Customers demands: Automation of access permissions and objects management for Microstrategy (provider of enterprise software platforms for Data Analytics & Audits). Who uses Microstrategy: SWIFT, 1st Financial Bank USA, Adidas, First National Bank, Bayer Healthcare, BNP Paribas, UniCredit, Deutsche Bank AG, DHL, Samsung Electronics, eBay, Facebook, Hyundai Mortor Company etc. http://www.microstrategy.com/us/about-us/customers/customer-list Current NetIQ Deliverables: None: There are no off shelf integration modules for the leader in analytic and audit industry: MicroStrategy. IDM integration module for Microstrategy
  5. 5. IDM integration module for Microstrategy NCU developments: • Fully-functional driver, built according to IDM and SDK architecture from NetIQ • Complete Java implementation, uses Java Web API from MicroStrategy SDK • Allows bi-directional synchronization of User, Group, Report data and other MicroStrategy metadata with NetIQ IDM • Delivered with built-in policy set, that lets achieve a result out of box • Tested with MicroStrategy version 9.x in an actual project in Ukraine Future NetIQ Deliverables: Off shelf integration modules for the leader in analytic and audit industry: MicroStrategy.
  6. 6. • components: IDM 4.x • deliverables: .jar, .xml • services: installation, configuration, documentation • support: updates & upgrades, 2nd line support IDM integration module for Microstrategy Deliverables by NCU
  7. 7. Risk Assessment System inside NetIQ IDM Why ?
  8. 8. Risk Assessment for applied and authorized permissions Customers demands: Pro-active reaction to redundant permissions risks (do not allow to apply for the critical permission set on the access request stage). Receive comprehensive authorized permissions assessment for damages forecast and re-assessment planning. Current NetIQ Deliverables: There are no Risk Assessment components inside NetIQ IDM. The feature is arranged in an off-line mode through reporting - and a refined version through Access Review.
  9. 9. Risk Assessment for applied and authorized permissions NCU developments: • Data and Permissions Risk Assessment module for NetIQ IDM (Abuse of permissions risk, Permissions loss risk, Permissions delegation risk, Information distortion risk, Data breach risk etc.) • Pro-active analysis of risk level feature during access request application stage • Worlds best practices in Risk Assessment reports • Administration setting tools Future NetIQ Deliverables: Pro Active Risk Assessment for applied and authorized permissions inside NetIQ IDM
  10. 10. Risk Assessment System module Features ● Risk Assessment based on complex evaluations of object (User, System, Role, Activity) ● Operational risk evaluation during role permission assignment in the request application (form dashboards) ● Risk Analysis and Assessment (parameterized linked reports/sub- reports in JasperReport©) ● Risk Forecasting based on evaluations and executed activities (permissions assignment and revocation)
  11. 11. Permissions Request Form with Risk Indicator
  12. 12. Permissions Request Form with Risk Indicator
  13. 13. Risk Assessment (HeatMap)
  14. 14. Risk Assessment (HeatMap)
  15. 15. Risk Assessment (HeatMap subreport)
  16. 16. Critical Level Analysis
  17. 17. Critical Level Analysis
  18. 18. Critical Level Analysis
  19. 19. Critical Level Analysis
  20. 20. Risk Assessment System module Conclusion ● Risk Assessment based on characteristics of the objects used in access approval and maintenance ● Prevention/notification during assignment of roles associated with risks ● Risk Analysis and Forecasting ● Assessment Indicator settings according to Customer demands ● Analysis visualization for critical areas retrieval and assessment ● “Heat Map” building for analysis acceleration ● Assessment engine scaling according to object characteristics, risks, object evaluations
  21. 21. • components: IDM 4.x UserApplication, EAS; Jasper Report 5.6/6.0 (community edition), jqgrid (opensource js-framework) • deliverables: .war (.jar, .js), .xml (PRD), database schema (postgresql), report templates • services: installation, configuration, documentation • support: updates & upgrades, 2nd line support Risk Assessment System module Deliverables by NCU
  22. 22. Enhanced user interface features of the portal IDM UserApplication
  23. 23. IDM User Application interface features extension Customers demands: The ability not only to manage user group/target system role membership though IDM, but also to manage (create, edit) roles/access-groups in target systems WITHOUT system administrator's help. Current NetIQ deliverables: Building tools for Simple forms, suitable for requests with short number of controls (fields, checkboxes etc.)
  24. 24. Example: User Application + jqGrid
  25. 25. Example: User Application + jqGrid
  26. 26. User Application + jqGrid • Open Source jqGrid solution integration with UserApplication Interface. • jgGrid controls binding with IDM role-based system. • As a result — ability to build more robust target system permission management interfaces. When need such features: • Integration with systems that does not have native interfaces for permission grouping or systems with inconvenient interfaces. • Demand to create and transfer to business the interfaces for target system object creation (particularly topical in banking).
  27. 27. Comprehensive Separation of Duties management
  28. 28. Customers demands: Prevent the registration request on conflict roles (SoD), having invested the role of the lower levels. Current NetIQ Deliverables: NetIQ IDM does not check SoD policies in online forms and between role model levels. NetIQ IDM does not communicate with the user in case of policy violation. Avoiding conflict of roles order
  29. 29. SoD Online control from UserApplication forms • SoD validation on all built-in levels in UserApplication forms. • SoD violation notification. • SoD policies creation interface stays unchanged. BusinessBusiness Role 1Role 1 BusinessBusiness Role 2Role 2 CommonCommon Role 1Role 1 CommonCommon Role 2Role 2 CommonCommon Role 3Role 3 Prohibited roles combi- nation (SoD)
  30. 30. Other examples of enhancements made to NetIQ IDM • Optimized existing drivers (ActiveDirectory, Lotus Notes) • Digital Signature solution made inside the approval processes stage • Extended and customized IDM reports

×