Governed Migration using Dell One Identity Manager



Similar documents
Dell One Identity Manager Scalability and Performance

Top 10 Most Popular Reports in Enterprise Reporter

How to Deploy Models using Statistica SVB Nodes

Logging and Alerting for the Cloud

SharePlex for SQL Server

Dell One Identity Cloud Access Manager How to Configure vworkspace Integration

DevOps for the Cloud. Achieving agility throughout the application lifecycle. The business imperative of agility

Simplify Your Migrations and Upgrades. Part 1: Avoiding risk, downtime and long hours

Navigating the NIST Cybersecurity Framework

Understanding Enterprise Cloud Governance

Object Level Authentication

Dell Spotlight on Active Directory Server Health Wizard Configuration Guide

formerly Help Desk Authority Quest Free Network Tools User Manual

Dell One Identity Cloud Access Manager How To Deploy Cloud Access Manager in a Virtual Private Cloud

Dell InTrust Preparing for Auditing Cisco PIX Firewall

Data center and cloud management. Enabling data center modernization and IT transformation while simplifying IT management

How To Use Shareplex

Solving the Security Puzzle

Move Data from Oracle to Hadoop and Gain New Business Insights

Dell Migration Manager for Enterprise Social What Can and Cannot Be Migrated

Understanding and Configuring Password Manager for Maximum Benefits

Spotlight Management Pack for SCOM

Best Practices for Secure Mobile Access

Enterprise Reporter Report Library

Proactive Performance Management for Enterprise Databases

Dell One Identity Cloud Access Manager SonicWALL Integration Overview

How to Quickly Create Custom Applications in SharePoint 2010 or 2013 without Custom Code

Quick Connect Express for Active Directory

Go beyond basic up/down monitoring

ChangeAuditor 6.0 For Windows File Servers. Event Reference Guide

Quest vworkspace Virtual Desktop Extensions for Linux

Defender Delegated Administration. User Guide

Dell Statistica. Statistica Document Management System (SDMS) Requirements

New Features and Enhancements

Dell One Identity Cloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0

Dell InTrust Preparing for Auditing CheckPoint Firewall

Identifying Problematic SQL in Sybase ASE. Abstract. Introduction

Moving Single Sign-on (SSO) Beyond Convenience

Achieve Deeper Network Security

Best Practices for an Active Directory Migration

Introduction to Version Control in

Getting Agile with Database Development

Dell vworkspace Supports Higher Education s Desktop Virtualization Needs

Dell NetVault Backup Plug-in for Advanced Encryption 2.2. User s Guide

Desktop Authority vs. Group Policy Preferences

ChangeAuditor 5.6. For Windows File Servers Event Reference Guide

2.0. Quick Start Guide

Dell One Identity Cloud Access Manager How to Configure for High Availability

Security Analytics Engine 1.0. Help Desk User Guide

Types of cyber-attacks. And how to prevent them

10 easy steps to secure your retail network

Organized, Hybridized Network Monitoring

Dell Statistica Statistica Enterprise Installation Instructions

Dell InTrust Preparing for Auditing Microsoft SQL Server

Security Features in Password Manager

Dell Unified Communications Command Suite - Diagnostics 8.0. Data Recorder User Guide

Quest Collaboration Services How it Works Guide

Spotlight Management Pack for SCOM

Dell Enterprise Reporter 2.5. Configuration Manager User Guide

Dell Statistica Document Management System (SDMS) Installation Instructions

Dell InTrust Preparing for Auditing and Monitoring Microsoft IIS

Quest Collaboration Services 3.5. How it Works Guide

Dell One Identity Quick Connect for Cloud Services 3.6.0

4.0. Offline Folder Wizard. User Guide

Achieve Deeper Network Security and Application Control

Dell NetVault Backup Plug-in for SQL Server

Web Portal Installation Guide 5.0

Foglight. Dashboard Support Guide

Dell One Identity Manager 7.0. Help Desk Module Administration Guide

Dell One Identity Cloud Access Manager How to Configure Microsoft Office 365

Dell One Identity Quick Connect for Cloud Services 3.6.1

formerly Help Desk Authority HDAccess Administrator Guide

Quest ChangeAuditor 5.1 FOR ACTIVE DIRECTORY. User Guide

2007 Quest Software, Inc. ALL RIGHTS RESERVED. TRADEMARKS. Disclaimer

Reverse Proxy Three Myths Busted

Using Self Certified SSL Certificates. Paul Fisher. Quest Software. Systems Consultant. Desktop Virtualisation Group

11 ways to migrate Lotus Notes applications to SharePoint and Office 365

formerly Help Desk Authority Upgrade Guide

Dell NetVault Backup Plug-in for SQL Server 6.1

Foglight. Managing Hyper-V Systems User and Reference Guide

Quest InTrust for Active Directory. Product Overview Version 2.5

Active Directory Auditing: What It Is, and What It Isn t

Dell One Identity Cloud Access Manager Installation Guide

How To Protect Your Active Directory (Ad) From A Security Breach

FOR WINDOWS FILE SERVERS

Datacenter Management Optimization with Microsoft System Center

Quest SQL Optimizer 6.5. for SQL Server. Installation Guide

Transcription:

Governed Migration using Dell One Identity Manager How Dell Identity Manager not only reduces migration costs and improves migration outcomes, but delivers ongoing value Abstract Sooner or later, your organisation will face the requirement to migrate identities and related data from one platform to another, or to consolidate multiple platforms into a single platform. For example, you might be looking to minimise administrative or infrastructure costs, update your technology platform, or complete a merger or acquisition. Traditionally, migrations and consolidations involve a great deal of manual effort one-time, throw-away effort that advances the migration but delivers no ongoing value to the organisation. This technical brief offers an alternative, explaining how an identity governance and administration (IGA) platform like Dell One Identity Manager can not only save money and drive a great outcome for your migration or consolidation project, but benefit many future projects as well. Introduction Drivers for migration and consolidation projects Migration and consolidation projects take many shapes. Some organisations need a straight migration from an existing Active Directory environment to a freshly designed structure in order to facilitate environmental cleanup, such as removal of legacy directory constructs from poor practices, product explosion or other causes. Other organisations need to consolidate one or more source platforms to a single (existing or new) platform due to business mergers or acquisitions, process changes, rapid expansion or downsizing. For simplicity, this paper will refer to all of these projects as migration projects.

More often than not, migration projects are a pure cost to the business, regardless of justification manual effort is expended in a one-time, throwaway effort. Project phases For medium to large organisations, a migration project typically includes the following phases: Project initialisation and planning Planning begins by establishing the project s goals and obtaining the appropriate business approvals. This includes project justification and quantifiable outcomes such as scope and timeline. Business analytics Next, you need to determine the appropriate sources and targets, processes, influencers, approvals and attestation cycles, governance (both during and after the project), and future mode of operation (FMO). Design of target state, population method and management strategy Most organisations will want to create a detailed design of the target state, ensuring that it meets governance and other FMO requirements. This design process should follow agile methodologies and be repetitive in nature, since business agility cannot be achieved via a single long-term narrative initiated on a pointin-time snapshot of legacy processes and data. The design should include both population via migration (the creation of entities and related data points) and ongoing management (application of a governance framework and maintenance of the environment during and after the co-existence period). The migration itself, including co-existence The migration process should allow easy management and monitoring, and enable rollback when problems arise. Plus, since migrations often take weeks or months, the process needs to ensure seamless co-existence between the source and target platforms to avoid user frustration and business disruption. Governance over the target platform needs to be enforced from day one during the migration and maintained during the co-existence period. Post-project cleanup, including legacy system deprecation Once the migration is complete and the target environment is performing as designed, the source environments can be deprecated. In the target environment, governance should be formalised and processes should be optimised to maximise the value of the migration project. Choosing the right tools Each stage of the migration project can be completed via manual processes (such as the use of scripts) or simplified with the use of one or more tools. The traditional approach is to employ manual processes for most phases of the project (planning, analysis, design and cleanup), along with one or more platform-specific migration tools such as Dell Migration Manager for Exchange or Dell Migrator for Notes to SharePoint. Figure 1 shows the co-existence of platform-specific migration tools with the centralised identity governance and administration framework tool. Contributing systems Identity governance and administration Source platform Workflow managed Platform-specific migration tool Target platform Figure 1. Platform-specific migration tools coexisting with the centralised IGA framework tool 2

However, more often than not, migration projects are a pure cost to the business, regardless of justification manual effort is expended in a one-time, throw-away effort. Where the business can reap incremental return on their project investment is in the choice of tools and the framework they are used within. Good analytical tools provide visualisation of complex environments, including role structures, business logic and processes and alternative entitlement inheritance; this visualisation not only simplifies the migration but facilitates proper governance of the target environment. In this approach, the platform-specific migration tools perform the heavy lifting, and the IAG framework delivers the real business value. Environment co-existence is managed and governed; self-service options put responsibility into the proper hands; no post-project cleanup is needed; and full auditing and reporting is at everyone s fingertips at each step. Dell One Identity Manager Components Identity Manager provides a comprehensive IGA framework that simplifies major identity and access management tasks including migration and consolidation projects to a fraction of the complexity, time and expense of traditional framework solutions. The relevant components of Identity Manager, which are installed via a single SETUP.EXE process, are illustrated in Figure 2. They include: The central database Stores information about all managed and unmanaged identities and related things, context, entitlements, permission and policy settings, along with Identity Manager configuration data specifically, source platform identity and business analytical data; organizational unstructured data and the relevant identity relationships maintained; target platform business and compliance rules; company policies; and contextual and relational identity information The web portal (running on a web server) Provides web-based user self-service, as well as management tools such as reporting, attestation and compliance visualisation Administrative front-end Enables the configuration of business rules, role components, governance frameworks and connectivity to target systems One or more servers running job services and the required interfaces to target systems Provide an interface to source systems for consumption of analytical data and target systems for governed lifecycle management Identity Manager provides a comprehensive IGA framework that simplifies major identity and access management tasks including migration and consolidation projects. Interface Web portal IIS Other target systems Connector AD SAP LDAP SAMBA SP Exch NOTES Admin front end D1IM database Connector server s Figure 2. The relevant components of Identity Manager 3

None of the effort expended anywhere in this approach is thrown away. Accelerated installation and configuration A typical IGA solution comprises multiple bespoke components interfaced to provide a cohesive framework. Foundational components must be installed and configured before business outcomes can be recognised a cumbersome implementation approach that has always been a limiting factor in migration projects. Identity Manager, on the other hand, provides a comprehensive IGA framework that is deployed as a single consolidated architecture yet presented in a simplified, modular and function-specific fashion. Although all foundational capabilities are installed at initial installation (by running a single setup.exe file), specific functions can be invoked and configured independently. This approach offers multiple direct business advantages. For example, with minimal work and project impact, you can quickly configure the Identity Manager database, server and web portal to deliver visual representation of identities and their relationships across multiple systems, facilitating both pre-migration analysis and post-migration governance. Figure 3 presents a subset of the Identity Manager functional architecture, highlighting the modular configuration for connecting non-invasively to one or more Active Directory instances for analysis. Re-usable business initiatives As noted earlier, performing pre- and post-migration project work manually results in significant costs in what is essentially a one-off, throw-away effort. Using a framework instead allows incremental realisation of value. Basic identity analytics is deployed early, followed by lifecycle management functionality and then governance framework components. None of the effort expended anywhere in this approach is thrown away. All inputs are captured and managed via the Abstraction and presentation layer Role- and attributebased access control Enterprise role management Audit trail Timetrace and history Query and interface layer Compliance automation Data goverance Requests and approvals workflow Risk calculator Recertification Data analytics Business process layer Unified name space Subscription-based reporting Accounting and chargeback Provisioning automation layer AD Figure 3. The Identity Manager IAG solution allows for modular configuration so, for example, you can quickly connect to your Active Directory instances and perform pre-migration analysis. 4

framework during the project, and then outcomes are enforced during coexistence and post-project phases. Basic lifecycle management self-service is extended to the user, simplifying the migration process with functionality such as notification, workflow approval processes and post-migration reporting. The IGA framework governs the creation and management of the new entities in the target platform, deprecation of the legacy platform, and all required reporting throughout the migration process. The business analysis phase of a migration process determines migration factors such as target system population, placement of entities, relationships (dynamic and static) between entities, entitlements granted, decision processes, rules and control points. However, this analysis is usually based on a snapshot in time of the systems involved. As business agility dictates changes in both source systems and (more importantly) target system functional requirements, a singlesnapshot approach becomes an inhibitor to agile business outcomes. Poor processes (let s call them workarounds ) that are part of day-to-day operations in the source systems are often carried through to the target environment. The analytical capabilities of the Identity Manager framework, on the other hand, are comprehensive and multi-layered, so input can be taken non-invasively from multiple target systems and used within hierarchical decision points. For example, the entitlement-granting and attestation processes in the target system can be made to meet new requirements instead of simply copying legacy processes. Conclusion Organisations can no longer afford a traditional migration or consolidation project that requires extensive throwaway manual effort and delivers a sub-optimal target environment. Today, there is an alternative. By implementing an identity governance and administration framework like Identity Manager, your organisation can simplify and speed your migration project while ensuring proper structure and governance in your target environment and many future projects will continue to benefit from the initial investment. The Identity Manager framework is modular and easy to deploy. The interface is simple to navigate, designed for the line of business manager, not the IT department. By empowering responsible people in your organisation to perform yet be accountable, Identity Manager enables your business to move rapidly but in a governed fashion. For more information, please visit software.dell.com/products/identitymanager. About the author John Whale is APJ region director of sales for identity and access (IAM) management at Dell Software Group. He has regional responsibility for the business unit, including localised product management and R&D, marketing, and sales, and also provides input to professional services and technical support with respect to IAM. John joined Dell Software (formally Quest Software) in 2011 after more than 31 years in information and technology, 23 of those in the software industry and 17 of those specializing in IGA frameworks, secure information and event management, and data governance. John has worked with various vendor development teams over the years, architecting and developing innovative products supporting Identity, security and compliance. John provides a unique combination of technical depth and broad market awareness from years of hands-on leadership with extensive enterprise customer engagement in the area of identity governance and administration, along with exceptional communication skills. By empowering responsible people in your organisation to perform yet be accountable, Identity Manager enables your business to move rapidly but in a governed fashion. 5

For More Information 2014 Dell, Inc. ALL RIGHTS RESERVED. This document contains proprietary information protected by copyright. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording for any purpose without the written permission of Dell, Inc. ( Dell ). Dell, Dell Software, the Dell Software logo and products as identified in this document are registered trademarks of Dell, Inc. in the U.S.A. and/or other countries. All other trademarks and registered trademarks are property of their respective owners. The information in this document is provided in connection with Dell products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of Dell products. EXCEPT AS SET FORTH IN DELL S TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT, DELL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL DELL BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF DELL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Dell makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice. Dell does not make any commitment to update the information contained in this document. About Dell Software Dell Software helps customers unlock greater potential through the power of technology delivering scalable, affordable and simple-to-use solutions that simplify IT and mitigate risk. The Dell Software portfolio addresses five key areas of customer needs: data center and cloud management, information management, mobile workforce management, security and data protection. This software, when combined with Dell hardware and services, drives unmatched efficiency and productivity to accelerate business results. www.dellsoftware.com. If you have any questions regarding your potential use of this material, contact: Dell Software 5 Polaris Way Aliso Viejo, CA 92656 www.dellsoftware.com Refer to our Web site for regional and international office information. 6 TechBrief-GovernedMigration-US-VG-25495

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information