As we all would have already read in the newspapers, Oracle is taking over Sun and the fate of technology offerings from both sides in different areas of direct competition needs to be seen in the days to come. I am, being in the Identity Management industry, particularly curious of the way forward on the offerings that Oracle and Sun have in the IDAM Space.
I am just opening a frank discussion on what will look good if they were to go with only one offering in IDAM space.
Let us look at Oracle. Oracle IDAM is in the leaders quadrant and has been termed the market’s most comprehensive stack. The products are:
• Directory Server - Oracle Internet Directory. Probable not the best in class
• Identity Virtualization - Oracle Virtual Directory. Strong and time tested product right from the times of OctetString.
• Web Access Management - Oracle Access Manager – Strong track record again. Focus on interoperability and scalability.
• Identity Lifecycle Management – Oracle Identity Manager. Once Thor’s best in breed product Xellerate. Supports a host of connectors. Time to Production is still a little high.
• Role and Entitlement Management – Oracle Role Manager and Oracle Entitlement Manager. One from BridgeStream and one from BEA. BEA Entitlement server is a very unique offering in J2EE and SOA Entitlements. BridgeStream is also a market leader, but a tough-to-deploy product.
• Enterprise Single Sign-on – Oracle ESSO – OEM with Passlogix. You know there are only a few. Everywhere you see, it is either actividentity, passlogix or CA.
• Other offerings: Fraud Management – Oracle Adaptive Access Manager, Federation - Oracle Identity Federation, WS-* - Oracle Web Service Manager.
Now let us look at Sun’s IDAM Offerings. They are also the Market leaders according to Gartner…
• Directory Server - SunOne Directory. Best in Breed Directory Server. Heavily deployed and highly scalable.
• Identity Virtualization – Directory proxy and Directory synchronization. Well… not very impressive.
• Web Access Management - Sun OpenSSO (which is a licensed version) and it’s open source version, OpenSSO – Not a very strong product. But emphasis on Open source and features like federation/WS-* capabilities built on to access management itself can be of great advantage.
• Identity Lifecycle Management – Sun Identity Manager. Once Waveset. Largely deployed around the world. This is by far the best IDM product that has cruised on earth.
• Role and Entitlement Management – Vaayu RBACx and Sun Identity Compliance Manager. Strong Market presence for role engineering and management through Vaayu.
• Enterprise Single Sign-on – Partnership with ActivIdentity and Passlogix.
• Other offerings: SoD - Sun Identity Compliance Manager, Open source - initiatives like OpenSSO and OpenPTK.
From what we have seen above, some possible directions that Oracle may pursue could be:
Elimination of OID from Directory Space.
Sun Identity Manager being the roadmap for all OIM deployments.
Key web access management tool to be Oracle Access Manager and extended support for federation and WS-* through Sun OpenSSO
OviD will be the Virtual Directory solution of future from the new Oracle.
What needs to be seen are the developments on areas like Role Management, SoD and SOA/WS/integration layer security.
Let us hope that Oracle can pursue all the Open source initiatives that Sun has been spearheading.
Now if we were to form a consolidated suite of IDAM products, my ideal list would be:
• Directory Server - SunOne Directory. Best in class.
• Identity Virtualization – Oracle Virtual Directory. The impressive OctetString.
• Web Access Management - Oracle Access Manager and Oracle Identity Federation/OpenSSO for options like federation. And OpenSSO in the open source space again.
• Identity Lifecycle Management – Sun Identity Manager. True winner!!!
• Entitlement Management – Vaayu RBACx, Really Really strong.
• Role Management – Vaayu RBACx. Again...
• Enterprise Single Sign-on – Passlogix OEM.
• Other offerings: Oracle products.
• Open Source toolkits – OpenSSO and OpenPTK
Note: These are just my views and you are always welcome to comment!!!
Monday, April 27, 2009
Tuesday, January 27, 2009
ILM "2" Overview
ILM "2" Overview: "ILM '2' builds on the metadirectory, certificate and smart card management and user provisioning available in ILM 2007, and adds a rich management environment including integrated user management, self-service for comprehensive credential management, group management, policy management, and expanded extensibility and connectivity. ILM “2” feature investments is categorized into four areas:
•Policy Management: ILM “2” delivers a framework for identity management automation and integration so all enterprise systems run using the same set of enterprise policies
•Credential Management. With ILM '2' organizations can manage multiple credentials in an integrated manner, using self-service tools that are available through the Windows logon environment for ease of discoverability and use.
•User Management. One of the most important things Microsoft is delivering from a business standpoint is automated, codeless, user provisioning. ILM '2' delivers tools for integrated user management and self-service across enterprise applications without the costly coding of business rules or recoding of the target systems.
•Group Management. ILM ”2” provides powerful capabilities out of the box that help increase the productivity of end users, frees up IT from repetitive tasks and provide better security and compliance outcomes."
•Policy Management: ILM “2” delivers a framework for identity management automation and integration so all enterprise systems run using the same set of enterprise policies
•Credential Management. With ILM '2' organizations can manage multiple credentials in an integrated manner, using self-service tools that are available through the Windows logon environment for ease of discoverability and use.
•User Management. One of the most important things Microsoft is delivering from a business standpoint is automated, codeless, user provisioning. ILM '2' delivers tools for integrated user management and self-service across enterprise applications without the costly coding of business rules or recoding of the target systems.
•Group Management. ILM ”2” provides powerful capabilities out of the box that help increase the productivity of end users, frees up IT from repetitive tasks and provide better security and compliance outcomes."
Subscribe to:
Posts (Atom)