MarketScope for Web Access Management

Size: px
Start display at page:

Download "MarketScope for Web Access Management"

Transcription

1 MarketScope for Web Access Management Gartner RAS Core Research Note G , Gregg Kreizman, Earl Perkins, Ray Wagner, 11 November 2010, R The core Web access management market has reached maturity. Product differentiation now focuses on delivery options to address specific customer use cases often involving scale, and as a starting point for cloud computing. WHAT YOU NEED TO KNOW This document was revised on 16 November For more information, see the Corrections page on gartner.com. Core Web access management or WAM (i.e., Web-enabled single sign-on, authentication, coarse-grained authorization and administration for Web application access) has matured. Vendors continue to incrementally fine-tune their offerings for performance and scale, and seek new use-case combinations with enterprise single sign-on, identity federation, eternal authorization engines, and Web services security. WAM is converging with other access management solutions to contribute to a class of adaptive access control solutions i.e., a means of managing users entitlements and authentication needs to simplify authentication and better address access-related risks. WAM will eventually give way to broadly scoped access management tools that span the entire spectrum of applications and services. Many prospective customers will continue to buy point solutions such as WAM, enterprise single sign-on (ESSO) and federation technologies to address niche requirements and to fill out a capability set. However, vendors will increasingly provide access product suite bundles and real integration among components, particularly for administration, policy, and attribute storage and integrated intelligence data. As WAM converges with adaptive access management, it will be augmented by boundary technologies such as data loss prevention (DLP) and network access control (NAC) to provide greater granularity and more contet for authorization events. Identity federation that supports multiple protocols, with Security Assertion Markup Language (SAML) preferred and OpenID emerging, will also continue to play a key role in WAM implementations. Entitlements management for non-web applications will supplement the new and improved WAM, but will remain separate, comple and slow-growing due to the slow pace of major application provider adoption and the slow pace of standardization across different generations of applications and infrastructure. As technologies adjacent to WAM increasingly become bundled and integrated, and Gartner clients increasingly buy these broader access solution sets, we will address this pattern in market research in 2011.

2 2 For most WAM vendors, market growth has been slow, flat or even slightly negative due to current enterprise growth plans, market saturation and product feature maturity. Small or midsize businesses (SMBs) offer some growth opportunities and have triggered developments around cloud-computing support through early SaaS versions of WAM. This trend will accelerate and drive increasing use of service-based WAM delivery. The WAM vendor market is largely saturated with too many traditional players, and Gartner epects market consolidation and commoditization to continue. There will be some new entrants, but not as core WAM providers, rather as adaptive access management providers with a variety of delivery methods. There is little room for innovation for core WAM beyond this, and the market will continue to be dominated by large IAM vendors for core functions until these alternate delivery methods drive costs downward enough to challenge their reign. One opposing trend is the small but increased client interest in the use of open source to fulfill WAM and federation needs, particularly from former Sun customers and those who were using Sun products or considering Sun at the time Oracle acquired them. STRATEGIC PLANNING ASSUMPTIONS By the end of 2015, stand-alone WAM offerings will be rare, instead being part of more intelligent and adaptive access management solutions. By the end of 2015, 50% of all new enterprise Web access management solutions will be delivered by software as a service (SaaS). MARKETSCOPE This MarketScope is the first for WAM previous reports have been Magic Quadrant studies. A MarketScope format was chosen for 2010 due to the maturation of the core WAM market and the lack of significant technical feature differentiation between the primary providers. Though WAM products continue to be purchased, it is increasingly obvious that purchase decisions revolve around relationships with the eisting vendor (i.e., the suite effect), vendor viability, and the product and pricing fit to specific use cases. The WAM MarketScope was developed by incorporating eisting WAM customer feedback (both from vendor-recommended customers and from direct client contact) with Gartner research, as well as analysis of feedback from detailed WAM vendor surveys. This was supplemented by vendor product demonstrations and briefings. WAM delivers three primary functions for Web applications in the identity access management (IAM) portfolio: an access control engine to provide centralized authentication, authorization capabilities for those applications, and an administration overlay to aid in both. WAM solutions have delivered these functions to thousands of customers. However, core WAM as defined by this set of features has entered the final stages of market saturation. During the first decade of the 21st century, WAM has given enterprises quick access to the Web application universe, both for internal Web applications and to link with the Internet and with their customers, partners and other stakeholders. Web access has evolved, however. Combinations of traditional Web applications, application components, Web services components and mashups of applets and platform services abound, as well as SaaS applications. As a result, this increasingly heterogeneous environment requires some form of adaptive access management beyond core WAM. Some core WAM vendors are repositioning WAM as part of a larger access management package that includes centralized entitlement enforcement policy repositories for new enterprise applications (Web and non-web). Emphasis is increasingly placed on the use of WAM as a first-stage cloud-computing solution for single signon (SSO). The term Web access is now being used less often to refer to Web application access and more often to refer to Internetbased solutions wherever they reside and whatever form they take (for eample, Web application, Web service and SaaS). The WAM market is part of the overall IAM market, providing the A ( access ) in IAM with its range of tools and processes. WAM products also provide proprietary integration points for some non-web applications in addition to its core function of brokering authentication to Web applications although the use of WAM for non-web application access control remains limited. WAM products may also include basic identity administration (IA), basic role/rule life cycle management, and audit and federation capabilities. This is consistent with redefining core WAM as part of a broader adaptive access management offering. IAM suite vendors that provide WAM as part of a multiproduct solution recommend their own user provisioning and role life cycle management products as a means of incorporating some level of identity administration functionality or integration. The vendor may offer integration with other IAM tools for eample, enterprise single sign-on (but this integration tends to be minimal), Secure Sockets Layer (SSL) virtual private networks (VPNs), public-key infrastructure (PKI), various authentication methods and enterprise fraud management systems Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. or its affiliates. This publication may not be reproduced or distributed in any form without Gartner s prior written permission. The information contained in this publication has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information and shall have no liability for errors, omissions or inadequacies in such information. This publication consists of the opinions of Gartner s research organization and should not be construed as statements of fact. The opinions epressed herein are subject to change without notice. Although Gartner research may include a discussion of related legal issues, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner is a public company, and its shareholders may include firms and funds that have financial interests in entities covered in Gartner research. Gartner s Board of Directors may include senior managers of these firms or funds. Gartner research is produced independently by its research organization without input or influence from these firms, funds or their managers. For further information on the independence and integrity of Gartner research, see Guiding Principles on Independence and Objectivity on its website,

3 Current WAM Market Trends Gartner has identified a set of ongoing trends in the WAM market: Slowing growth: Enterprises continue to make investments in WAM primarily to resolve the issue of single sign-on to multiple Web applications. While WAM interest continues in 2010, deployments are at a much slower growth rate than in previous years. The Gartner study on total worldwide security software revenue market share by market shows a drop from 8% compound annual growth rate (CAGR) in 2008 to less than 1% in The bulk of this revenue is derived from recurring maintenance revenue rather than new growth. Gartner s forecast for core WAM growth from 2009 to 2014 is 1.8% CAGR. While much of this is attributed to the worldwide economic slowdown, it is clear that core WAM growth is declining. Non-seat-license pricing: Competition and downward pricing pressure have caused some vendors to offer alternatives to the more-prevalent standard per-user pricing structure. This structure has traditionally included site- and enterprise-based licensing, but mechanisms such as per-processor/instance, concurrent session pricing, and differential user-based pricing for internal versus eternal users are now offered by a few vendors. The increasing pressure being placed on WAM solutions to support larger and larger etranet and service-centric infrastructures clearly continues to drive more-fleible pricing models. Market consolidation: Large WAM vendors offer reasonable and etensive functionality, often at competitive price points, and are backed by large, diverse organizations that have suites of associated IAM products and capable professional service organizations. For these reasons, the value propositions of the vendors that sell stand-alone WAM solutions are becoming less compelling, and many smaller providers are suffering as a result. Over 75% of all growth in the customer base in 2009 occurred among the largest vendors in the market. Small and midsize business (SMB)-focused offerings for customers that do not require a full IAM suite or etensive WAM functionality remain attractive, but only when the vendor can offer low prices, simple integration or perhaps an innovative offering (e.g., P2 Security or Oracle s blade for F5 Networks switches). Compliance focus leading to interest in centralized entitlements management: Compliance and audit requirements are driving enterprises to separate authentication and authorization from applications wherever possible. This approach drives core WAM vendors to look for ways to etend their offerings to more enforcement points, either with increased functionality or via the acquisition of emerging entitlements management products, which are designed to etend adaptive access management functions to any application. Market segmentation (access management suites versus commodity WAM versus consumer etranets): Specific WAM vendors are focusing on different, divergent areas as the market matures. Larger, enterprise-focused vendors (for eample, CA, Evidian, IBM Tivoli, Oracle, Novell and Siemens) are developing access management suites that may include: WAM Fine-grained entitlements management Identity federation ESSO Web services security tools Adaptive access control These functions may be combined with unified administration and audit facilities. Smaller vendors (for eample, P2 Security) are focusing on low-cost, low-compleity SMB-oriented offerings. A few vendors including RSA, The Security Division of EMC; and Entrust focus specifically on the consumer etranet. A focus on Microsoft-centric enterprises: Microsoft Active Directory, Active Directory Federation Services, and the Unified Access Gateway are aimed to provide an alternative approach to core WAM functionality when the infrastructure is entirely or predominantly Microsoft-delivered. The release of Active Directory Federation Services 2.0 will negatively impact market growth in WAM, and particularly federation, for Active Directory-centric enterprises that don t need WAM, but that only seek to leverage Active Directory authentication to SaaS and partner applications. SaaS and cloud-computing needs: Combined WAM and federation components provide the leading technology architecture option for enterprises to standardize Web authentication and SSO to internal and SaaS-based applications. WAM and federation functionality also form the foundation of several IAM gateway vendors services. This represents a key growth option for WAM products in the IAM-as-a-service market during the net five to 10 years. Novell has partnered with large application hosting providers to deliver a SaaS version of their access products. CA Technologies acquired Arcot in August 2010 and with that acquisition obtained Arcot s A-OK On-Demand authentication and federation service. VMware acquired another IAMaaS vendor, TriCipher, whose technology will play a role in VMware s cloud strategy. IBM points to its partnership with Lighthouse Security, which has an IAMaaS offering that etends IBM Tivoli s software offerings. 3

4 4 Overall price stability: The WAM market remains highly competitive. Downward pricing pressure continues to drive discounting and aggressive sales tactics, but list pricing has changed little since mid WAM pricing has reached levels that Gartner believes accurately reflect WAM s value. Per-user list pricing places 5,000-user costs (for eternal users) at an average of approimately $8 per user and 100,000-user costs at an average of approimately $1 per user. One-million-user pricing is generally less than $1 per user, but deployments of that size are more likely to use site licensing or other pricing models. Interest in user-centric identity frameworks (UCIFs): Several WAM vendors have announced relying party support for one or more forms of UCIF (particularly OpenID and Information Card authentication), or have support on their near-term product road maps. Relying-party support allows an OpenID, for eample, created by the consumer at another identity provider site to be used for authentication to the enterprise WAM. This is appealing for some consumer-facing implementations. Low-assurance uses of UCIFs have had some success, and WAM support should prove valuable to consumer-focused enterprises. However, the lack of high-assurance credential providers and (in the case of Information Cards) the lack of a critical mass of deployed identity selector components will limit most enterprises use of UCIFs in the short term, and potentially beyond. Customer Survey: WAM Vendors and Deployments In the 2010 WAM MarketScope study responses from WAM clients, 90% of those responding were either the buyers themselves or members of a team making the purchase decision. They consistently ranked functional capability, industry eperience, corporate viability, pricing and technical standards support as key decision criteria. The importance of functional capability in decision making is notable because there is less product differentiation today than in years past. These responses were likely skewed due to respondents having purchased the WAM tools at points in time when there was greater feature differentiation. Interestingly enough, being part of a suite from the vendor, reference feedback, and project implementation methodology were slightly less important, possibly due to the maturity of the market and its pressure on pricing as well as the wide availability of product and service information for WAM. Despite that, over 70% of those customers buying a WAM solution also bought one or more IAM solutions from the same vendor. Eighty percent of the total first-year costs of WAM are made up of licensing and maintenance, with almost an even split between them. The remaining 20% is listed as other but includes integration and startup costs. This is in direct contrast to user provisioning, where the ratio of licensing/maintenance and integration is reversed. When looking at WAM solutions, customers ranked IBM, Oracle and CA as the most frequent vendors evaluated. All of them ranked high pricing as the most frequent reason for not buying a solution from these vendors, showing that pricing remains a primary motivator for most. There is a general consensus that WAM implementations are complete and match customer epectations at least 75% of the time; this is a higher ratio than user provisioning. Approimately 40% of WAM implementations (from the limited client survey information) were for 10,000 users or more. About two-thirds of these enterprises have 10 or more applications using their WAM solution to manage access. Half of the enterprises questioned implemented their WAM solution in si months or less, with 40% using a system integrator or valueadded reseller (VAR) to do that implementation. Half of these enterprises support their WAM deployment with two full-time equivalents (FTEs) or less. This again underscores the maturation of WAM, given that implementation isn t as difficult as it was two years ago, and that more and more customers decide to do their own implementation or rely directly on the WAM vendor. In fact, WAM vendors find they must play a more active role in implementation due to decreasing opportunities to generate revenue by selling licenses alone. Market/Market Segment Description The term WAM applies to technologies that use access control engines to provide centralized authentication and authorization capabilities for Web applications. WAM products may also include basic identity administration, role/rule administration, and audit and federation capabilities, as well as standardized or proprietary integration points for non-web applications. They may also provide integration with a user-provisioning tool, as well as integration with authentication methods, such as certificate authentication and onetime password products. Inclusion and Eclusion Criteria This market includes general-purpose authentication and authorization engines that mainly enable single sign-on (SSO) or reduced sign-on (RSO) to multiple Web applications on disparate Web application platforms in a clientless fashion. A traditional WAM product consists of policy administration and enforcement, and it is usually deployed in a proy or agent architecture. ESSO products and SSL-based and other clientless remote-access products may offer basic authentication and coarse-grained authorization for Web-based applications. In some cases, they present strong alternatives to WAM. However, these tools differ from WAM tools, primarily because: They typically do not provide or integrate with comple identity administration capabilities, such as workflow, approval processing, directory management and role life cycle management. They generally have not been shown to scale to large etranettype populations with users numbering in the hundreds of thousands or the millions. ESSO products usually require a client. Therefore, products that are primarily considered ESSO or VPN products were ecluded. We included WAM vendors who were referenced by Gartner clients and who were able to identity at least 10 production customers and year-over-year growth in customers or user counts. Vendors Added No vendors were added to the WAM MarketScope in 2010.

5 Vendors Dropped Cafesoft was dropped from the WAM MarketScope in 2010 because we were unable to identify customer or usage growth. Sun Microsystems was dropped due to the company s acquisition by Oracle in early Other Vendors Not in the MarketScope Apere offers an appliance-based agentless Web SSO capability for SaaS and enterprise Web applications. Enterprises with access control solutions can etend SSO to SaaS applications using Apere s IMAG-TrueSSO. Apere provides basic role-centered provisioning and base platform and application authorization for application development, mainframe, Web and client/server applications. Neus offers the Argus Authentication Server, which provides basic WAM functionality. Although operable as a stand-alone product, Argus Authentication Server is most often sold in support of other Neus products, which are generally focused on PKI and certificate management functions. The University of Michigan s CoSign is an open-source WAM tool that has gained some users, mostly within the education vertical industry. Yale s CAS has been implemented broadly within higher education and is often augmented with Shibboleth for federation capability. Ile Sign&go is an SSO infrastructure that includes ESSO and some WAM features, including federation. Sign&go has a small customer base, but, like Apere and Neus, it has little visibility in the WAM market as yet. Ping Identity is a focused identity federation vendor that provides well-regarded multiprotocol federation tools for enterprises and service providers, as well as SaaS access management services, but no other WAM functionality. Microsoft supports WAM-like functionality in Microsoft-only environments with Active Directory Domain Services and Active Directory Federation Services (AD FS), but has left WAM functionality for heterogeneous environments to third-party vendors. Active Directory and AD FS can technically be used as a WAM tool in use cases where Web application servers can leverage users Active Directory/Kerberos authentication to enable SSO for those applications and when these applications can use Active Directory group membership as input to authorization decisions. AD FS etends these environments to provide SSO to partner and SaaS applications using either WS-Federation or SAML protocols. AD FS 2.0 was released in April The class of vendors providing WAM and federation services (which we refer to as IAM gateways ) is addressed in IAM Gateways to the Cloud are Maturing and will also be covered in subsequent Gartner research in The vendors include (but are not limited to) Arcot (acquired by CA in 2010), clavid, Conformity, Covisint, Eostar, Lighthouse Security, Nordic Edge, Ping Identity, Symplified and TriCipher (acquired by VMware in 2010). WAM Use Cases The most common use cases for core WAM are: Etranet access, Web SSO: Core WAM functions are ideal for enterprises that wish to provide remote access and SSO functionality to Web applications in a consistent fashion, for remote employees, partners, citizens or consumers. Intranet access, Web SSO: Core WAM functions can be used to implement a single method of access to internal Web applications within an enterprise network perimeter. Portal access: Core WAM functions (which may include Web SSO) are provided as an access management front-end to a portal implementation. Often, the WAM solution will be integrated with portal authentication, authorization and administration functions. Multiple SaaS access: Core WAM functions or WAM plus federation can be used to provide Web SSO and access management functions for employees that wish to consume multiple SaaS applications running in a private- or public-cloud environment. Federation participant: Core WAM can be used as the access point for a federated network of WAM connections to provide authentication across multiple companies, divisions or separate networks where necessary. Rating for Overall Market/Market Segment Overall Market Rating: Positive Core WAM has become a rite of passage into IAM for the more than 9,000 customers that have implemented it over the past decade. It is frequently the starting point for enterprises that need to implement starter-iam. The reactions of clients that have implemented WAM coupled with its maturity earn core WAM a Positive rating. Evaluation Criteria Vendor Product/Service Analysis Evidian Evidian s Web Access Manager is recognized in Europe as a capable access management addition. An agreement with Quest Software of the U.S. also provides Evidian with access to the North American market, with some modest success to date. Evidian stresses Web Access Manager and Enterprise SSO integration (both separate products from the company) and professional services use cases to ease both integration and implementation. This integration results in integrated Active Directory Kerberos support and the use of SAML in its cross-domain SSO support. High-availability options of the software are available at additional cost. An add-on authorization management product can provide fine-grained authorization based on directory attributes and WAM rules, and an add-on auditor product can provide some basic intelligence. WAM functionality is well-priced relative to competition. 5

6 6 Table 1. Evaluation Criteria Evaluation Criteria Comment Weighting Offering (Product) Strategy Vertical/Industry Strategy Geographic Strategy A technology provider s approach to product development and delivery that emphasizes innovation, differentiation, functionality, methodology and feature set as they map to current and future requirements. Specific subcriteria are: Product themes Foundational or platform differentiation Strategic focus on enterprisewide access management and servicebased functionality Bundled or associated support for user-centric identity: Information Cards, OpenID, etc. Dynamic access control time-, situation- or other dynamic-data-based rules Integration with NAC systems Support for multiple security zones or multiple per-user roles Bundled or associated support for federation to SaaS applications The technology provider s strategy to direct resources, skills, and offerings to meet the specific needs of individual market segments, including verticals. Subcriteria are: Breadth of industries represented in the customer base Industry-specific support The technology provider s strategy to direct resources, skills and offerings to meet the specific needs of geographies outside the home or native geography, either directly or through partners, channels and subsidiaries, as appropriate for that geography and market. Specific subcriteria are: Home market International distribution Standard Standard Low Product/Service Overall Viability (Business Unit, Financial, Strategy, Organization) Core goods and services offered by the technology providers that compete in/serve the defined market. This includes current product/service capabilities, quality, feature sets, skills, etc. Specific subcriteria are: Password self-service Management of identities Integration with other identity and access management components User interfaces and their usefulness to clients XACML support Fine-grained access control capabilities for Web and non-web applications Access control policy administration features Global session management Reporting/audit capabilities Multirepository support Interfaces for IAM suites and ESSO products Bundled or associated identity federation support Viability includes an assessment of the overall organization s financial health, the financial and practical success of the business unit, and the likelihood of the individual business unit to continue investing in the product, offering the product and advancing the state of the art within the organization s portfolio of products. Specific subcriteria are: History of investment in division Contribution of WAM to revenue growth High Standard (continued)

7 Table 1. Evaluation Criteria (continued) 7 Evaluation Criteria Comment Weighting Sales Eecution/Pricing Customer Eperience Source: Gartner (November 2010) The technology providers capabilities in all presales activities and the structure that supports them. This includes deal management, pricing and negotiation, presales support, and the overall effectiveness of the sales channel. Specific subcriteria are: Pricing Innovative pricing options Market share Additional purchases required (for eample, relational database management system [RDBMS], application server, Web server, and so on) Relationships, products and services/programs that enable clients to be successful with the products evaluated. Specifically, this includes the ways customers receive technical support or account support. This can also include ancillary tools, customer support programs (and the quality thereof), availability of user groups, service-level agreements, etc. Specific subcriteria are: Customer support programs Service-level agreements High Standard RATING CA Technologies EMC-RSA Entrust Evidian IBM (Tivoli) Novell Oracle P2 Security Siemens Strong Negative Caution Promising Positive Strong Positive As of 11 November 2010 Source: Gartner (November 2010) While its European presence is strong, Evidian does not have broad name recognition outside of that region. As a result, customer counts are fairly low compared to competitors, and growth has been slow, although the U.S. market has shown some life. While there is some basic user administration, Web Access Manager does depend on Evidian s user-provisioning solution for comprehensive administration. XACML support is provided by Evidian s add-on authorization management product. Rating: Promising CA Technologies CA Technologies SiteMinder is a veteran in the core WAM market, dating back to Netegrity SiteMinder s acquisition in As such, the product shows a breadth of function and use across all WAM use cases in all customer segments. The product is scalable and capable of fault-tolerant configuration. It has broad platform support, advanced authentication options, and comprehensive SSO management and administration. SiteMinder uses a common policy server among CA Technologies other IAM products. The new version has etended support to additional OS and platform

8 8 environments, and provides a user-friendly interface for certificate management. The solution has a solid set of canned reports and can integrate with CA s Log Manager tool. SiteMinder does depend on other CA Technologies IAM solutions for administration, identity repositories and fine-grained entitlements enforcement, to name a few. CA SOA Security Manager provides services-oriented application integration and is a layered product that uses the SiteMinder architecture. Integrator support worldwide improved from 2008 to Security policy for authorization is written in XML but does not yet support industry standards for etensible authorization, although support for XACML is road-mapped. CA Technologies strategic focus on cloud computing placed increased pressure on CA to develop a cloud-based IAM strategy. Their acquisition of Arcot could position CA well toward achieving that objective. Rating: Positive EMC-RSA As a stand-alone WAM vendor, EMC has developed a product architecture with good OS support that allows for integration with multiple competitor IAM solutions, particularly user provisioning. EMC has a strategic IAM partnership with Courion for IAM suite opportunities. As one might epect, RSA Access Manager possesses some identity administration functionality, including basic delegation and self-service password reset, and is relatively customizable compared to other competitors. The company leverages its authentication heritage in use cases where riskappropriate authentication is required with WAM. It has relatively good channels worldwide and balanced global market penetration and name recognition. Fine-grained authorization is supported, with Java and Web services applications that can be invoked based on repository attributes. Federated Identity Manager does have its own user interface separate from Access Manager. Despite RSA Access Manager s strong risk-appropriate authentication play, beyond RSA methods it supports only password, forms and Integrated Windows Authentication (IWA). It also requires a separate product for access intelligence. EMC is increasingly pressured in suite bids against Oracle and IBM Tivoli. Rating: Promising Entrust Like EMC, Entrust provides WAM, risk-appropriate authentication (IdentityGuard), and federation from a single vendor. The federation module of GetAccess is included free with WAM and has rich Security Assertion Markup Language (SAML) and other access management standards support. Support for centralized authentication and authorization via Web services through Secure Transaction Platform (STP) is available at an additional one-time cost. The product comes with prepackaged reports and has core intelligence capabilities. As one of the oldest WAM products on the market, it has a rich feature set for administrators (with a fleible delegation model) and developers alike and does enjoy some name recognition in the access market. GetAccess is also one of the most cost-competitive WAM solutions, and established customers rate Entrust support as good. Entrust GetAccess supports fewer platforms for the main WAM components than competitors (Windows, Solaris, Red Hat Enterprise Linu), although numerous Web target operating systems are supported. The administrative eperience is poor and dated relative to competitors offerings. The company is marginalized in new customer bidding by limited marketing and aggressive competitors, resulting in declining market share and limited opportunity. Rating: Caution IBM (Tivoli) IBM Tivoli s Federated Identity Manager (TFIM) is a significant worldwide presence in Web access management, and subscribes to the concept of core WAM being part of a broader access management architecture in enterprises. This solution is part of an IBM Tivoli IAM suite, and with emphasis on federation and moresignificant administrative capabilities, TFIM seeks to differentiate itself. The newest release epands this administration capability and provides application integration and performance improvements. The product supports Active Directory Kerberos natively, has.net support and some SharePoint integration. TFIM does support integration across a number of other security platforms such as security information and event management (SIEM) provider HP-ArcSight (and its own product, Tivoli SIEM, or TSIEM) and VPN providers such as Juniper, to name a few. The product can be and is offered as a Web access management SaaS, and IBM has a partnership with provider Lighthouse Security. IBM Tivoli has broad technical standards support in access management architecture. TFIM can join multiple repositories for authentication and authorization, leveraging the embedded Tivoli Directory Integrator (TDI) to do so. Another add-on product (Tivoli Security Policy Manager, or TSPM) is required for fine-grained authorization and Web services security policy management functionality Rating: Positive Novell Novell s Web Access Manager is part of a modular and wellintegrated IAM offering that also includes user provisioning, ESSO and SIEM. It provides Web SSO with no modification to Web servers, supports any HTTP-standard-based Web application, and has integrated federation functionality. While workflow needs are handled by Novell Identity Manager, the administration functionality of the product has been updated further for epanded use in hosted environments as well as preparing for etensive cloudcomputing participation. Support for varied authentication methods is etensive, and Novell s SIEM provides a rich foundation for intelligence and reporting. Integration with ESSO is also good. Novell has industry name recognition, broad industry customer

9 coverage, and a world channel footprint. Gartner estimates that WAM sales are approimately 50% North America, 30% Europe and 20% the rest of world, showing a good distribution. Compared to competitors, Novell has limited platform support (Windows and SUSE Linu) for the WAM components; however, this does not limit Web application platform support. Policy storage is limited to an embedded copy of edirectory, and fine-grained authorization support is proprietary (i.e., no XACML support). Rating: Positive Oracle Oracle refers to its core WAM product, Oracle Access Manager (OAM), as part of an Oracle Access Management Suite a minisuite within the broader Oracle IAM suite. With the company s etensive enterprise application portfolio, the company s access management architecture can best be described as applicationcentric. All of the Oracle enterprise applications today have Web access or general access management requirements. While Oracle s access products are quite distinct at present, the company is moving to integrate them via its Fusion architecture. Oracle s acquisition of Sun Microsystems has also provided it with enhanced federation and security token service (STS) support. Web services support is part of the broader Access Management suite, but can also be purchased stand-alone as Oracle Web Services Manager. Core WAM has good delegation capability and supports multiple repositories with the use of add-on product Oracle Virtual Directory (OVD). All WAM modes are supported (agent, proy or combo), and the solution supports native failover between server engines and repositories. The company has worldwide distribution and a comprehensive list of system integrators for deployment. OAM provides basic reporting and intelligence by including BI Publisher. SIEM integration is minimal. OAM s role in cloud computing is also not clear. Rating: Positive P2 Security P2 maxecurity is an appliance offering for WAM based on a proprietary operating system. The company emphasizes speed of deployment and performance (i.e., multiple appliances can be deployed for speed and failover). Pricing is based on appliance performance, not user count. There is reporting and intelligence functionality, including industry-specific support for regulatory reporting in a few cases (e.g., energy and utility markets). P2 Security has a vertical strategy focused primarily on financial services and healthcare. The product can support integration with any LDAP v.3-compliant directory server. With a minimal appliance footprint, the company positions maxecurity as a cloud-ready offering, though with basic WAM and federation-only support. Pricing is attractive for these capabilities. maxecurity has basic user administration capability that is in line with most competitors. Access policies cannot be imported or eported into the solution, and there is no Active Directory Kerberos integration support or native support for fine-grained authorization. SAML and WS-Federation protocols are supported, but the product does not do protocol translation and support user-centric identity frameworks (e.g., OpenID), nor is an STS provided (although it is road-mapped). If core WAM functionality plus basic federation support is the requirement, then P2 Security demonstrates solid value for the money. Rating: Caution Siemens Siemens DirX Access WAM is a relatively complete offering with proy and agent support and includes federation, STS and authorization. Emphasis is on standards support, so authorization is XACML-based and LDAP v.3 compliant for directory integration, among others. Authentication and identity framework support are comprehensive. The product also ehibits strong service-oriented architecture support by eposing core functionality through its native Java foundations. There is import/eport support for XACMLbased policies as well. Basic user administration functionality provides delegation and adequate reporting and intelligence through an add-on solution DirX Audit. Fault tolerance and highavailability configurations are supported. While Siemens customers are predominantly European, over one-third are worldwide, and the company does have global reach from a sales and support perspective. DirX Access itself does not have out-of-the-bo reporting, and depends upon DirX Audit to provide basic intelligence functions. While well-recognized in Europe as an IAM provider, this is less true outside of Europe. Rating: Promising Vendors Added or Dropped We review and adjust our inclusion criteria for Magic Quadrants and MarketScopes as markets change. As a result of these adjustments, the mi of vendors in any Magic Quadrant or MarketScope may change over time. A vendor appearing in a Magic Quadrant or MarketScope one year and not the net does not necessarily indicate that we have changed our opinion of that vendor. This may be a reflection of a change in the market and, therefore, changed evaluation criteria, or a change of focus by a vendor. 9

10 10 Gartner MarketScope Defined Gartner s MarketScope provides specific guidance for users who are deploying, or have deployed, products or services. A Gartner MarketScope rating does not imply that the vendor meets all, few or none of the evaluation criteria. The Gartner MarketScope evaluation is based on a weighted evaluation of a vendor s products in comparison with the evaluation criteria. Consider Gartner s criteria as they apply to your specific requirements. Contact Gartner to discuss how this evaluation may affect your specific needs. In the below table, the various ratings are defined: MarketScope Rating Framework Strong Positive Is viewed as a provider of strategic products, services or solutions: Customers: Continue with planned investments. Potential customers: Consider this vendor a strong choice for strategic investments. Positive Demonstrates strength in specific areas, but eecution in one or more areas may still be developing or inconsistent with other areas of performance: Customers: Continue planned investments. Potential customers: Consider this vendor a viable choice for strategic or tactical investments, while planning for known limitations. Promising Shows potential in specific areas; however, eecution is inconsistent: Customers: Consider the short- and long-term impact of possible changes in status. Potential customers: Plan for and be aware of issues and opportunities related to the evolution and maturity of this vendor. Caution Faces challenges in one or more areas: Customers: Understand challenges in relevant areas, and develop contingency plans based on risk tolerance and possible business impact. Potential customers: Account for the vendor s challenges as part of due diligence. Strong Negative Has difficulty responding to problems in multiple areas: Customers: Eecute risk mitigation plans and contingency options. Potential customers: Consider this vendor only for tactical investment with short-term, rapid payback.

MarketScope for IT Governance, Risk and Compliance Management, 2008

MarketScope for IT Governance, Risk and Compliance Management, 2008 MarketScope for IT Governance, Risk and Compliance Management, 2008 Gartner RAS Core Research Note G00154941, Paul E. Proctor, Mark Nicolett, French Caldwell, 11 February 2008, RA7 03032009 The IT GRCM

More information

Keynote: Gartner Magic Quadrants and MarketScopes. Ant Allan Felix Gaehtgens Gregg Kreizman Earl Perkins Brian Iverson

Keynote: Gartner Magic Quadrants and MarketScopes. Ant Allan Felix Gaehtgens Gregg Kreizman Earl Perkins Brian Iverson Keynote: Gartner Magic Quadrants and MarketScopes Ant Allan Feli Gaehtgens Gregg Kreizman Earl Perkins Brian Iverson IAM Technologies by Primary Function Administration Intelligence Authentication Authorization

More information

SIEM and IAM Technology Integration

SIEM and IAM Technology Integration SIEM and IAM Technology Integration Gartner RAS Core Research Note G00161012, Mark Nicolett, Earl Perkins, 1 September 2009, RA3 09302010 Integration of identity and access management (IAM) and security

More information

How to Get to Single Sign-On

How to Get to Single Sign-On How to Get to Single Sign-On Gregg Kreizman Neil Wynne Twitter: @neilwynne Gartner is a registered trademark of Gartner, Inc. or its affiliates. This publication may not be reproduced or distributed in

More information

Magic Quadrant for Global Enterprise Desktops and Notebooks

Magic Quadrant for Global Enterprise Desktops and Notebooks Magic Quadrant for Global Enterprise Desktops and Notebooks Gartner RAS Core Research Note G00207470, Stephen Kleynhans, 10 November 2010, R3553 11302011 In the general PC market, price is often the main

More information

Product overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities

Product overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities PRODUCT SHEET: CA SiteMinder CA SiteMinder we can CA SiteMinder provides a centralized security management foundation that enables the secure use of the web to deliver applications and cloud services to

More information

Ability to Execute. What You Need to Know

Ability to Execute. What You Need to Know 1 of 10 11/30/2010 1:00 PM 28 July 2010 Bern Elliot, Steve Blood Gartner RAS Core Research Note G00201349 Unified communications offers the ability to improve how individuals, groups and companies interact

More information

White paper December 2008. Addressing single sign-on inside, outside, and between organizations

White paper December 2008. Addressing single sign-on inside, outside, and between organizations White paper December 2008 Addressing single sign-on inside, outside, and between organizations Page 2 Contents 2 Overview 4 IBM Tivoli Unified Single Sign-On: Comprehensively addressing SSO 5 IBM Tivoli

More information

Workshop: How an IAM RFP Can Help You Choose the Best Solution for Your Business

Workshop: How an IAM RFP Can Help You Choose the Best Solution for Your Business Workshop: How an IAM RFP Can Help You Choose the Best Solution for Your Business Earl Perkins Gartner is a registered trademark of Gartner, Inc. or its affiliates. This publication may not be reproduced

More information

2003 Desktop Software Distribution Magic Quadrant

2003 Desktop Software Distribution Magic Quadrant Markets, R. Colville Research Note 15 April 2003 2003 Desktop Software Distribution Magic Quadrant Software distribution is the critical component for desktop configuration management. Vendors in our Magic

More information

IAM can utilize SIEM event data to drive user and role life cycle management and automate remediation of exception conditions.

IAM can utilize SIEM event data to drive user and role life cycle management and automate remediation of exception conditions. Research Publication Date: 1 September 2009 ID Number: G00161012 SIEM and IAM Technology Integration Mark Nicolett, Earl Perkins Integration of identity and access management (IAM) and security information

More information

MarketScope for IT Governance, Risk and Compliance Management, 2008

MarketScope for IT Governance, Risk and Compliance Management, 2008 Research Publication Date: 11 February 2008 ID Number: G00154941 MarketScope for IT Governance, Risk and Compliance Management, 2008 Paul E. Proctor, Mark Nicolett, French Caldwell The IT GRCM market was

More information

Business Applications and Infrastructure Entwined

Business Applications and Infrastructure Entwined Markets, S. Hayward, B. Burton, J. Comport, Y. Genovese, T. Bittman Research Note 9 July 2003 Business and Infrastructure Entwined Oracle's bid for PeopleSoft encompasses more than applications. It illustrates

More information

CIO Update: Gartner's Extranet Access Management Magic Quadrant for 2H02

CIO Update: Gartner's Extranet Access Management Magic Quadrant for 2H02 IGG-01152003-02 J. Pescatore, R. Wagner Article 15 January 2003 CIO Update: Gartner's Extranet Access Management Magic Quadrant for 2H02 CIOs and many other executives are interested in insights on how

More information

Market Trends in 2002 and 2003

Market Trends in 2002 and 2003 Markets, J. Pescatore, R. Wagner Research Note 8 January 2003 Extranet Access Management 2H02 Magic Quadrant Inside-the-firewall (intraenterprise) integration to reduce costs dominated the extranet access

More information

CA Federation Manager

CA Federation Manager PRODUCT BRIEF: CA FEDERATION MANAGER CA FEDERATION MANAGER PROVIDES STANDARDS-BASED IDENTITY FEDERATION CAPABILITIES THAT ENABLE THE USERS OF ONE ORGANIZATION TO EASILY AND SECURELY ACCESS THE DATA AND

More information

Research. Identity and Access Management Defined

Research. Identity and Access Management Defined Research Publication Date: 4 November 2003 ID Number: SPA-21-3430 Identity and Access Management Defined Roberta J. Witty, Ant Allan, John Enck, Ray Wagner An IAM solution requires multiple products from

More information

Security solutions Executive brief. Understand the varieties and business value of single sign-on.

Security solutions Executive brief. Understand the varieties and business value of single sign-on. Security solutions Executive brief Understand the varieties and business value of single sign-on. August 2005 2 Contents 2 Executive overview 2 SSO delivers multiple business benefits 3 IBM helps companies

More information

White Paper Delivering Web Services Security: The Entrust Secure Transaction Platform

White Paper Delivering Web Services Security: The Entrust Secure Transaction Platform White Paper Delivering Web Services Security: September 2003 Copyright 2003 Entrust. All rights reserved. Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries.

More information

Magic Quadrant for Application Platform Suites, 2Q03

Magic Quadrant for Application Platform Suites, 2Q03 Markets, Y. Natis, M. Pezzini, G. Phifer, C. Haight, M. Driver Research Note 5 May 2003 Magic Quadrant for Application Platform Suites, 2Q03 Application platform suites are incrementally assembled or bought

More information

CIO Update: Gartner s IT Security Management Magic Quadrant Lacks a Leader

CIO Update: Gartner s IT Security Management Magic Quadrant Lacks a Leader IGG-04092003-04 M. Nicolett Article 9 April 2003 CIO Update: Gartner s IT Security Management Magic Quadrant Lacks a Leader Vendors in the Gartner IT Security Management Magic Quadrant for 1H03 are driven

More information

MarketScope for Enterprise Single Sign-On

MarketScope for Enterprise Single Sign-On MarketScope for Enterprise Single Sign-On Gartner RAS Core Research Note G00170568, Gregg Kreizman, 15 September 2009 The ESSO market has matured in 2009, with market leaders accelerating their growth

More information

EMEA CRM Analytics Suite Magic Quadrant Criteria 3Q02

EMEA CRM Analytics Suite Magic Quadrant Criteria 3Q02 Decision Framework, J. Radcliffe Research Note 26 September 2002 EMEA CRM Analytics Suite Magic Quadrant Criteria 3Q02 Europe, the Middle East and Africa Customer Relationship Management Analytics Suite

More information

Sun and Oracle: Joining Forces in Identity Management

Sun and Oracle: Joining Forces in Identity Management Sun and Oracle: Joining Forces in Identity Management The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into

More information

Magic Quadrant for Storage Professional and Support Services

Magic Quadrant for Storage Professional and Support Services Magic Quadrant for Storage Professional and Support Services Gartner RAS Core Research Note G00157182, Adam W. Couture, Robert E. Passmore, 30 July 2008 Gartner evaluates storage service providers and

More information

IBM Tivoli Federated Identity Manager

IBM Tivoli Federated Identity Manager IBM Tivoli Federated Identity Manager Employ user-centric federated access management to enable secure online business collaboration Highlights Enhance business-to-business and business-to-consumer collaborations

More information

The Magic Quadrant Framework

The Magic Quadrant Framework Markets, B. Eisenfeld, F. Karamouzis Research Note 14 November 2002 Americas CRM ESPs: 2003 Magic Quadrant Criteria Gartner has developed high-level evaluation criteria for the 2003 Americas customer relationship

More information

Access Management Analysis of some available solutions

Access Management Analysis of some available solutions Access Management Analysis of some available solutions Enterprise Security & Risk Management May 2015 Authors: Yogesh Kumar Sharma, Kinshuk De, Dr. Sundeep Oberoi Access Management - Analysis of some available

More information

This research note is restricted to the personal use of christine_tolman@byu.edu

This research note is restricted to the personal use of christine_tolman@byu.edu Burton IT1 Research G00234483 Identity Management Published: 9 July 2012 Analyst(s): Ian Glazer, Bob Blakley Identity management (IdM) has become a distinct aggregation of functions for the maintenance

More information

SSL VPN 1H03 Magic Quadrant Evaluation Criteria

SSL VPN 1H03 Magic Quadrant Evaluation Criteria Markets, J. Girard Research Note 8 April 2003 SSL VPN 1H03 Magic Quadrant Evaluation Criteria Secure Sockets Layer virtual private networks are simple, portable and convenient alternatives to IPsec, and

More information

The Four "A's" of Information Security

The Four A's of Information Security Strategic Planning, R. Witty, A. Allan, J. Enck, R. Wagner Research Note 4 November 2003 Identity and Access Management Defined An IAM solution requires multiple products from multiple vendors. It also

More information

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning. PingFederate We went with PingFederate because it s based on standards like SAML, which are important for a secure implementation. John Davidson Senior Product Manager, Opower PingFederate is the leading

More information

How can Identity and Access Management help me to improve compliance and drive business performance?

How can Identity and Access Management help me to improve compliance and drive business performance? SOLUTION BRIEF: IDENTITY AND ACCESS MANAGEMENT (IAM) How can Identity and Access Management help me to improve compliance and drive business performance? CA Identity and Access Management automates the

More information

Magic Quadrant for User Provisioning

Magic Quadrant for User Provisioning Magic Quadrant for User Provisioning Gartner RAS Core Research Note G00159740, Earl Perkins, Perry Carpenter, 15 August 2008 User provisioning delivers capabilities to manage users identities across systems,

More information

CA SiteMinder SSO Agents for ERP Systems

CA SiteMinder SSO Agents for ERP Systems PRODUCT SHEET: CA SITEMINDER SSO AGENTS FOR ERP SYSTEMS CA SiteMinder SSO Agents for ERP Systems CA SiteMinder SSO Agents for ERP Systems help organizations minimize sign-on requirements and increase security

More information

Integrating Hitachi ID Suite with WebSSO Systems

Integrating Hitachi ID Suite with WebSSO Systems Integrating Hitachi ID Suite with WebSSO Systems 2015 Hitachi ID Systems, Inc. All rights reserved. Web single sign-on (WebSSO) systems are a widely deployed technology for managing user authentication

More information

The Role of Federation in Identity Management

The Role of Federation in Identity Management The Role of Federation in Identity Management August 19, 2008 Andrew Latham Solutions Architect Identity Management 1 The Role of Federation in Identity Management Agenda Federation Backgrounder Federation

More information

Magic Quadrant for Storage Services, 2Q05 25 May 2005 Adam W. Couture Robert E. Passmore

Magic Quadrant for Storage Services, 2Q05 25 May 2005 Adam W. Couture Robert E. Passmore Magic Quadrant for Storage Services, 2Q05 25 May 2005 Adam W. Couture Robert E. Passmore Source: Gartner Note Number: G00127958 Leading storage service providers in North America are executing on clear

More information

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com VENDOR PROFILE Passlogix and Enterprise Secure Single Sign-On: A Success Story Sally Hudson IDC OPINION Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

More information

Unlike the general notebook market, in which

Unlike the general notebook market, in which Magic Quadrant for Global Enterprise Notebook PCs, 2H05 Gartner RAS Core Research Note G00133054, Mikako Kitagawa, Brian Gammage, Leslie Fiering, 12 January 2006, R1662 07222006. Unlike the general notebook

More information

expanding web single sign-on to cloud and mobile environments agility made possible

expanding web single sign-on to cloud and mobile environments agility made possible expanding web single sign-on to cloud and mobile environments agility made possible the world of online business is rapidly evolving In years past, customers once tiptoed cautiously into the realm of online

More information

EXECUTIVE VIEW. CA Privileged Identity Manager. KuppingerCole Report

EXECUTIVE VIEW. CA Privileged Identity Manager. KuppingerCole Report KuppingerCole Report EXECUTIVE VIEW by Alexei Balaganski March 2015 is a comprehensive Privileged Identity Management solution for physical and virtual environments with a very broad range of supported

More information

MarketScope for Enterprise Single Sign-On

MarketScope for Enterprise Single Sign-On MarketScope for Enterprise Single Sign-On Gartner RAS Core Research Note G00206199, Gregg Kreizman, 7 September 2010 The enterprise single sign-on market continues to mature in 2010. A few vendors are

More information

TRANSITIONING ENTERPRISE CUSTOMERS TO THE CLOUD WITH PULSE SECURE

TRANSITIONING ENTERPRISE CUSTOMERS TO THE CLOUD WITH PULSE SECURE White Paper TRANSITIONING ENTERPRISE CUSTOMERS TO THE CLOUD WITH PULSE SECURE Pulse Connect Secure Enables Service Providers to Deliver Scalable and On-Demand, Cloud-Based Deployments with Simplicity and

More information

Oakland County Department of Information Technology Project Scope and Approach

Oakland County Department of Information Technology Project Scope and Approach Oakland County Department of Information Technology Project Scope and Approach Project Name: Active Directory Federation Services (ADFS) Upgrade Project ID: TP5186AD Leadership Group: IT Steering Committee

More information

Magic Quadrant for Enterprise Governance, Risk and Compliance Platforms

Magic Quadrant for Enterprise Governance, Risk and Compliance Platforms Magic Quadrant for Enterprise Governance, Risk and Compliance Platforms Gartner RAS Core Research Note G00158295, French Caldwell, Tom Eid, 30 June 2008, R2799 07092009 The market for enterprise governance,

More information

Connecting Users with Identity as a Service

Connecting Users with Identity as a Service Ping Identity has demonstrated support for multiple workforce and external identity use cases, as well as strong service provider support. Gregg Kreizman Gartner 1 Connecting Users with Identity as a Service

More information

Service management White paper. Manage access control effectively across the enterprise with IBM solutions.

Service management White paper. Manage access control effectively across the enterprise with IBM solutions. Service management White paper Manage access control effectively across the enterprise with IBM solutions. July 2008 2 Contents 2 Overview 2 Understand today s requirements for developing effective access

More information

Oracle Identity Management Concepts and Architecture. An Oracle White Paper December 2003

Oracle Identity Management Concepts and Architecture. An Oracle White Paper December 2003 Oracle Identity Management Concepts and Architecture An Oracle White Paper December 2003 Oracle Identity Management Concepts and Architecture Introduction... 3 Identity management... 3 What is Identity

More information

Magic Quadrant for Identity and Access Management as a Service

Magic Quadrant for Identity and Access Management as a Service G00260221 Magic Quadrant for Identity and Access Management as a Service Published: 2 June 2014 Analyst(s): Gregg Kreizman The IDaaS market is still in its early days. Vendors come from distinctly different

More information

When millions need access: Identity management in an increasingly connected world

When millions need access: Identity management in an increasingly connected world IBM Software Thought Leadership White Paper January 2011 When millions need access: Identity management in an increasingly connected world Best practice solutions that scale to meet today s huge numbers

More information

An Oracle White Paper Dec 2013. Oracle Access Management Security Token Service

An Oracle White Paper Dec 2013. Oracle Access Management Security Token Service An Oracle White Paper Dec 2013 Oracle Access Management Security Token Service Disclaimer The following is intended to outline our general product direction. It is intended for information purposes only,

More information

OPENIAM ACCESS MANAGER. Web Access Management made Easy

OPENIAM ACCESS MANAGER. Web Access Management made Easy OPENIAM ACCESS MANAGER Web Access Management made Easy TABLE OF CONTENTS Introduction... 3 OpenIAM Access Manager Overview... 4 Access Gateway... 4 Authentication... 5 Authorization... 5 Role Based Access

More information

Approaches to Enterprise Identity Management: Best of Breed vs. Suites

Approaches to Enterprise Identity Management: Best of Breed vs. Suites Approaches to Enterprise Identity Management: Best of Breed vs. Suites 2015 Hitachi ID Systems, Inc. All rights reserved. Contents 1 Introduction 1 2 Executive Summary 1 3 Background 2 3.1 Enterprise Identity

More information

Cloud SSO and Federated Identity Management Solutions and Services

Cloud SSO and Federated Identity Management Solutions and Services Cloud SSO and Federated Identity Management Solutions and Services Achieving Balance Between Availability and Protection Discussion Points What is Cloud Single Sign-On (SSO) What is Federated Identity

More information

Federated Identity and Single Sign-On using CA API Gateway

Federated Identity and Single Sign-On using CA API Gateway WHITE PAPER DECEMBER 2014 Federated Identity and Single Sign-On using Federation for websites, Web services, APIs and the Cloud K. Scott Morrison VP Engineering and Chief Architect 2 WHITE PAPER: FEDERATED

More information

CA Technologies Strategy and Vision for Cloud Identity and Access Management

CA Technologies Strategy and Vision for Cloud Identity and Access Management WHITE PAPER CLOUD IDENTITY AND ACCESS MANAGEMENT CA TECHNOLOGIES STRATEGY AND VISION FEBRUARY 2013 CA Technologies Strategy and Vision for Cloud Identity and Access Management Sumner Blount Merritt Maxim

More information

EXECUTIVE VIEW. SecureAuth IdP. KuppingerCole Report

EXECUTIVE VIEW. SecureAuth IdP. KuppingerCole Report KuppingerCole Report EXECUTIVE VIEW by Dave Kearns March 2015 SecureAuth IdP SecureAuth IdP combines cloud single sign-on capabilities with strong authentication and risk-based access control while focusing

More information

Predicts 2004: Supplier Relationship Management

Predicts 2004: Supplier Relationship Management Strategic Planning, D. Hope-Ross Research Note 17 November 2003 Predicts 2004: Supplier Relationship Management Enterprises using technology to improve supplier relationships should pay attention to changes

More information

SAN Management Software Magic Quadrant

SAN Management Software Magic Quadrant Markets, C. DiCenzo, R. Paquet, N. Allen, R. Passmore Research Note 22 April 2003 SAN Management Software Magic Quadrant In the storage area network management software market, expect increased competition

More information

What's a Digital Marketing Platform? What Isn't?

What's a Digital Marketing Platform? What Isn't? G00252512 What's a Digital Marketing Platform? What Isn't? Published: 26 June 2013 Analyst(s): Jake Sorofman, Andrew Frank, Bill Gassman, Adam Sarner, Mike McGuire The rise of digital marketing has amplified

More information

TRUSTED IDENTITIES, MANAGED ACCESS Implementing an Identity and Access Management Strategy for the Mobile Enterprise. Introduction.

TRUSTED IDENTITIES, MANAGED ACCESS Implementing an Identity and Access Management Strategy for the Mobile Enterprise. Introduction. TRUSTED IDENTITIES, MANAGED ACCESS Implementing an Identity and Access Management Strategy for the Mobile Enterprise June 2008 Introduction Whether you are looking to securely deliver applications and

More information

Magic Quadrant for a Fading PKI Market, 2003

Magic Quadrant for a Fading PKI Market, 2003 Markets, V. Wheatman, R. Wagner Research Note 17 June 2003 Magic Quadrant for a Fading PKI Market, 2003 Pure-play public-key infrastructure vendors are disappearing due to failure or acquisition, or by

More information

Microsoft and Novell - A Case Study in Identity Federation

Microsoft and Novell - A Case Study in Identity Federation Boosting interoperability and collaboration across mixedtechnology environments Standards-based identity federation solutions from Microsoft and Novell May 2009 Executive summary Despite remarkable gains

More information

Oracle Identity Management: Integration with Windows. An Oracle White Paper December. 2004

Oracle Identity Management: Integration with Windows. An Oracle White Paper December. 2004 Oracle Identity Management: Integration with Windows An Oracle White Paper December. 2004 Oracle Identity Management: Integration with Windows Introduction... 3 Goals for Windows Integration... 4 Directory

More information

CA Virtual Assurance for Infrastructure Managers

CA Virtual Assurance for Infrastructure Managers DATA SHEET CA Virtual Assurance for Infrastructure Managers (Includes CA Systems Performance for Infrastructure Managers) CA Virtual Assurance for Infrastructure Managers (formerly CA Virtual Performance

More information

RSA ACCESS MANAGER. Web Access Management Solution ESSENTIALS SECURE ACCESS TO WEB APPLICATIONS WEB SINGLE SIGN-ON CONTEXTUAL AUTHORIZATION

RSA ACCESS MANAGER. Web Access Management Solution ESSENTIALS SECURE ACCESS TO WEB APPLICATIONS WEB SINGLE SIGN-ON CONTEXTUAL AUTHORIZATION RSA ACCESS MANAGER Web Access Management Solution ESSENTIALS Secure Access Enforces access to Web applications based on risk and context Centralizes security and enforces business policy Web Single Sign-on

More information

Allidm.com. SSO Introduction. Discovering IAM Solutions. Leading the IAM Training. @aidy_idm facebook/allidm

Allidm.com. SSO Introduction. Discovering IAM Solutions. Leading the IAM Training. @aidy_idm facebook/allidm Discovering IAM Solutions Leading the IAM Training @aidy_idm facebook/allidm SSO Introduction Disclaimer and Acknowledgments The contents here are created as a own personal endeavor and thus does not reflect

More information

solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service?

solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service? solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service? provides identity and access management capabilities as a hosted cloud service. This allows you to quickly

More information

2015 Global Identity and Access Management (IAM) Market Leadership Award

2015 Global Identity and Access Management (IAM) Market Leadership Award 2015 Global Identity and Access Management (IAM) Market Leadership Award 2015 Contents Background and Company Performance... 3 Industry Challenges... 3 Market Leadership of IBM... 3 Conclusion... 6 Significance

More information

Security Services. Benefits. The CA Advantage. Overview

Security Services. Benefits. The CA Advantage. Overview PRODUCT BRIEF: CA SITEMINDER FEDERATION SECURITY SERVICES CA SiteMinder Federation Security Services CA SITEMINDER FEDERATION SECURITY SERVICES EXTENDS THE WEB SINGLE SIGN-ON EXPERIENCE PROVIDED BY CA

More information

PingFederate. SSO Integration Overview

PingFederate. SSO Integration Overview PingFederate SSO Integration Overview 2006-2012 Ping Identity Corporation. All rights reserved. PingFederate SSO Integration Overview Version 6.6 January, 2012 Ping Identity Corporation 1001 17th Street,

More information

The PC life cycle configuration management Market Overview

The PC life cycle configuration management Market Overview Magic Quadrant for PC Life Cycle Configuration Management, 2005 Gartner RAS Core Research Note G00131185, 17 October 2005, Ronni J. Colville, Michael A. Silver, R1580 05052006. The PC life cycle configuration

More information

Market Guide for Data-Centric Audit and Protection

Market Guide for Data-Centric Audit and Protection G00263059 Market Guide for Data-Centric Audit and Protection Published: 21 November 2014 Analyst(s): Brian Lowans, Earl Perkins Organizations that have not developed data-centric security policies to coordinate

More information

SECURE ACCESS TO THE VIRTUAL DATA CENTER

SECURE ACCESS TO THE VIRTUAL DATA CENTER SOLUTION BRIEF SECURE ACCESS TO THE VIRTUAL DATA CENTER Ensure that Remote Users Can Securely Access the Virtual Data Center s Virtual Desktops and Other Resources Challenge VDI is driving a unique need

More information

I D C V E N D O R S P O T L I G H T

I D C V E N D O R S P O T L I G H T I D C V E N D O R S P O T L I G H T E n f o r c i n g I dentity a nd Access Management i n C l o u d a n d Mobile Envi r o n m e n t s November 2012 Adapted from Worldwide Identity and Access Management

More information

Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009

Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009 Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009 EXECUTIVE OVERVIEW Enterprises these days generally have Microsoft Windows desktop users accessing diverse enterprise applications

More information

Business-Driven, Compliant Identity Management

Business-Driven, Compliant Identity Management SAP Solution in Detail SAP NetWeaver SAP Identity Management Business-Driven, Compliant Identity Management Table of Contents 3 Quick Facts 4 Business Challenges: Managing Costs, Process Change, and Compliance

More information

managing SSO with shared credentials

managing SSO with shared credentials managing SSO with shared credentials Introduction to Single Sign On (SSO) All organizations, small and big alike, today have a bunch of applications that must be accessed by different employees throughout

More information

Case Study & POC & Demos Information

Case Study & POC & Demos Information Case Study & POC & Demos Information Type: Case Study Name: Multichannel Campaign Management (MCCM) Description: The IBM Company seeks, as vendor, through the multichannel campaign management (MCCM) services,

More information

Magic Quadrant for Integrated Document Management, 2003

Magic Quadrant for Integrated Document Management, 2003 Magic Quadrant for Integrated Document Management, 2003 Document management has moved to the forefront of many enterprises' purchasing lists. Our 2003 Magic Quadrant explains the complexities of the integrated

More information

OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere.

OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere. OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere. OpenAM, the only all-in-one open source access management solution, provides the

More information

Vendors strongly focused on WCM

Vendors strongly focused on WCM Markets, M. Gilbert, N. Drakos, L. Latham Research Note 28 August 2001 The Web Content Management Magic Quadrant for 2001 The Gartner Web content management Magic Quadrant for 2001 has three leaders and

More information

VALUE PROPOSITION FOR SERVICE PROVIDERS. Helping Service Providers accelerate adoption of the cloud

VALUE PROPOSITION FOR SERVICE PROVIDERS. Helping Service Providers accelerate adoption of the cloud VALUE PROPOSITION FOR SERVICE PROVIDERS Helping Service Providers accelerate adoption of the cloud Partnership with Service Providers Enabling Your Cloud Services in Complex Environments Today s challenge

More information

INTEGRATION GUIDE. IDENTIKEY Federation Server for Juniper SSL-VPN

INTEGRATION GUIDE. IDENTIKEY Federation Server for Juniper SSL-VPN INTEGRATION GUIDE IDENTIKEY Federation Server for Juniper SSL-VPN Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; VASCO

More information

Understanding Enterprise Cloud Governance

Understanding Enterprise Cloud Governance Understanding Enterprise Cloud Governance Maintaining control while delivering the agility of cloud computing Most large enterprises have a hybrid or multi-cloud environment comprised of a combination

More information

SSL VPN 1H03 Magic Quadrant

SSL VPN 1H03 Magic Quadrant Markets, J. Girard Research Note 8 April 2003 SSL VPN 1H03 Magic Quadrant The emerging Secure Sockets Layer virtual private network market is standards-based, with good short-term return on investment

More information

IBM Security Access Manager for Web

IBM Security Access Manager for Web IBM Security Access Manager for Web Secure user access to web applications and data Highlights Implement centralized user authentication, authorization and secure session management for online portal and

More information

SAML SSO Configuration

SAML SSO Configuration SAML SSO Configuration Overview of Single Sign-, page 1 Benefits of Single Sign-, page 2 Overview of Setting Up SAML 2.0 Single Sign-, page 3 SAML 2.0 Single Sign- Differences Between Cloud-Based Meeting

More information

Research. Magic Quadrant for User Provisioning

Research. Magic Quadrant for User Provisioning Research Publication Date: 30 September 2009 ID Number: G00171056 Magic Quadrant for User Provisioning Perry Carpenter, Earl Perkins User provisioning delivers the ability to manage identities across systems,

More information

By 2007, 80 percent of enterprise communications purchase decisions will require support for unified communications (0.6 probability).

By 2007, 80 percent of enterprise communications purchase decisions will require support for unified communications (0.6 probability). Page 1 of 5 Magic Quadrant for Unified Communications, 2005 14 February 2005 Bern Elliot Steve Blood Drew Kraus Source: Gartner Note Number: G00125707 Unified communications technology and applications

More information

Magic Quadrants for EBIS/Reporting and BI Platforms, 2H03

Magic Quadrants for EBIS/Reporting and BI Platforms, 2H03 Markets, H. Dresner, B. Hostmann, F. Buytendijk, A. Tiedrich Research Note 25 August 2003 Magic Quadrants for EBIS/Reporting and BI Platforms, 2H03 The business intelligence technology markets continue

More information

BI Platforms User Survey, 2011: Customers Rate Their BI Platform Vendors

BI Platforms User Survey, 2011: Customers Rate Their BI Platform Vendors BI Platforms User Survey, 2011: Customers Rate Their BI Platform Vendors Gartner RAS Core Research Note G00211769, Rita L. Sallam, 4 April 2011, RA1 07132011 Gartner recently surveyed business intelligence

More information

Junos Pulse Secure Access Service Enables Service Providers to Deliver Scalable and On-Demand, Cloud-Based Deployments with Simplicity and Agility

Junos Pulse Secure Access Service Enables Service Providers to Deliver Scalable and On-Demand, Cloud-Based Deployments with Simplicity and Agility White Paper Transitioning Enterprise Customers to the Cloud with Junos Pulse Junos Pulse Secure Access Service Enables Service Providers to Deliver Scalable and On-Demand, Cloud-Based Deployments with

More information

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES pingidentity.com EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES Best practices for identity federation in AWS Table of Contents Executive Overview 3 Introduction: Identity and Access Management in Amazon

More information

Magic Quadrant for Enterprise Content Management 18 October 2012

Magic Quadrant for Enterprise Content Management 18 October 2012 Magic Quadrant for Enterprise Content Management 18 October 2012 Uptake of ECM offerings remains strong as organizations harness content to drive key business applications. Process-centric solutions, social

More information

PROVIDING SINGLE SIGN-ON TO AMAZON EC2 APPLICATIONS FROM AN ON-PREMISES WINDOWS DOMAIN

PROVIDING SINGLE SIGN-ON TO AMAZON EC2 APPLICATIONS FROM AN ON-PREMISES WINDOWS DOMAIN PROVIDING SINGLE SIGN-ON TO AMAZON EC2 APPLICATIONS FROM AN ON-PREMISES WINDOWS DOMAIN CONNECTING TO THE CLOUD DAVID CHAPPELL DECEMBER 2009 SPONSORED BY AMAZON AND MICROSOFT CORPORATION CONTENTS The Challenge:

More information

The Primer: Nuts and Bolts of Federated Identity Management

The Primer: Nuts and Bolts of Federated Identity Management The Primer: Nuts and Bolts of Federated Identity Management Executive Overview For any IT department, it is imperative to understand how your organization can securely manage and control users identities.

More information

TrustedX - PKI Authentication. Whitepaper

TrustedX - PKI Authentication. Whitepaper TrustedX - PKI Authentication Whitepaper CONTENTS Introduction... 3 1... 4 Use Scenarios... 5 Operation... 5 Architecture and Integration... 6 SAML and OAuth 7 RESTful Web Services 8 Monitoring and Auditing...

More information

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible IT transformation and evolving identities A number of technology trends, including cloud, mobility,

More information