Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.



Similar documents
Connecting Users with Identity as a Service

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES

Enable Your Applications for CAC and PIV Smart Cards

Identity. Provide. ...to Office 365 & Beyond

CA Single Sign-On Migration Guide

The Primer: Nuts and Bolts of Federated Identity Management

UNIVERSITY OF COLORADO Procurement Service Center INTENT TO SOLE SOURCE PROCUREMENT CU-JL SS. Single Sign-On (SSO) Solution

Federated Identity and Single Sign-On using CA API Gateway

Pick Your Identity Bridge

Extend and Enhance AD FS

PingFederate. SSO Integration Overview

MOBILITY. Transforming the mobile device from a security liability into a business asset. pingidentity.com

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications

Flexible Identity Federation

A Standards-based Mobile Application IdM Architecture

Customer Identity and Access Management (CIAM) Buyer s Guide

SAML 101. Executive Overview WHITE PAPER

OPENIAM ACCESS MANAGER. Web Access Management made Easy

The Primer: Nuts and Bolts of Federated Identity Management

Interoperate in Cloud with Federation

OpenID Connect 1.0 for Enterprise

CA Federation Manager

USING FEDERATED AUTHENTICATION WITH M-FILES

How to Extend Identity Security to Your APIs

SECUREAUTH IDP AND OFFICE 365

STRONGER AUTHENTICATION for CA SiteMinder

RSA ACCESS MANAGER. Web Access Management Solution ESSENTIALS SECURE ACCESS TO WEB APPLICATIONS WEB SINGLE SIGN-ON CONTEXTUAL AUTHORIZATION

The Role of Identity Enabled Web Services in Cloud Computing

white paper 5 Steps to Secure Internet SSO Overview

Single Sign On. SSO & ID Management for Web and Mobile Applications

The Top 5 Federated Single Sign-On Scenarios

managing SSO with shared credentials

expanding web single sign-on to cloud and mobile environments agility made possible

Oracle Identity Management for SAP in Heterogeneous IT Environments. An Oracle White Paper January 2007

White Paper. McAfee Cloud Single Sign On Reviewer s Guide

BYE BYE PASSWORDS. The Future of Online Identity. Hans Zandbelt Sr. Technical Architect. CTO Office - Ping Identity

PingFederate. Integration Overview

People-Focused Access Management. Software Consulting Support Services

Simple Cloud Identity Management (SCIM)

Access Management Analysis of some available solutions

Cloud SSO and Federated Identity Management Solutions and Services

Glinda Cummings World Wide Tivoli Security Product Manager

Directory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA

How to Get to Single Sign-On

NCSU SSO. Case Study

NetworkingPS Federated Identity Solution Solutions Overview

Directory Integration with Okta. An Architectural Overview. Okta White paper. Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107

Easy as 1-2-3: The Steps to XE. Mark Hoye Services Portfolio Consultant

MY1LOGIN SOLUTION BRIEF: PROVISIONING. Automated Provisioning of Users Access to Apps

Identity and Access Management for the Hybrid Enterprise

SAP NetWeaver Single Sign-On. Product Management SAP NetWeaver Identity Management & Security June 2011

Product overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities

Identity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control

PRACTICAL IDENTITY AND ACCESS MANAGEMENT FOR CLOUD - A PRIMER ON THREE COMMON ADOPTION PATTERNS FOR CLOUD SECURITY

Cloud Standards. Arlindo Dias IT Architect IBM Global Technology Services CLOSER 2102

Introduction to SAML

CA Technologies Strategy and Vision for Cloud Identity and Access Management

EXECUTIVE VIEW. EmpowerID KuppingerCole Report. By Peter Cummings October By Peter Cummings

White paper December Addressing single sign-on inside, outside, and between organizations

SINGLE & SAME SIGN-ON ASPECTS

pingidentity.com IDENTITY SECURITY TRENDS IN THE MOBILE ERA

Secure the Web: OpenSSO

White Paper. What is an Identity Provider, and Why Should My Organization Become One?

SECURITY AND REGULATORY COMPLIANCE OVERVIEW

Integrating Single Sign-on Across the Cloud By David Strom

OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere.

SAML 101 WHITE PAPER

White paper Contents

The Essential OAuth Primer: Understanding OAuth for Securing Cloud APIs

identity management in Linux and UNIX environments

Security Services. Benefits. The CA Advantage. Overview

Google Identity Services for work

The increasing popularity of mobile devices is rapidly changing how and where we

Office365 Adoption eguide. Identity and Mobility Challenges. Okta Inc. 301 Brannan Street San Francisco, CA

IBM Tivoli Federated Identity Manager

WHITEPAPER. NAPPS: A Game-Changer for Mobile Single Sign-On (SSO)

Identity in the Cloud

How To Manage A Plethora Of Identities In A Cloud System (Saas)

TrustedX - PKI Authentication. Whitepaper

Securely Managing and Exposing Web Services & Applications

API-Security Gateway Dirk Krafzig

ABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES

Security solutions Executive brief. Understand the varieties and business value of single sign-on.

Is Liferay Right for Your Organization? Seven Things to Consider When Choosing a Portal Platform

EXECUTIVE VIEW. Centrify Identity Service. KuppingerCole Report. by Martin Kuppinger January 2015

Onegini Token server / Web API Platform

OpenSSO: Simplify Your Single-Sign-On Needs. Sang Shin Java Technology Architect Sun Microsystems, inc. javapassion.com

An Overview of Samsung KNOX Active Directory and Group Policy Features

nexus Hybrid Access Gateway

Azure Active Directory

WHITEPAPER. 13 Questions You Must Ask When Integrating Office 365 With Active Directory

Identity Management in Liferay Overview and Best Practices. Liferay Portal 6.0 EE

Masdar Institute Single Sign-On: Standards-based Identity Federation. John Mikhael ICT Department

An Overview of Samsung KNOX Active Directory-based Single Sign-On

Transcription:

PingFederate We went with PingFederate because it s based on standards like SAML, which are important for a secure implementation. John Davidson Senior Product Manager, Opower PingFederate is the leading enterprise federation server for standards-based, federated identity management allowing organizations to break free from expensive, inflexible existing stack vendor investments and leverage Next Gen Identity to meet modern business demands, such as federating identities across multiple identity stores, applications and architectures. By integrating silos of identities and applications inside the enterprise, across partners and into the cloud, PingFederate enables: Federated single sign-on (SSO) and identity management. Secure mobile access. API security. Social identity integration. Features Single integrated solution Proven interoperability Secure and standards-based Lightweight, scalable architecture 80+ integrations Multi-protocol support Centralizes cloud access control Supports hundreds of integration use cases Automated user provisioning. PingFederate easily integrates with existing systems and offers standalone deployment for fast implementation. Additionally, PingFederate can be integrated with PingOne and PingAccess to fully support Next Gen Identity and return agility to the enterprise. SaaS Apps Mobile Apps Web Services Enterprise Federation Server Cloud Single Sign-on (SSO) and Federated Identity PingFederate offers users seamless resource access and eliminates password management. Access Policy Management and Adaptive Federation Flexible authentication and access policies give users the convenience of a single set of credentials and IT complete control. Automated User Provisioning Reduce the risk of unauthorized access and orphaned accounts by leveraging PingFederate for provisioning users to and from the cloud. SIEM and Audit Logging Address compliance and regulatory requirements through integration with popular SIEM vendors and reporting tools. 1

It s pretty simple: PingFederate improves employee productivity and saves us time and money. Capabilities and Benefits Single Sign-on (SSO) and Federated Identity Manage all identities and enforce policies from any directory Establish secure, one-click access between identity and service providers Avoid duplicating user directories by leveraging existing IAM infrastructures Lee Tschetter Enterprise Architect, Land O Lakes Bridge identity systems quickly to accelerate new customer and partner relationships, as well as mergers and acquisitions Utilize proven industry standards SAML, OpenID and SCIM to securely transmit user access and provisioning information OAuth, OpenID Connect and WS-Trust to safeguard mobile and API access SSO for Employees Workforce to cloud Internal SSO SSO for Customers and Partners Client-Facing SSO Third-Party Service Aggregation Consumer-Facing SSO Partner-Facing SSO WS-Federation for active (browser) and passive (thick client) use cases, including complete integration with Microsoft Office 365 Multi-Factor Authentication Utilize customized authentication methods to fit any scenario Create rules and authentication chains for sensitive data access or for groups and roles Collect identity attributes from any number of sources, including external identity repositories or attribute services Interact with multiple data sources like JDBC and LDAP to retrieve attributes for tokens, attribute queries and map or link accounts Develop secure access rules based on criteria like physical and logical location and device Integrate with PingID for strong authentication or connect to other strong authentication solutions User Management (Provisioning and Deprovisioning) Enable rapid provisioning and deprovisioning of users Provide users access to the apps and resources they need Centralize control over users Easily add and automate user provisioning and deprovisioning with out-of-the-box support for standards-based provisioning (SCIM) and for proprietary provisioning protocols to many popular SaaS applications Leverage just-in-time user provisioning and account updates based on inbound claims Gain SCIM support for full CRUD operations on user directories Integrate with any user repository (even custom directories) Utilize custom provisioning APIs for popular SaaS applications Integrate flexibility through the Ping Identity SCIM-to-API gateway views and reports for easier, more efficient audits 2

Federation Standard Support SAML 1.0 SAML 1.1 SAML 2.0 WS-Federation OpenID OpenID Connect OAuth 2.0 SCIM 1.1 WS-Security WS-Trust WS-Federation Mobile and API Access Deliver a secure SSO experience for mobile applications Support developers with key mobile identity standards: OAuth and OpenID Connect Deploy identity and access control without refactoring back-end applications Leverage REST and SOAP-based architectures with OAuth, OpenID Connect and WS- Trust support Work with out-of-the-box token translators to facilitate integration with existing applications; and gain a complete and documented SDK to support any custom needs Extendable Architecture Utilize dozens of integrations and a network of pre-integrated applications Leverage your identity infrastructure Provide easy integration with target applications Keep your existing IAM infrastructure Implement IAM projects in hours or days, not weeks or months Bridge identity systems quickly to accelerate new customer and partner relationships, as well as mergers and acquisitions Application Integrations PingFederate integrates with the following applications: Microsoft IIS and Apache HTTP Server IBM WebSphere, Oracle Weblogic, Apache Tomcat and other application servers CA Siteminder, Oracle Access Manager, Tivoli Access Manager, SAP Netweaver and other web access management systems Active Directory, Azure AD, LDAP and other authentication systems RSA SecurID, Symantec VIP, Google Authenticator and other two-factor and strong authentication systems PeopleSoft, ADP, Microsoft Dynamics and other commercial applications Amazon Web Services, Citrix XenApp and other virtualization platforms 3

Top 5 Reasons People Choose Ping Identity: Fortune 100 proven identity management Deployed in the cloud and the data center PingFederate Solutions Federated Access Management PingFederate, when integrated with PingAccess, creates the first ever Federated Access Management solution. This solution enables authentication to users where their identities live, provides access management and centralizes access control for all client types, web browsers, native mobile applications and server-to-server communication. Integrates with 80+ enterprise technologies for fast deployment Enables single sign-on, federated identity, secure APIs, secure mobile access, social integration Enables secure SSO to customer, partner and employee apps Secure Mobile Access As the number and sophistication of mobile applications grow, it is critical to ensure the same access controls as existing applications. Integrate identity into mobile apps using open standards. Ensure all access to mobile application data is controlled and auditable. Future-proof identity and access managment (IAM) platforms by adopting a standardsbased approach to mobile application authorization and access without proprietary agents. API Security Ping Identity lets you secure your APIs using mature identity standards as well as state-of-the-art authentication and authorization protocols. Deliver a personalized experience by leveraging identity instead of restricting access based on obsolete access controls. Provide a secure user experience based on proven identity standards. Quickly and easily audit for fraud and compliance. OAuth Authorization Server: PingFederate is an OAuth Authorization Server (AS), allowing a resource owner (typically an end user) to grant authorization for access to a resource. As an extension of OAuth capabilities, PingFederate supports an optional configuration for OpenID Connect, an emerging protocol for secure, lightweight transfer of authentication and user attributes. Security Token Service (STS): The PingFederate WS-Trust STS allows organizations to extend SSO identity management to Web Services, allowing token exchange and validation for SOAP APIs. Microsoft Interoperability Ping Identity solutions for Microsoft tightly integrate with Active Directory to provide single signon to applications like Office 365, Dynamics and SharePoint. Integrations with on-premises.net and IIS environments are simple with drop-in modules and libraries. Microsoft Office 365: Ping Identity provides complete single sign-on (SSO) and directory synchronization for Office 365, supporting native apps like Lync and Outlook, as well as secure access for Sharepoint and other web-based applications. Users gain access to rich tools on their desktops, smartphones and tablets using a single identity without sacrificing security or encouraging risky password behaviors. 4

On-premises Integrations: Kerberos and Form Authentication: Get Kerberos and HTML form authentication for all of your applications through tight integration with Active Directory, enabling seamless single sign-on regardless of the platform or device..net Applications: Drop in libraries provide easy access to advanced authentication rules, adaptive federation and two-factor authentication so your developers can focus on their applications instead of security. IIS Servers Identity for the Web: A drop-in module for IIS provides secure access to all of your web applications regardless of the identity provider or authentication source. Legacy IAM With older identity management solutions, it can be difficult to meet both business and technical requirements. As your business grows and you acquire a variety of new technologies, your identity solutions need to be flexible and scalable enough to keep up. Ping Identity offers an unmatched portfolio of libraries, adapters and connectors that enable you to easily integrate with your current technologies speeding up development time securely and cost-effectively. Social Identity Integration PingFederate allows users to leverage identities from social sites like Google, LinkedIn, Twitter and Facebook to authenticate and connect employees, partners, customers and consumers to cloudbased applications. Learn More About the Leading Federation Server, PingFederate! Supporting all of the current identity standards including SAML, WS-Federation, WS-Trust, OAuth and OpenID Connect, PingFederate is recognized as a leading federation product today that also future-proofs business tomorrow. To learn more, visit pingidentity.com. 2014 Ping Identity Corporation. All rights reserved. Ping Identity, PingFederate, PingOne, PingEnable, the Ping Identity logo, and Cloud Identity Summit are registered trademarks, or servicemarks of Ping Identity Corporation. All other product and service names mentioned are the trademarks of their respective companies. 7/14.1 About Ping Identity The Identity Security Company Ping Identity believes secure professional and personal identities underlie human progress in a connected world. Our identity and access management platform gives enterprise customers and employees one-click access to any application from any device. Over 1,200 companies, including half of the Fortune 100, rely on our award-winning products to make the digital world a better experience for hundreds of millions of people. For more information, dial U.S. toll-free 877.898.2905 or +1.303.468.2882, email sales@pingidentity.com or visit pingidentity.com. 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information