1 SecurityAccessManger
1 SecurityAccessManger
1 SecurityAccessManger
Agenda
Introducción
IBM Security Access Manager
Federated Identity Manager
IBM Security Directory Integrator
IBM Security Identity Manager
Preguntas
INTRODUCCIÓN
3 © 2012
2014 IBM Corporation
IBM Security Systems
Inteligencia
Integración
Expertise
Access Manager for Access Manager for Directory Integrator & Identity and Access
Web ESSO Server Assurance
9 © 2012
2014 IBM Corporation
IBM Security Systems
Enhanced
IBM Security
Access Manager
ISAM IBM
Registry Directory
+ ISAM
Registry
The ISAM
Embedded Active metadata can
registry which
Directory be on external
can include all
registry
metadata, user
& group data
Oracle
Directory
15 © 2014 IBM Corporation
IBM Security Systems
Scenarios: 3 6
ISDS DB2
Directory Runtime
Server Database
Web Mobile
Web
Web
Mobile
Web
Policy Server
Load Balancer
Distributed Session Cache
Content Protection
Authentication Services
Reverse Proxy
Context/Risk Based Access
OAuth Authorisation Server
Untrusted Application
DMZ
zone zone
Mobile
Web
Content Protection
Reverse Proxy
Policy Server
Distributed Session Cache
Internal LDAP
Internal Runtime Database
Authentication Services
Context/Risk Based Access
OAuth Authorisation Server
Custom action
Default action
WAF : Auditing
23
23 © 2012
2013 IBM Corporation
IBM Security Systems
• Consumer Federation and SSO with support for • Ease of deployment and integration to support
standard protocols like SAML, OAuth, OpenID, WS-Trust rapid Cloud, SaaS and application-level federation
• Built-in B2C self service and authentication for • Cross platform SSO with built-in Security Token
scalability & flexible integration to improve identity Service (STS) transforms between inbound and
assurance outbound security tokens like SAML, Kerberos, LTPA
24 © 2013 IBM Corporation
IBM Security Systems
25 © 2012
2014 IBM Corporation
IBM Security Systems
Key Features
Simplify cloud integrations
and identity silos
Selective
“writes” of
Migrate or co-exist changes to the
original source
Join multiple
directories
Federate authentication
back to original source
Faster integration to support on-boarding of users into IBM Security Access Manager (ISAM)
for both single and multiple directory environments
Greater ease of use and navigability through the new integrated LDAP browser
In-depth user insight with the new Qradar connector, LDAP group connector and Cognos based
reporting features
Other new features like support for SDS client on LE Linux, and enhanced ADSync utility