SlideShare a Scribd company logo

Get the Exact Identity Solution You Need - In the Cloud - Overview

Download as PPTX, PDF
ForgeRock
ForgeRock

Discover how running your IAM on AWS gives you the exact solution that you want with the operational model of a SaaS.

Technology
1 of 28
HUBCITYMEDIA Get the Exact IAM Solution You Need In the Cloud Containerized IAM on Amazon Web Services (Webcast 1 of 3) HUBCITYMEDIA
HUBCITYMEDIA Introduction – Warren Strange  With ForgeRock Since 2013  Responsible for DevOps Strategy  Previously with Sun Microsystems and Oracle Founded in Norway in 2010, ForgeRock technology is based on Sun Microsystem's IAM products. We are focused on Digital Identity and Access Management. • ForgeRock Access Manager • ForgeRock Identity Manager • ForgeRock Identity Gateway • ForgeRock Directory Services Copyright © 2018 ForgeRock. All rights reserved 2
HUBCITYMEDIA Introduction – Steve Giovannetti  CTO and Founder of Hub City Media  Identity since 2001  Focus on containerized solutions for 2 years Hub City Media has over 18 years of experience implementing IAM solutions, and particularly specializes in ForgeRock deployments in the cloud and on premise. Equipped with full-time, US-Based Professional Services and Managed Support Services teams, we have the ability to partner with clients in any location or time zone. 3Copyright © 2018 HUBCITYMEDIA. All rights reserved.
HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. What is Containerized IAM? IAM Infrastructure Vendor Product > Containerize > Deploy Copyright © 2018 HUBCITYMEDIA. All rights reserved. 4
HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. 5 Containerized IAM in the Industry The Containerizatio n Boom Deploy Everything Reliable Systematic Repeatable
HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Why Containerized IAM? Settling vs. Success Operationally IDaaS Customization Capabilities of an On-Premise Deployment Operational Functionality of an IDaaS Consistent Software Delivery Method As companies modernize their infrastructure, this strategy is preferred Traditional IDaaS Containerized IAM No need to settle for an OOTB solution Customize to meet all of your needs 6
HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Implications? Support from Vendor Products Containerized IAM 7
HUBCITYMEDIA Old School Deployment Back in the dark ages (before DevOps), there was the Run Book! Documented Procedures How to make changes in production Deployment Cadence Yearly Servers “Pets” (Snowflake Servers) “Mutable” 8Copyright © 2018 ForgeRock. All rights reserved
HUBCITYMEDIA 2015 - The ForgeRock DevOps Journey Begins Demand Clients and Partners were looking for increased deployment velocity Lower deployment cost Public Cloud IaaS The Beginning Started looking at scripted deployments using Ansible frstack project Moderate success Automated complexity, but didn’t fix it Conclusions Significant product changes needed to simplify deployment (solve for complexity – don’t automate) Move from Java war files to containers Kubernetes as the orchestration platform 9Copyright © 2018 ForgeRock. All rights reserved
HUBCITYMEDIA Why Kubernetes? • Cloud agnostic: Any Cloud + Bare Metal • Think of Kubernetes as AWS in a box • Broad Industry Support - CNCF project • The “linux” of container management • The container orchestration wars are over… 10Copyright © 2018 ForgeRock. All rights reserved
HUBCITYMEDIA OpenAMOpenAM AM DJ DJ DS OpenIDM OpenIDM IDM OpenIGIG PV SSD kind: Deployment spec: replicas: 1 template: metadata: name: openig labels: name: openig spec: containers: - name: openig image: forgerock/openig volumes: - name: keystore secret: secretName: openig manifest describes components and their relationships kind: Service name: opendj ports: - port: 389 name: ldap targetPort: 389 persistent volumes abstract storage Kubernetes Manifest Describes a “Virtual” ForgeRock Deployment Architecture The same manifest works on any cloud! AWS, Azure, Google, VMware, etc. 11Copyright © 2018 ForgeRock. All rights reserved
HUBCITYMEDIA Deployment Landscape • Deploy a war file • Bring your own infrastructure • Maximum flexibility • “Build it your way” • Higher operational complexity / cost On-premise • Limited flexibility • Infrastructure is fixed • Lower Operational Costs • Fastest deployment • Hybrid deployment on Kubernetes • Flexibility: less than custom, greater than SaaS • Lower operational costs through automation • Faster deployment • Semi-opinionated infrastructure: o Bring your own cloud 12Copyright © 2018 ForgeRock. All rights reserved
HUBCITYMEDIA Key DevOPs Focus Areas Core Engineering to make products “12Factor” like Prefer Stateless vs. Stateful Kubernetes / Container Friendly Support Infrastructure as Code AKA configuration as an artifact Support for Immutable Deployment No snowflake servers The 12 factors circa 200 BC 13Copyright © 2018 ForgeRock. All rights reserved
HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. ForgeRock DevOps The cool stuff Where most of the effort is
HUBCITYMEDIA Current DevOps Enhancements ForgeRock Access Manager Import / Export configuration as json Autonomous servers; AM servers are “cattle” – no server identity Stateless Sessions – improved horizontal scalability Commons configuration – Template json configuration using common expressions. Use environment variables, system properties (12 factor practice) Evaluation docker images available on bintray docker pull forgerock-docker-public.bintray.io/forgerock/opendj:6.0.0 Sample Helm charts / Kubernetes manifests Platform 15Copyright © 2018 ForgeRock. All rights reserved
HUBCITYMEDIA ForgeOps Repository The ForgeOps Repository provides demonstration Dockerfiles and Kubernetes / Helm artifacts ● You will need to modify these files for your environment Open Source - https://github.com/ForgeRock DevOps Reference Examples - https://github.com/ForgeRock/forgeops Yes - ForgeRock supports our products running in Docker / Kubernetes! (*) - ForgeRock provides commercial support for the platform (AM, DS, IDM, IG). We expect our partners / clients to have Kubernetes experience! 16Copyright © 2018 ForgeRock. All rights reserved
HUBCITYMEDIA DevOps Guide Read the Fine Manual! Now with task flowcharts! 17Copyright © 2018 ForgeRock. All rights reserved https://backstage.forgerock.com/docs/ DevOps Guide https://backstage.forgerock.com/docs/platf orm/6/devops-quick-start-guide/
HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Power of AWS with Containerization Maturity Market Leader in Cloud Widely Used Breadth of Services Unparalleled in the Cloud Vendor market Flexibility Can be spread throughout organization 18
HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Containerized IAM on AWS – The Journey Automated Infrastructure Build VPC, Networking, Monitoring, CI/CD System Kubernetes Automated ForgeRock Product Project Configuration Kubernetes Namespace / Product Dependencies Integrated Monitoring and Management Cloud Watch Alerts and Monitors - Elastisearch Continuous Integration / Deployment Templates 19
HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Infrastructure Build Jenkins Kub Master Kub Master Kub Master Kub Node Kub Node Kub Node 1. CF VPC Creation Script • Creates VPC • AZs and Subnets • NAT Gateways • S3 Endpoint • Customer Gateway • VPN Gateway • Internet Gateway • Routing Tables • Cloudwatch • ElasticSearch • Route53 2. CF Jenkins Host Creation • Kicks off Kops Script 3. Kops Script • Creates Master Nodes • Creates Kub Nodes 20
HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Product Configuration ForgeRock IDM 1. Create Dependencies • RDS Multi-AZ 2. Create Namespace 3. Create Deployment • Images / Pods • ELBs – Multi-AZ ForgeRock AM 1. Create Dependencies • DJ 2. Create Namespace 3. Create Deployment • Images / Pods • ELBs – Multi-AZ Jenkins Kub Master Kub Master Kub Master DS DS DS Kubernetes Cluster Multi-AZ RDS IDM Namespace AM Namespace 21
HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. HCM – Client Use Case Multiple legacy vendor products High costs to manage and modernize Initiative to go IDaaS No single IDaaS vendor to satisfy all needs Implement ANY use case No constrictions Client controlled Extremely cost effective in comparison to other options REQUIREMENTS COMPLEXITY COST 22
HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Client Use Case ForgeRock Platform Custom, multi-phase IDM, AM, DS, IDG implementation Hub City Media Governance (IDG) HCM Tier 3 Support Managed Cloud Services on AWS $2.61 Per User Per Month 23
HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Containerized IAM on AWS – Roadmap 1.0 GA – May 2017 Released to Internal Team Automated Infrastructure Product / Namespace Config Monitoring Jenkins Templates Client Go Live – July 2017 1.2 – Winter 20181.1 – Fall 2018 Internal Dev Cutover Dockerize Jenkins Addt’l Deployment Strategies Containerization of DS Improved Encryption for Secrets Google Cloud Platform Stackdriver Integration Kube Federation AMI Configuration Tooling Improved Monitoring 24
HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Other Cloud Providers The Future of Software Deployment Considerations for the Future / Documentation FINAL WORDS
HUBCITYMEDIA Questions and Answers HUBCITYMEDIA
HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Webcast Series POSSIBILITIES ARCHITECTURE DEVOPS August 15, 2018 2:00pm-3:00pm EST September 12, 2018 2:00pm-3:00pm EST Thank you for joining us! 27
HUBCITYMEDIA Thank you! HUBCITYMEDIA

Recommended

Blockchain - The Next Big Thing for Middleware
Blockchain - The Next Big Thing for MiddlewareBlockchain - The Next Big Thing for Middleware
Blockchain - The Next Big Thing for Middleware
Kai Wähner
 
TIBCO BWCE and Netflix' Hystrix Circuit Breaker for Cloud Native Middleware M...
TIBCO BWCE and Netflix' Hystrix Circuit Breaker for Cloud Native Middleware M...TIBCO BWCE and Netflix' Hystrix Circuit Breaker for Cloud Native Middleware M...
TIBCO BWCE and Netflix' Hystrix Circuit Breaker for Cloud Native Middleware M...
Kai Wähner
 
What's New in HiveMQ: Inside the upcoming HiveMQ 4.7 release
What's New in HiveMQ: Inside the upcoming HiveMQ 4.7 releaseWhat's New in HiveMQ: Inside the upcoming HiveMQ 4.7 release
What's New in HiveMQ: Inside the upcoming HiveMQ 4.7 release
Georg Held
 
Introducing HiveMQ Cloud
Introducing HiveMQ CloudIntroducing HiveMQ Cloud
Introducing HiveMQ Cloud
MargarethaErber
 
Empowering developers and operators through Gitlab and HashiCorp
Empowering developers and operators through Gitlab and HashiCorpEmpowering developers and operators through Gitlab and HashiCorp
Empowering developers and operators through Gitlab and HashiCorp
Mitchell Pronschinske
 
Dynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesDynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD Pipelines
Mitchell Pronschinske
 
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINXSecure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
NGINX, Inc.
 
2015 cloud trend and cloud DR
2015 cloud trend and cloud DR2015 cloud trend and cloud DR
2015 cloud trend and cloud DRbizmerce
 

Recommended

Blockchain - The Next Big Thing for Middleware
Blockchain - The Next Big Thing for MiddlewareBlockchain - The Next Big Thing for Middleware
Blockchain - The Next Big Thing for Middleware
Kai Wähner
 
TIBCO BWCE and Netflix' Hystrix Circuit Breaker for Cloud Native Middleware M...
TIBCO BWCE and Netflix' Hystrix Circuit Breaker for Cloud Native Middleware M...TIBCO BWCE and Netflix' Hystrix Circuit Breaker for Cloud Native Middleware M...
TIBCO BWCE and Netflix' Hystrix Circuit Breaker for Cloud Native Middleware M...
Kai Wähner
 
What's New in HiveMQ: Inside the upcoming HiveMQ 4.7 release
What's New in HiveMQ: Inside the upcoming HiveMQ 4.7 releaseWhat's New in HiveMQ: Inside the upcoming HiveMQ 4.7 release
What's New in HiveMQ: Inside the upcoming HiveMQ 4.7 release
Georg Held
 
Introducing HiveMQ Cloud
Introducing HiveMQ CloudIntroducing HiveMQ Cloud
Introducing HiveMQ Cloud
MargarethaErber
 
Empowering developers and operators through Gitlab and HashiCorp
Empowering developers and operators through Gitlab and HashiCorpEmpowering developers and operators through Gitlab and HashiCorp
Empowering developers and operators through Gitlab and HashiCorp
Mitchell Pronschinske
 
Dynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesDynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD Pipelines
Mitchell Pronschinske
 
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINXSecure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
NGINX, Inc.
 
2015 cloud trend and cloud DR
2015 cloud trend and cloud DR2015 cloud trend and cloud DR
2015 cloud trend and cloud DRbizmerce
 
Case Study: How to move from a Monolith to Cloud, Containers and Microservices
Case Study: How to move from a Monolith to Cloud, Containers and MicroservicesCase Study: How to move from a Monolith to Cloud, Containers and Microservices
Case Study: How to move from a Monolith to Cloud, Containers and Microservices
Kai Wähner
 
Revolutionising IT Agility
Revolutionising IT AgilityRevolutionising IT Agility
Revolutionising IT Agility
NGINX, Inc.
 
Provisioning Windows instances at scale on Azure, AWS and OpenStack - Adrian ...
Provisioning Windows instances at scale on Azure, AWS and OpenStack - Adrian ...Provisioning Windows instances at scale on Azure, AWS and OpenStack - Adrian ...
Provisioning Windows instances at scale on Azure, AWS and OpenStack - Adrian ...
ITCamp
 
Demystifying AuthN/AuthZ Using OIDC & OAuth2
Demystifying AuthN/AuthZ Using OIDC & OAuth2Demystifying AuthN/AuthZ Using OIDC & OAuth2
Demystifying AuthN/AuthZ Using OIDC & OAuth2
NGINX, Inc.
 
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMigrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Mitchell Pronschinske
 
Driving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINXDriving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINX
NGINX, Inc.
 
wisecloud based open cloud implementation guide
wisecloud based open cloud implementation guidewisecloud based open cloud implementation guide
wisecloud based open cloud implementation guide
bizmerce
 
IBM Bluemix Nice meetup #5 - 20170504 - Orchestrer Docker avec Kubernetes
IBM Bluemix Nice meetup #5 - 20170504 - Orchestrer Docker avec KubernetesIBM Bluemix Nice meetup #5 - 20170504 - Orchestrer Docker avec Kubernetes
IBM Bluemix Nice meetup #5 - 20170504 - Orchestrer Docker avec Kubernetes
IBM France Lab
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
Alexander Al Basosi
 
Using Cisco pxGrid for Security Platform Integration: a deep dive
Using Cisco pxGrid for Security Platform Integration: a deep diveUsing Cisco pxGrid for Security Platform Integration: a deep dive
Using Cisco pxGrid for Security Platform Integration: a deep dive
Cisco DevNet
 
Api Management and Demo
Api Management and DemoApi Management and Demo
Api Management and Demo
DevOps Indonesia
 
Cisco at v mworld 2015 shipped-vmworld
Cisco at v mworld 2015 shipped-vmworldCisco at v mworld 2015 shipped-vmworld
Cisco at v mworld 2015 shipped-vmworld
ldangelo0772
 
DEVNET-1010 Using Cisco pxGrid for Security Platform Integration
DEVNET-1010 Using Cisco pxGrid for Security Platform IntegrationDEVNET-1010 Using Cisco pxGrid for Security Platform Integration
DEVNET-1010 Using Cisco pxGrid for Security Platform Integration
Cisco DevNet
 
Istio - A Service Mesh for Microservices as Scale
Istio - A Service Mesh for Microservices as ScaleIstio - A Service Mesh for Microservices as Scale
Istio - A Service Mesh for Microservices as Scale
Ram Vennam
 
Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewEnabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
Cisco DevNet
 
IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...
IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...
IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...
IBM France Lab
 
Kubernetes - Cloud Native Application Orchestration - Catalin Jora
Kubernetes - Cloud Native Application Orchestration - Catalin JoraKubernetes - Cloud Native Application Orchestration - Catalin Jora
Kubernetes - Cloud Native Application Orchestration - Catalin Jora
ITCamp
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
NGINX, Inc.
 
The Microsoft Cloud and Server Strategy - Ben Armstrong
The Microsoft Cloud and Server Strategy - Ben ArmstrongThe Microsoft Cloud and Server Strategy - Ben Armstrong
The Microsoft Cloud and Server Strategy - Ben Armstrong
ITCamp
 
IBM Bluemix Nice meetup #5 - 20170504 - Container Service based on Kubernetes
IBM Bluemix Nice meetup #5 - 20170504 - Container Service based on KubernetesIBM Bluemix Nice meetup #5 - 20170504 - Container Service based on Kubernetes
IBM Bluemix Nice meetup #5 - 20170504 - Container Service based on Kubernetes
IBM France Lab
 
Http Services in Rust on Containers
Http Services in Rust on ContainersHttp Services in Rust on Containers
Http Services in Rust on Containers
Anton Whalley
 
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CISecure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Mitchell Pronschinske
 

More Related Content

What's hot

Case Study: How to move from a Monolith to Cloud, Containers and Microservices
Case Study: How to move from a Monolith to Cloud, Containers and MicroservicesCase Study: How to move from a Monolith to Cloud, Containers and Microservices
Case Study: How to move from a Monolith to Cloud, Containers and Microservices
Kai Wähner
 
Revolutionising IT Agility
Revolutionising IT AgilityRevolutionising IT Agility
Revolutionising IT Agility
NGINX, Inc.
 
Provisioning Windows instances at scale on Azure, AWS and OpenStack - Adrian ...
Provisioning Windows instances at scale on Azure, AWS and OpenStack - Adrian ...Provisioning Windows instances at scale on Azure, AWS and OpenStack - Adrian ...
Provisioning Windows instances at scale on Azure, AWS and OpenStack - Adrian ...
ITCamp
 
Demystifying AuthN/AuthZ Using OIDC & OAuth2
Demystifying AuthN/AuthZ Using OIDC & OAuth2Demystifying AuthN/AuthZ Using OIDC & OAuth2
Demystifying AuthN/AuthZ Using OIDC & OAuth2
NGINX, Inc.
 
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMigrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Mitchell Pronschinske
 
Driving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINXDriving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINX
NGINX, Inc.
 
wisecloud based open cloud implementation guide
wisecloud based open cloud implementation guidewisecloud based open cloud implementation guide
wisecloud based open cloud implementation guide
bizmerce
 
IBM Bluemix Nice meetup #5 - 20170504 - Orchestrer Docker avec Kubernetes
IBM Bluemix Nice meetup #5 - 20170504 - Orchestrer Docker avec KubernetesIBM Bluemix Nice meetup #5 - 20170504 - Orchestrer Docker avec Kubernetes
IBM Bluemix Nice meetup #5 - 20170504 - Orchestrer Docker avec Kubernetes
IBM France Lab
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
Alexander Al Basosi
 
Using Cisco pxGrid for Security Platform Integration: a deep dive
Using Cisco pxGrid for Security Platform Integration: a deep diveUsing Cisco pxGrid for Security Platform Integration: a deep dive
Using Cisco pxGrid for Security Platform Integration: a deep dive
Cisco DevNet
 
Api Management and Demo
Api Management and DemoApi Management and Demo
Api Management and Demo
DevOps Indonesia
 
Cisco at v mworld 2015 shipped-vmworld
Cisco at v mworld 2015 shipped-vmworldCisco at v mworld 2015 shipped-vmworld
Cisco at v mworld 2015 shipped-vmworld
ldangelo0772
 
DEVNET-1010 Using Cisco pxGrid for Security Platform Integration
DEVNET-1010 Using Cisco pxGrid for Security Platform IntegrationDEVNET-1010 Using Cisco pxGrid for Security Platform Integration
DEVNET-1010 Using Cisco pxGrid for Security Platform Integration
Cisco DevNet
 
Istio - A Service Mesh for Microservices as Scale
Istio - A Service Mesh for Microservices as ScaleIstio - A Service Mesh for Microservices as Scale
Istio - A Service Mesh for Microservices as Scale
Ram Vennam
 
Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewEnabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
Cisco DevNet
 
IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...
IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...
IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...
IBM France Lab
 
Kubernetes - Cloud Native Application Orchestration - Catalin Jora
Kubernetes - Cloud Native Application Orchestration - Catalin JoraKubernetes - Cloud Native Application Orchestration - Catalin Jora
Kubernetes - Cloud Native Application Orchestration - Catalin Jora
ITCamp
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
NGINX, Inc.
 
The Microsoft Cloud and Server Strategy - Ben Armstrong
The Microsoft Cloud and Server Strategy - Ben ArmstrongThe Microsoft Cloud and Server Strategy - Ben Armstrong
The Microsoft Cloud and Server Strategy - Ben Armstrong
ITCamp
 
IBM Bluemix Nice meetup #5 - 20170504 - Container Service based on Kubernetes
IBM Bluemix Nice meetup #5 - 20170504 - Container Service based on KubernetesIBM Bluemix Nice meetup #5 - 20170504 - Container Service based on Kubernetes
IBM Bluemix Nice meetup #5 - 20170504 - Container Service based on Kubernetes
IBM France Lab
 

What's hot (20)

Case Study: How to move from a Monolith to Cloud, Containers and Microservices
Case Study: How to move from a Monolith to Cloud, Containers and MicroservicesCase Study: How to move from a Monolith to Cloud, Containers and Microservices
Case Study: How to move from a Monolith to Cloud, Containers and Microservices
 
Revolutionising IT Agility
Revolutionising IT AgilityRevolutionising IT Agility
Revolutionising IT Agility
 
Provisioning Windows instances at scale on Azure, AWS and OpenStack - Adrian ...
Provisioning Windows instances at scale on Azure, AWS and OpenStack - Adrian ...Provisioning Windows instances at scale on Azure, AWS and OpenStack - Adrian ...
Provisioning Windows instances at scale on Azure, AWS and OpenStack - Adrian ...
 
Demystifying AuthN/AuthZ Using OIDC & OAuth2
Demystifying AuthN/AuthZ Using OIDC & OAuth2Demystifying AuthN/AuthZ Using OIDC & OAuth2
Demystifying AuthN/AuthZ Using OIDC & OAuth2
 
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMigrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
 
Driving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINXDriving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINX
 
wisecloud based open cloud implementation guide
wisecloud based open cloud implementation guidewisecloud based open cloud implementation guide
wisecloud based open cloud implementation guide
 
IBM Bluemix Nice meetup #5 - 20170504 - Orchestrer Docker avec Kubernetes
IBM Bluemix Nice meetup #5 - 20170504 - Orchestrer Docker avec KubernetesIBM Bluemix Nice meetup #5 - 20170504 - Orchestrer Docker avec Kubernetes
IBM Bluemix Nice meetup #5 - 20170504 - Orchestrer Docker avec Kubernetes
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
 
Using Cisco pxGrid for Security Platform Integration: a deep dive
Using Cisco pxGrid for Security Platform Integration: a deep diveUsing Cisco pxGrid for Security Platform Integration: a deep dive
Using Cisco pxGrid for Security Platform Integration: a deep dive
 
Api Management and Demo
Api Management and DemoApi Management and Demo
Api Management and Demo
 
Cisco at v mworld 2015 shipped-vmworld
Cisco at v mworld 2015 shipped-vmworldCisco at v mworld 2015 shipped-vmworld
Cisco at v mworld 2015 shipped-vmworld
 
DEVNET-1010 Using Cisco pxGrid for Security Platform Integration
DEVNET-1010 Using Cisco pxGrid for Security Platform IntegrationDEVNET-1010 Using Cisco pxGrid for Security Platform Integration
DEVNET-1010 Using Cisco pxGrid for Security Platform Integration
 
Istio - A Service Mesh for Microservices as Scale
Istio - A Service Mesh for Microservices as ScaleIstio - A Service Mesh for Microservices as Scale
Istio - A Service Mesh for Microservices as Scale
 
Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewEnabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
 
IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...
IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...
IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...
 
Kubernetes - Cloud Native Application Orchestration - Catalin Jora
Kubernetes - Cloud Native Application Orchestration - Catalin JoraKubernetes - Cloud Native Application Orchestration - Catalin Jora
Kubernetes - Cloud Native Application Orchestration - Catalin Jora
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
 
The Microsoft Cloud and Server Strategy - Ben Armstrong
The Microsoft Cloud and Server Strategy - Ben ArmstrongThe Microsoft Cloud and Server Strategy - Ben Armstrong
The Microsoft Cloud and Server Strategy - Ben Armstrong
 
IBM Bluemix Nice meetup #5 - 20170504 - Container Service based on Kubernetes
IBM Bluemix Nice meetup #5 - 20170504 - Container Service based on KubernetesIBM Bluemix Nice meetup #5 - 20170504 - Container Service based on Kubernetes
IBM Bluemix Nice meetup #5 - 20170504 - Container Service based on Kubernetes
 

Similar to Get the Exact Identity Solution You Need - In the Cloud - Overview

Http Services in Rust on Containers
Http Services in Rust on ContainersHttp Services in Rust on Containers
Http Services in Rust on Containers
Anton Whalley
 
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CISecure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Mitchell Pronschinske
 
DevOps Unleashed: Strategies that Speed Deployments
DevOps Unleashed: Strategies that Speed DeploymentsDevOps Unleashed: Strategies that Speed Deployments
DevOps Unleashed: Strategies that Speed Deployments
ForgeRock
 
Serving your phone calls with microservices
Serving your phone calls with microservicesServing your phone calls with microservices
Serving your phone calls with microservices
Gergo Huszty
 
Bahrain ch9 introduction to docker 5th birthday
Bahrain ch9 introduction to docker 5th birthday Bahrain ch9 introduction to docker 5th birthday
Bahrain ch9 introduction to docker 5th birthday
Walid Shaari
 
Dockercon eu tour 2015 - Devoxx Casablanca
Dockercon eu tour 2015 - Devoxx CasablancaDockercon eu tour 2015 - Devoxx Casablanca
Dockercon eu tour 2015 - Devoxx Casablanca
Michel Courtine
 
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
ForgeRock
 
Docker Orchestration: Welcome to the Jungle! JavaOne 2015
Docker Orchestration: Welcome to the Jungle! JavaOne 2015Docker Orchestration: Welcome to the Jungle! JavaOne 2015
Docker Orchestration: Welcome to the Jungle! JavaOne 2015
Patrick Chanezon
 
WebRTC Standards & Implementation Q&A - The Internals of WebRTC Browsers Impl...
WebRTC Standards & Implementation Q&A - The Internals of WebRTC Browsers Impl...WebRTC Standards & Implementation Q&A - The Internals of WebRTC Browsers Impl...
WebRTC Standards & Implementation Q&A - The Internals of WebRTC Browsers Impl...
Amir Zmora
 
GCP Meetup #3 - Approaches to Cloud Native Architectures
GCP Meetup #3 - Approaches to Cloud Native ArchitecturesGCP Meetup #3 - Approaches to Cloud Native Architectures
GCP Meetup #3 - Approaches to Cloud Native Architectures
nine
 
Interop 2017 - Managing Containers in Production
Interop 2017 - Managing Containers in ProductionInterop 2017 - Managing Containers in Production
Interop 2017 - Managing Containers in Production
Brian Gracely
 
Leveraging Multiple Cloud Orchestration
Leveraging Multiple Cloud OrchestrationLeveraging Multiple Cloud Orchestration
Leveraging Multiple Cloud Orchestration
DOCOMO Innovations, Inc.
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
ForgeRock
 
CI/CD with AWS Code Services
CI/CD with AWS Code ServicesCI/CD with AWS Code Services
CI/CD with AWS Code Services
Pulkit Gupta
 
56k.cloud training
56k.cloud training56k.cloud training
56k.cloud training
Brian Christner
 
The Kubernetes WebLogic revival (part 1)
The Kubernetes WebLogic revival (part 1)The Kubernetes WebLogic revival (part 1)
The Kubernetes WebLogic revival (part 1)
Simon Haslam
 
The rise of microservices
The rise of microservicesThe rise of microservices
The rise of microservices
Cloud Technology Experts
 
20191201 kubernetes managed weblogic revival - part 1
20191201 kubernetes managed weblogic revival - part 120191201 kubernetes managed weblogic revival - part 1
20191201 kubernetes managed weblogic revival - part 1
makker_nl
 
Manchester geek night pcf 101
Manchester geek night pcf 101Manchester geek night pcf 101
Manchester geek night pcf 101
Sufyaan Kazi
 
Docker12 factor
Docker12 factorDocker12 factor
Docker12 factor
John Zaccone
 

Similar to Get the Exact Identity Solution You Need - In the Cloud - Overview (20)

Http Services in Rust on Containers
Http Services in Rust on ContainersHttp Services in Rust on Containers
Http Services in Rust on Containers
 
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CISecure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
 
DevOps Unleashed: Strategies that Speed Deployments
DevOps Unleashed: Strategies that Speed DeploymentsDevOps Unleashed: Strategies that Speed Deployments
DevOps Unleashed: Strategies that Speed Deployments
 
Serving your phone calls with microservices
Serving your phone calls with microservicesServing your phone calls with microservices
Serving your phone calls with microservices
 
Bahrain ch9 introduction to docker 5th birthday
Bahrain ch9 introduction to docker 5th birthday Bahrain ch9 introduction to docker 5th birthday
Bahrain ch9 introduction to docker 5th birthday
 
Dockercon eu tour 2015 - Devoxx Casablanca
Dockercon eu tour 2015 - Devoxx CasablancaDockercon eu tour 2015 - Devoxx Casablanca
Dockercon eu tour 2015 - Devoxx Casablanca
 
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
 
Docker Orchestration: Welcome to the Jungle! JavaOne 2015
Docker Orchestration: Welcome to the Jungle! JavaOne 2015Docker Orchestration: Welcome to the Jungle! JavaOne 2015
Docker Orchestration: Welcome to the Jungle! JavaOne 2015
 
WebRTC Standards & Implementation Q&A - The Internals of WebRTC Browsers Impl...
WebRTC Standards & Implementation Q&A - The Internals of WebRTC Browsers Impl...WebRTC Standards & Implementation Q&A - The Internals of WebRTC Browsers Impl...
WebRTC Standards & Implementation Q&A - The Internals of WebRTC Browsers Impl...
 
GCP Meetup #3 - Approaches to Cloud Native Architectures
GCP Meetup #3 - Approaches to Cloud Native ArchitecturesGCP Meetup #3 - Approaches to Cloud Native Architectures
GCP Meetup #3 - Approaches to Cloud Native Architectures
 
Interop 2017 - Managing Containers in Production
Interop 2017 - Managing Containers in ProductionInterop 2017 - Managing Containers in Production
Interop 2017 - Managing Containers in Production
 
Leveraging Multiple Cloud Orchestration
Leveraging Multiple Cloud OrchestrationLeveraging Multiple Cloud Orchestration
Leveraging Multiple Cloud Orchestration
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
 
CI/CD with AWS Code Services
CI/CD with AWS Code ServicesCI/CD with AWS Code Services
CI/CD with AWS Code Services
 
56k.cloud training
56k.cloud training56k.cloud training
56k.cloud training
 
The Kubernetes WebLogic revival (part 1)
The Kubernetes WebLogic revival (part 1)The Kubernetes WebLogic revival (part 1)
The Kubernetes WebLogic revival (part 1)
 
The rise of microservices
The rise of microservicesThe rise of microservices
The rise of microservices
 
20191201 kubernetes managed weblogic revival - part 1
20191201 kubernetes managed weblogic revival - part 120191201 kubernetes managed weblogic revival - part 1
20191201 kubernetes managed weblogic revival - part 1
 
Manchester geek night pcf 101
Manchester geek night pcf 101Manchester geek night pcf 101
Manchester geek night pcf 101
 
Docker12 factor
Docker12 factorDocker12 factor
Docker12 factor
 

More from ForgeRock

Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
ForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
ForgeRock
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityIdentity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic Opportunity
ForgeRock
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity Capability
ForgeRock
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote Presentation
ForgeRock
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote Presentation
ForgeRock
 
Identity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmIdentity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'Em
ForgeRock
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyIdentity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected Society
ForgeRock
 
Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication
ForgeRock
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyIdentity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected Society
ForgeRock
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)
ForgeRock
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
ForgeRock
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
ForgeRock
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
ForgeRock
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
ForgeRock
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...
ForgeRock
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)
ForgeRock
 
Customer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah KhalilCustomer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah Khalil
ForgeRock
 
Applying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR SuccessApplying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR Success
ForgeRock
 

More from ForgeRock (20)

Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityIdentity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic Opportunity
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity Capability
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote Presentation
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote Presentation
 
Identity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmIdentity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'Em
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyIdentity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected Society
 
Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyIdentity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected Society
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)
 
Customer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah KhalilCustomer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah Khalil
 
Applying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR SuccessApplying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR Success
 

Recently uploaded

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
Abida Shariff
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 

Recently uploaded (20)

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 

Get the Exact Identity Solution You Need - In the Cloud - Overview

  • 1. HUBCITYMEDIA Get the Exact IAM Solution You Need In the Cloud Containerized IAM on Amazon Web Services (Webcast 1 of 3) HUBCITYMEDIA
  • 2. HUBCITYMEDIA Introduction – Warren Strange  With ForgeRock Since 2013  Responsible for DevOps Strategy  Previously with Sun Microsystems and Oracle Founded in Norway in 2010, ForgeRock technology is based on Sun Microsystem's IAM products. We are focused on Digital Identity and Access Management. • ForgeRock Access Manager • ForgeRock Identity Manager • ForgeRock Identity Gateway • ForgeRock Directory Services Copyright © 2018 ForgeRock. All rights reserved 2
  • 3. HUBCITYMEDIA Introduction – Steve Giovannetti  CTO and Founder of Hub City Media  Identity since 2001  Focus on containerized solutions for 2 years Hub City Media has over 18 years of experience implementing IAM solutions, and particularly specializes in ForgeRock deployments in the cloud and on premise. Equipped with full-time, US-Based Professional Services and Managed Support Services teams, we have the ability to partner with clients in any location or time zone. 3Copyright © 2018 HUBCITYMEDIA. All rights reserved.
  • 4. HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. What is Containerized IAM? IAM Infrastructure Vendor Product > Containerize > Deploy Copyright © 2018 HUBCITYMEDIA. All rights reserved. 4
  • 5. HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. 5 Containerized IAM in the Industry The Containerizatio n Boom Deploy Everything Reliable Systematic Repeatable
  • 6. HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Why Containerized IAM? Settling vs. Success Operationally IDaaS Customization Capabilities of an On-Premise Deployment Operational Functionality of an IDaaS Consistent Software Delivery Method As companies modernize their infrastructure, this strategy is preferred Traditional IDaaS Containerized IAM No need to settle for an OOTB solution Customize to meet all of your needs 6
  • 7. HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Implications? Support from Vendor Products Containerized IAM 7
  • 8. HUBCITYMEDIA Old School Deployment Back in the dark ages (before DevOps), there was the Run Book! Documented Procedures How to make changes in production Deployment Cadence Yearly Servers “Pets” (Snowflake Servers) “Mutable” 8Copyright © 2018 ForgeRock. All rights reserved
  • 9. HUBCITYMEDIA 2015 - The ForgeRock DevOps Journey Begins Demand Clients and Partners were looking for increased deployment velocity Lower deployment cost Public Cloud IaaS The Beginning Started looking at scripted deployments using Ansible frstack project Moderate success Automated complexity, but didn’t fix it Conclusions Significant product changes needed to simplify deployment (solve for complexity – don’t automate) Move from Java war files to containers Kubernetes as the orchestration platform 9Copyright © 2018 ForgeRock. All rights reserved
  • 10. HUBCITYMEDIA Why Kubernetes? • Cloud agnostic: Any Cloud + Bare Metal • Think of Kubernetes as AWS in a box • Broad Industry Support - CNCF project • The “linux” of container management • The container orchestration wars are over… 10Copyright © 2018 ForgeRock. All rights reserved
  • 11. HUBCITYMEDIA OpenAMOpenAM AM DJ DJ DS OpenIDM OpenIDM IDM OpenIGIG PV SSD kind: Deployment spec: replicas: 1 template: metadata: name: openig labels: name: openig spec: containers: - name: openig image: forgerock/openig volumes: - name: keystore secret: secretName: openig manifest describes components and their relationships kind: Service name: opendj ports: - port: 389 name: ldap targetPort: 389 persistent volumes abstract storage Kubernetes Manifest Describes a “Virtual” ForgeRock Deployment Architecture The same manifest works on any cloud! AWS, Azure, Google, VMware, etc. 11Copyright © 2018 ForgeRock. All rights reserved
  • 12. HUBCITYMEDIA Deployment Landscape • Deploy a war file • Bring your own infrastructure • Maximum flexibility • “Build it your way” • Higher operational complexity / cost On-premise • Limited flexibility • Infrastructure is fixed • Lower Operational Costs • Fastest deployment • Hybrid deployment on Kubernetes • Flexibility: less than custom, greater than SaaS • Lower operational costs through automation • Faster deployment • Semi-opinionated infrastructure: o Bring your own cloud 12Copyright © 2018 ForgeRock. All rights reserved
  • 13. HUBCITYMEDIA Key DevOPs Focus Areas Core Engineering to make products “12Factor” like Prefer Stateless vs. Stateful Kubernetes / Container Friendly Support Infrastructure as Code AKA configuration as an artifact Support for Immutable Deployment No snowflake servers The 12 factors circa 200 BC 13Copyright © 2018 ForgeRock. All rights reserved
  • 14. HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. ForgeRock DevOps The cool stuff Where most of the effort is
  • 15. HUBCITYMEDIA Current DevOps Enhancements ForgeRock Access Manager Import / Export configuration as json Autonomous servers; AM servers are “cattle” – no server identity Stateless Sessions – improved horizontal scalability Commons configuration – Template json configuration using common expressions. Use environment variables, system properties (12 factor practice) Evaluation docker images available on bintray docker pull forgerock-docker-public.bintray.io/forgerock/opendj:6.0.0 Sample Helm charts / Kubernetes manifests Platform 15Copyright © 2018 ForgeRock. All rights reserved
  • 16. HUBCITYMEDIA ForgeOps Repository The ForgeOps Repository provides demonstration Dockerfiles and Kubernetes / Helm artifacts ● You will need to modify these files for your environment Open Source - https://github.com/ForgeRock DevOps Reference Examples - https://github.com/ForgeRock/forgeops Yes - ForgeRock supports our products running in Docker / Kubernetes! (*) - ForgeRock provides commercial support for the platform (AM, DS, IDM, IG). We expect our partners / clients to have Kubernetes experience! 16Copyright © 2018 ForgeRock. All rights reserved
  • 17. HUBCITYMEDIA DevOps Guide Read the Fine Manual! Now with task flowcharts! 17Copyright © 2018 ForgeRock. All rights reserved https://backstage.forgerock.com/docs/ DevOps Guide https://backstage.forgerock.com/docs/platf orm/6/devops-quick-start-guide/
  • 18. HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Power of AWS with Containerization Maturity Market Leader in Cloud Widely Used Breadth of Services Unparalleled in the Cloud Vendor market Flexibility Can be spread throughout organization 18
  • 19. HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Containerized IAM on AWS – The Journey Automated Infrastructure Build VPC, Networking, Monitoring, CI/CD System Kubernetes Automated ForgeRock Product Project Configuration Kubernetes Namespace / Product Dependencies Integrated Monitoring and Management Cloud Watch Alerts and Monitors - Elastisearch Continuous Integration / Deployment Templates 19
  • 20. HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Infrastructure Build Jenkins Kub Master Kub Master Kub Master Kub Node Kub Node Kub Node 1. CF VPC Creation Script • Creates VPC • AZs and Subnets • NAT Gateways • S3 Endpoint • Customer Gateway • VPN Gateway • Internet Gateway • Routing Tables • Cloudwatch • ElasticSearch • Route53 2. CF Jenkins Host Creation • Kicks off Kops Script 3. Kops Script • Creates Master Nodes • Creates Kub Nodes 20
  • 21. HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Product Configuration ForgeRock IDM 1. Create Dependencies • RDS Multi-AZ 2. Create Namespace 3. Create Deployment • Images / Pods • ELBs – Multi-AZ ForgeRock AM 1. Create Dependencies • DJ 2. Create Namespace 3. Create Deployment • Images / Pods • ELBs – Multi-AZ Jenkins Kub Master Kub Master Kub Master DS DS DS Kubernetes Cluster Multi-AZ RDS IDM Namespace AM Namespace 21
  • 22. HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. HCM – Client Use Case Multiple legacy vendor products High costs to manage and modernize Initiative to go IDaaS No single IDaaS vendor to satisfy all needs Implement ANY use case No constrictions Client controlled Extremely cost effective in comparison to other options REQUIREMENTS COMPLEXITY COST 22
  • 23. HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Client Use Case ForgeRock Platform Custom, multi-phase IDM, AM, DS, IDG implementation Hub City Media Governance (IDG) HCM Tier 3 Support Managed Cloud Services on AWS $2.61 Per User Per Month 23
  • 24. HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Containerized IAM on AWS – Roadmap 1.0 GA – May 2017 Released to Internal Team Automated Infrastructure Product / Namespace Config Monitoring Jenkins Templates Client Go Live – July 2017 1.2 – Winter 20181.1 – Fall 2018 Internal Dev Cutover Dockerize Jenkins Addt’l Deployment Strategies Containerization of DS Improved Encryption for Secrets Google Cloud Platform Stackdriver Integration Kube Federation AMI Configuration Tooling Improved Monitoring 24
  • 25. HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Other Cloud Providers The Future of Software Deployment Considerations for the Future / Documentation FINAL WORDS
  • 27. HUBCITYMEDIACopyright © 2018 HUBCITYMEDIA. All rights reserved. Webcast Series POSSIBILITIES ARCHITECTURE DEVOPS August 15, 2018 2:00pm-3:00pm EST September 12, 2018 2:00pm-3:00pm EST Thank you for joining us! 27

Editor's Notes

  1. Founded in 1999 - 18 years implementing and maintaining broad spectrum of IAM solutions All Employees located in NJ Headquarters 80+ Advisory and MSS Employees solely focused on IAM No Contractors - Full-time employees only U.S. Citizens Nationwide IAM Clients Dedicated Service Center Highly Specialized Support Engineers 24 x 7 x 365 Resource Availability Individually Tailored Support Solutions
  2. Definition: Taking a vendor product, containerizing it and deploying it as your IAM infrastructure (e.g. taking FR products and assets and deploying FR as a set of Docker images into a Kubernetes cluster)
  3. BULLET 1: Containerization as a deployment technology is booming right now It’s the way clients are starting to deploy software as a practice BULLET 2: Identity infrastructure isn’t different – everything can be deployed this way (applications, systems that support these apps –same characteristics) Repeatable builds Trend of deploying software reliably, systematically using a containerized approach
  4. Three Options for deploying your IAM Infrastructure: IdaaS, Deploy traditionally, Containerized So WHY containerized IAM? 1. Get EXACTLY the system that you want – can be customized and there’s no need to settle for OOTB functionality 2. Operational characteristics of an IDaaS (customization capabilities of an on premise deployment, operational functionality of an IDaaS 3. Docker / Kubernetes – Extension of what is already being done on the app / dev side – Deploy whole infrastructure this way (needs to be supported by a third party or supported by you) *as companies modernize their infrastructure, they want to use this strategy; consistent software delivery methodology
  5. Implications Vendor products need to support containerization (not every one can be done this way) Need to change thinking about how applications are deployed (DevOps mentaility) or third party; What do you need to get here? – transition to Warren
  6. Back in the dark ages, before DevOps, there was the Run Book! Documented procedures on how to make changes in production Deployment cadence: yearly Servers were “Pets” (Snowflake servers) and “Mutable”.
  7. Demand from customers and partners for increased deployment velocity, lower deployment cost, public cloud IaaS Began by looking at scripted deployments using Ansible (frstack project) Moderate success Automated the complexity. Didn’t fix it Conclusions: Significant product changes needed to simplify deployment Solve for complexity - don’t automate it Move from java war files to containers as the delivery vehicle Kubernetes as the orchestration platform
  8. Cloud agnostic. Any Cloud + Bare Metal Think of Kubernetes as AWS in a box Broad Industry Support - CNCF project The “linux” of container management The container orchestration wars are over…
  9. Core engineering required to make products “12Factor” like Prefer Stateless vs. Stateful Kubernetes/Container friendly Support Infrastructure as Code (A.K.A configuration as an artifact) Support for Immutable deployment models (no snowflake servers)
  10. Kubernetes is not magic pixie dust. It enables ease of use, but does not guarantee it
  11. ForgeRock Access Manager Import / Export configuration as json Autonomous servers. AM servers are “Cattle” - no server identity. Stateless sessions - improved horizontal scalability Platform Commons configuration - Template json configuration using common expressions. Use environment variables, system properties (12 factor practice) Evaluation docker images available on bintray docker pull forgerock-docker-public.bintray.io/forgerock/opendj:6.0.0 Sample Helm charts / Kubernetes manifests
  12. What makes AWS an ideal environment to deploy a containerized model? 1. Maturity; widely used by most organizations; market leader in cloud 2. Breadth of services available is unparalleled in the cloud vendor market; 3. Can be spread throughout organization Downside – good environment to run containerized solutions – up until recently, not much native support for Docker and Kubernetes – but clusters can be built on top of their platform
  13. REQUIREMENTS / ISSUES Multiple legacy vendor products deployed as a result of failed migrations Spending a lot of money managing and modernizing their platform Wanted to go to an IDaaS solution No single IDaaS vendor that would satisfy their needs – proposed to deploy FR in the cloud, in a containerized deployment in a public cloud environemtn using both FR and HCM products – satisfy all sue cases for the cleint (AM, Gov, etc) COMPLEXITY Can implement any use case required by the client Not constrained by a lowest common denominator IDaaS solution Nothing off the table Client controlled – not dependent on vendor COST
  14. Break down on a per user basis (what did they spend previously?) Custom solution below what Okta can provide Fully customized – all software – cloud – multiple stages of implementation (IDM, AM, DS, Governance) Price with PS Per user per month – FR products, gold support from fr, PS, Governance Stack, HCM Tier 3 support, Three phase project implementing OpenIDM, OpenAccess and subsequent phases, Managed CloudService on AWS (average)
  15. We’ve focused on AWS today, but this solution can work on many other cloud providers. That being said, AWS is a strong provider to utilize This is the future of how software will be deployed. The individual tech vendor may change, but the concept of containerization and orchestration is the way to get internet scale It’s definitely worth moving this direction, especially if you are building something that requires these characteristics
  16. Note for following two webcasts and quick summaries #2- Deeper dive into the architecture behind running containerized IAM on AWS and what your team needs for a successful deployment #3- The benefits and challenges of running containerized Identity systems in the cloud and what it’s like to run and operate You can sign up for them now. The links to registration are here and will also be sent out in the follow up email.