TO DEPLOY A VIRTUAL DIRECTORY TOP THREE REASONS. White Paper June 2009. Abstract



Similar documents
Integrating Ingres in the Information System: An Open Source Approach

Building a Cloud-Ready, Future-Proof Identity Infrastructure:

Highmark Unifies Identity Data With Oracle Virtual Directory. An Oracle White Paper January 2009

Integrating data in the Information System An Open Source approach

Successfully managing geographically distributed development

Can I customize my identity management deployment without extensive coding and services?

CROSS PLATFORM AUTOMATIC FILE REPLICATION AND SERVER TO SERVER FILE SYNCHRONIZATION

Business Case for Voltage Secur Mobile Edition

Dell and JBoss just work Inventory Management Clustering System on JBoss Enterprise Middleware

IBM Content Integrator Enterprise Edition, Version 8.5.1

can I customize my identity management deployment without extensive coding and services?

Security Services. Benefits. The CA Advantage. Overview

Advanced virtualization management for Hyper-V and System Center environments.

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

Product overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities

Citrix Ready Solutions Brief. CA Single Sign-On and Citrix NetScaler: Quickly Adapt to Your Dynamic Authentication Demands. citrix.

CA Federation Manager

Federated Directory Services

Double-Take Replication in the VMware Environment: Building DR solutions using Double-Take and VMware Infrastructure and VMware Server

McAfee Certified Product Specialist McAfee epolicy Orchestrator

Open Directory. Apple s standards-based directory and network authentication services architecture. Features

MANAGEMENT AND ORCHESTRATION WORKFLOW AUTOMATION FOR VBLOCK INFRASTRUCTURE PLATFORMS

Advanced virtualization management for Hyper-V and System Center environments

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.

Flexible Identity Federation

Top Three Reasons to Deliver Web Apps with App Virtualization

An Oracle White Paper August Oracle OpenSSO Fedlet

Storage Infrastructure as a Service

CA SiteMinder SSO Agents for ERP Systems

White paper December Addressing single sign-on inside, outside, and between organizations

Hitachi Cloud Services Delivered by Hitachi Data Systems for Telco Markets

TECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management

Enterprise Incentive Management

The Primer: Nuts and Bolts of Federated Identity Management

ENZO UNIFIED SOLVES THE CHALLENGES OF OUT-OF-BAND SQL SERVER PROCESSING

identity management in Linux and UNIX environments

Avoid the Hidden Costs of AD FS with Okta

Data Sheet: Storage Management Veritas Virtual Infrastructure Bringing enterprise-class storage management to virtual server environments

These requirements led to several challenges in deploying identity related applications within the enterprise:

CA Service Desk Manager

The Top 5 Federated Single Sign-On Scenarios

BEA AquaLogic Integrator Agile integration for the Enterprise Build, Connect, Re-use

SOLUTION BRIEF Citrix Cloud Solutions Citrix Cloud Solution for Disaster Recovery

StorageX 7.5 Case Study

Using EMC Documentum with Adobe LiveCycle ES

Veritas Enterprise Vault.cloud for Microsoft Office 365

The Role of Federation in Identity Management

Improving customer satisfaction and operational efficiencies with a proven portal solution.

OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere.

Running Oracle s PeopleSoft Human Capital Management on Oracle SuperCluster T5-8 O R A C L E W H I T E P A P E R L A S T U P D A T E D J U N E

ElegantJ BI. White Paper. The Enterprise Option Reporting Tools vs. Business Intelligence

IBM Tivoli Directory Integrator

Understanding Object Storage and How to Use It

Web Access Management. RSA ClearTrust. Enhancing control. Widening access. Driving e-business growth. SSO. Identity Management.

What s New in Centrify Privilege Service Centrify Identity Platform 15.4

ORACLE BUSINESS INTELLIGENCE SUITE ENTERPRISE EDITION PLUS

Authentication Integration

The IBM Cognos Platform

Transform your customer relationships. Avanade Customer Relationship Management Services

IBM Tivoli Service Request Manager

Oracle Directory Services Integration with Database Enterprise User Security O R A C L E W H I T E P A P E R F E B R U A R Y

End-to-end Processing with TIBCO Managed File Transfer (MFT) Improving Performance and Security during Internet File Transfer

The Power And Use of FireScope Unify ESB

ORACLE BUSINESS INTELLIGENCE SUITE ENTERPRISE EDITION PLUS

Consolidate and Virtualize Your Windows Environment with NetApp and VMware

Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption

The Primer: Nuts and Bolts of Federated Identity Management

Oracle Identity Management Concepts and Architecture. An Oracle White Paper December 2003

Exchange Online. Helps Solve IT Challenges WHITEPAPER

Tips and Best Practices for Managing a Private Cloud

How Cisco IT Migrated to Microsoft Active Directory

OpenSSO: Simplify Your Single-Sign-On Needs. Sang Shin Java Technology Architect Sun Microsystems, inc. javapassion.com

RSA SecurID Two-factor Authentication

Eliminating End User and Application Downtime. Continuous Availability for your Business Applications

VERITAS Business Solutions. for DB2

Citrix OpenCloud Access. Accelerate cloud computing adoption and simplify identity management.

Securing and protecting the organization s most sensitive data

Advanced Service Desk Security

Virtualization s Evolution

How To Use Ibm Tivoli Monitoring Software

Enabling the Path to Private Cloud: Self-Service

IBM Tivoli Identity Manager

Introduction to Virtual Datacenter

Fedora Directory Server FUDCon III London, 2005

Credit Suisse Develops and Deploys SOX 404 Compliance Solution using SQL Server 2005

FileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution.

Veeam Backup & Replication Enterprise Plus Powered by Cisco UCS: Reliable Data Protection Designed for Virtualized Environments

Controlling Web Access with BMC Web Access Manager WHITE PAPER

White Paper: Nasuni Cloud NAS. Nasuni Cloud NAS. Combining the Best of Cloud and On-premises Storage

An Oracle White Paper September Directory Services Integration with Database Enterprise User Security

Security solutions Executive brief. Understand the varieties and business value of single sign-on.

Transcription:

TOP THREE REASONS TO DEPLOY A VIRTUAL DIRECTORY White Paper June 2009 Abstract A virtual directory presents a single, consolidated view of disparate identity data to organizations dealing with diverse legacy resources as a result of ongoing growth, mergers and acquisitions, or collaboration with other organizations. Sun offers a virtual directory capability as part of its Directory Server Enterprise Edition offering that requires no additional licensing or other technology investment.

Table of Contents Executive Summary...1 Reason #1: End Costly Identity Sprawl...2 Scenario #1... 2 The Challenge... 2 The Solution... 2 The Benefit... 2 Reason #2: Meet Aggressive M&A Deadlines...4 Scenario #2... 4 The Challenge... 4 The Solution... 4 The Benefit... 4 Reason #3: Federate Faster and Deliver Services Sooner... 6 Scenario #3... 6 The Challenge... 6 The Solution... 6 The Benefit... 6 About Sun Directory Services...8 Conclusion...9

1 Top Three Reasons to Deploy a Virtual Directory Chapter 1 Executive Summary Growing stores of disparate identity data are inevitable in today s enterprise, where increasing numbers of users and applications are the rule rather than the exception. Consolidating these stores of data can be essential to controlling IT administration costs and achieving business goals. One way to do this is to employ a virtual directory that aggregates user identity information from multiple data repositories and presents a consolidated view of all the information. While enabling a single view of data from multiple sources is much faster and more efficient than creating a physical directory infrastructure for that purpose, it also preserves underlying secure IT infrastructures when multiple organizations are involved, since the data is not actually replicated or moved out of its original environment. Today, there are three particularly notable reasons to consider a virtual directory. Deploying a virtual directory to address these issues can help the enterprise accelerate progress toward business goals and, at the same time, keep costs under control. 1. Costly identity sprawl that results from running legacy applications that have different identity attributes 2. Aggressive merger-and-acquisition timelines for integration of new identity data into existing directory structures 3. The need to federate faster and deliver services sooner by speeding information sharing and access to services among collaborating partners Sun offers a virtual directory capability as a part of its Directory Server Enterprise Edition offering with no additional licensing required. Sun s solution offers the following specific advantages: No need for data synchronization. Synchronization of different data stores (LDAP and SQL, for example) takes processing time and introduces undesirable data latency to the process of accessing data from multiple sources. Ability to leverage existing directory investments. Because the virtual directory is a standard component of Sun s enterprise directory offering, there is no additional technology investment required. Rapid data consolidation, integration, and federation. Enterprises that are collaborating to deliver new services can get to market faster because they can quickly share identity information. This paper will explore the three reasons for virtual directory deployment and illustrate how deploying Sun s virtual directory successfully addresses each one.

2 Top Three Reasons to Deploy a Virtual Directory Chapter 2 Reason #1: End Costly Identity Sprawl At a time when controlling costs has assumed the highest priority for many businesses, it s not unusual for companies to look at consolidating or eliminating datacenter legacy applications to reduce the need for IT resources. The fewer applications, the fewer servers will be required which can help meet power and other cost reduction targets and the fewer administrative resources will be needed to manage technology in the datacenter. In the following example, Sun s virtual directory is part of an end-to-end solution for streamlined identity and access management in the datacenter. Scenario #1 The Challenge After years of ad hoc growth, a large services-driven company with a widely distributed external network of agents is running more than 7,000 disparate applications and managing more than a million internal and external identities. With datacenter costs skyrocketing and operational efficiency suffering, the company decides to replace its disjointed identity and access management framework with a streamlined, consolidated infrastructure based on Sun technology including Sun Directory Server Enterprise Edition and its virtual directory capabilities. The Solution A virtual directory is critical to enabling consolidation in the datacenter. In the example described above, its role is to integrate identity stores from the thousands of applications that the company operates internally. Sun s virtual directory makes it possible to connect to a multitude of legacy applications (such as Microsoft Active Directory, OracleID, DB2, PeopleSoft, or MySQL) to bring together identity data from them into one consolidated directory view and to do so without having to change any application code. Beyond that, it can also be used to integrate external identity data from the agents and partners with whom the company does business. Virtual directory capabilities are integrated into Sun Directory Server Enterprise Edition, as illustrated in Figure 1. The virtual directory can be used to pull user identity information from disparate data sources both within and beyond the enterprise and present it to applications in a single, unified view. The Benefit In this scenario, Sun s virtual directory is helping to reduce the cost of managing identities by consolidating attributes from thousands of applications. It s part of a larger solution that is using consolidation to significantly shrink the company s

3 Top Three Reasons to Deploy a Virtual Directory hardware infrastructure and cut its datacenter costs accordingly. Applications Browser Phone Client DSEE Virtual Directory Proxy Server DPS LDAP RDMS Microsoft AD Flat File Identity Data Sources Figure 1. Overview of Sun Virtual Directory

4 Top Three Reasons to Deploy a Virtual Directory Chapter 3 Reason #2: Meet Aggressive M&A Deadlines Integrating user identities after merger-and-acquisition (M&A) activity can be a tremendously difficult undertaking. But the challenge isn t just integrating user identity data; it s integrating it quickly, according to the kind of aggressive postmerger timeline that s typical today. The following example presents a scenario in which Sun s virtual directory makes it possible to meet a demanding schedule for integrating employee identities and to do so without any additional investment in directory services. Scenario #2 The Challenge Let s say Company A has announced plans to acquire Company B, with merged operations to begin two months hence. This raises a number of operational issues: Will the latter s employees will be able to use the former s mail server from the first day of combined operations? Will they be able to use their existing usernames and passwords? Will Company B applications that continue to exist after the acquisition be able to access legacy identity attributes from before the acquisition? Success relies on being able to immediately unify the separate data stores that are involved. Waiting for physical network changes and system consolidations is not a viable option, given the timeline for integration. The Solution A virtual directory can help by enabling the directories of the two merging companies to appear as a single directory. This way, information from Company B can be viewed in the format that Company A s applications require. For example, imagine that you have two directories, dc=example, dc=com and dc=acquisition, dc=com. But you have applications that need both directories to look like dc=example, dc=com. With a virtual directory, that is how both directories will appear. Figure 2 illustrates how identity data from an acquired company s directory is transformed when viewed through Sun s virtual directory. The directory appears to the acquiring company s applications as no different from its own existing directory. The Benefit In this scenario, Sun s virtual directory enables a company to not only navigate complex data ownership issues after an acquisition, but also to meet aggressive timelines for completing the integration of user identities. This results in better productivity for employees and the overall business. Furthermore, the company can accomplish these goals by leveraging its existing Sun directory services solution.

5 Top Three Reasons to Deploy a Virtual Directory Applications Browser Phone Client Sun Directory Enterprise Server DPS LDAP RDMS Microsoft AD Flat File LDAP RDMS Microsoft AD Flat File Identity Data Sources: Company A Identity Data Sources: Company B Figure 2. Merging user data from an acquired directory

6 Top Three Reasons to Deploy a Virtual Directory Chapter 4 Reason #3: Federate Faster and Deliver Services Sooner Dealing with multiple data repositories is a given when an enterprise is working with external entities to achieve business goals. Collaborating with partner organizations, outsourcing non-core activities, federating with clouds these are all examples of circumstances under which directories should not necessarily be consolidated, but the identity information in them needs to be shared. In the following example, Sun s virtual directory plays a key role in enabling information to be shared securely. Scenario #3 The Challenge Suppose a company wants to create a new portal that shares information and services with customers and partners. Customers identity information that needs to be shared as part of this initiative is contained in two legacy applications. The challenge is therefore two-fold: 1) to combine information from both repositories so that it can be easily accessed and managed, and 2) to federate so that information from the two repositories can be shared externally without compromising login and password information. The Solution A virtual directory can address collaboration, outsourcing, and similar challenges by exposing data attributes from different repositories and combining them in a single view that applications can then leverage. This is the first step for the company creating the portal in the example described above. Once it has combined identities and attributes from the two identity stores using Sun s virtual directory, the company can use the Sun OpenSSO Enterprise solution to federate with its partners. OpenSSO Enterprise is a federation solution that uses the industry-leading SAML federation standard to achieve secure application interoperability in heterogeneous technology environments. The Benefit In this scenario, Sun s virtual directory works in tandem with its federation solution to enable information and services delivery. The virtual directory speeds federation by efficiently combining the appropriate attributes into a single view, while OpenSSO Enterprise enables secure access to company resources by customers and partners. As a result, the company can leverage its existing investment in Sun directory services, as well as take advantage of federation services from the same source.

7 Top Three Reasons to Deploy a Virtual Directory Federate Faster Browser Phone Client Identity Data Sources DSEE Virtual Directory Proxy Server Identity Provider Circle of Trust Service Provider LDAP Multi- Federation Health Care Application SAML v2 SAML v2 RDMS Microsoft AD DPS ID-FF 1 Retirement Planning ID-FF 1 WS-Federation Stock Options Application Flat File WS-Federation OpenSSO Figure 3. Virtual Directory and OpenSSO-based Federation

8 Top Three Reasons to Deploy a Virtual Directory Chapter 5 About Sun Directory Services Sun Directory Server Enterprise Edition provides full-featured directory services for securely storing, retrieving, and managing identity data in enterprise environments. Highlights of the offering include: Support for virtual directory capabilities On-demand password synchronization with Microsoft Windows environments Multimaster replication, load balancing, and automatic failover for enterpriseclass availability Ability to perform backup, reindexing, and other management operations online, with no impact on availability Superior scalability to reduce costs by decreasing the number of systems that must be deployed Centralization and aggregation of identity information Proxy services to prevent denial-of-service (DoS) attacks and unauthorized access Web-based console for management of the overall service

9 Top Three Reasons to Deploy a Virtual Directory Chapter 6 Conclusion Dealing with stores of disparate identity data is inevitable today, whether across legacy resources within enterprises, across resources in different organizations, as the result of merger-and-acquisition activity, or as part of a collaboration with partner companies. As the amount of data grows, it becomes increasingly unfeasible to create a physical directory infrastructure within which to view the data as a whole. A virtual directory is a faster and more efficient vehicle with which to achieve a consolidated view of identity data from multiple sources. Sun Directory Server Enterprise Edition includes a virtual directory as part of its basic capabilities, enabling organizations to deploy a virtual solution without additional technology investment.

Top Three Reasons to Deploy a Virtual Directory 4150 Network Circle, Santa Clara, CA 95054 USA Phone 1-650-960-1300 or 1-800-555-9SUN (9786) Web sun.com 2009 All rights reserved. Sun, Sun Microsystems, and the Sun logo are trademarks or registered trademarks of or its subsidiaries in the United States and other countries. Information subject to change without notice. Printed in USA 06/09 565278

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information