what's new in novell identity manager 4.0

What's New in Novell® Identity Manager 4

© Novell, Inc. All rights reserved.2

Presenters

Bob Bentley

Product Line Lead

Kamal Narayan

Product Manager

Yogesh Rao

Product Manager


Agenda

• Introduction

• Major New Features in IDM4

• Architectural Enhancements

• New Integration Modules and Tools

• Product Editions

• Summary/Question and Answers

Novell® Identity Manager 4Brief Introduction


Novell® Identity Manager

Enable your organization to be more open and agile without limiting security, control or compliance.

Integrate, automate, and secure access to information for customers, partners, and employees.

Maintain clear visibility of people, actions, and compliance, past and present.

The result: Simplify and secure the enterprise while controlling costs and meeting regulatory demands.


Your Identity Challenges

• Provisioning new users - Users wait up to 3 weeks for activated accounts

• Managing users - Help desk costs $25-40 per call for password resets, with 25-35% of calls related to password resets

• IT dependence – Lost efficiency because of dependency upon scarce IT resources for user access needs

• De-provisioning users - 30-60% of existing accounts are invalid• Deploying new initiatives - Up to 30% of development time is for

controlling access to applications and data• Reconciling user data - 100+ user data sources at typical firm

provide out-of-sync and untrustworthy identity data• Protecting trust - Many new privacy and regulatory requirements

around the world• Achieving compliance – Up to 25% of IT budget is consumed to

support compliance


How Does Novell® Identity Manager Help?Security• Revoke system access in minutes, not

days

• Manage all password policies centrally

• People get access to only what they need based on business roles

• Eliminate siloed and duplicative systems

Compliance• Clear visibility into who has access to

what, when and how they got it, and who approved it

• Historical/forensic review of access

• Insightful risk metrics illuminate compliance conflicts

• Easy policy updates to stay current

• Instant documentation for auditors

Cost• Reduce your help desk costs by 40%

• Automate manual processes and work-flows

• Extend the value of legacy applications

• Simplified implementation and administration

• End vendor lock-in and high switching costs

Agility• Integrate new businesses in days, not

months

• Hire a new employee and have all their systems ready automatically on their start date

• Empower users with provisioning control

• Have business decisions drive IT and not the other way round


Identity Manager in Operation

Promotion

Forgot Password

Password Expires

x?

New Project

Move Locations

Employee,Customer,Partner,Volunteer

RelationshipBegins

Auditor,Security Lead

Manager,Resource Owner

PROVISION ROLE-BASED USERADMINISTRATION

REQUEST ANDAPPROVAL

PASSWORDMANAGEMENT

RelationshipEnds

PASSWORDMANAGEMENT

REPORT ANDMONITOR


Industry's Best Partners

Nearly 7000 Customers

Awards andAccolades

Novell® Identity Manager 4Major New Features


Identity Manager Architecture Logical View

ApplicationsDirectories

OS and File Systems

DatabasesTelephone and Building Access

Help DeskCloud and SaaS

Credentialing

Real-time Data Integrity

RBAC Model

Work-flow System

Identity Vault

White Pages/ Self-Service/ Pwd Mgmt

Business Resource Request

Role-based User Mgmt/ Deleg Admin

Approval Work-flow

Key Functional Capabilities

Mobile WebtopYour Portal/

Web Services/ Custom

Business Managers

CISO Compliance/ Auditor

Employees

Major Components

Connectors

Customers/ Partners/

Contractors

Advanced Reporting

and Metrics

Historical Reporting

Warehouse

Developers and Consultants

Role and Policy

Mapping

Compliance Content

Open APIs Deployment and Mgmt

Tools


Advanced Reporting and Metrics

• Insightful reports– Variety of out-of-the-box report templates– Reporting on present and past states,

plus activity over time– Spans both the Identity Vault and connected systems– Ready report customization through open report

template standards

• Robust automation– Visual report scheduling – one time or recurring– Policy-based data collection and storage– Automatic report distribution to critical stakeholders

and storage of completed reports

• Powerful compliance support– Current and forensic review of identity and user

provisioning related data

Meaningful insight into how your organization's mission critical user provisioning is operating, and the ability to prove compliance.


Advanced Reporting and MetricsOverview Dashboard

[screen shots]


Advanced Reporting and MetricsDefining a Report to Run

[screen shots]


Advanced Reporting and MetricsRepository of Defined and/or Scheduled Reports

[screen shots]


Advanced Reporting and MetricsManaging the Report Scheduler

[screen shots]


Advanced Reporting and MetricsSample Completed Report

[screen shots]


Policy Mapping and Integration

• Role Mapping Administrator– Automatically discovers authorizations that can be

granted within your major IT systems– Allows business users (not just consultants, IT staff or

developers) to define and maintain which authorizations are associated with business roles

– Result: associated authorizations are automatically provisioned to business role members

• Breakthrough innovation in how your identity system is “programmed”

– Visual, drag and drop, business-user-friendly tool– Order-of-magnitude reduction in time, effort, cost– Applies to both initial setup and ongoing maintenance

of policy to keep it business-relevant

• Sustainable access compliance – Works between Novell® IDM, SAP, SharePoint, etc.

Letting business users Intelligently connect the policy dots between the major IT systems your organization depends on.


Role Mapping Administrator

Enterprise RolesExamples:• Regional Sales Mgr• ICU Nurse

Authorizations

Items that can be granted to users (accounts, roles, transactions, group memberships, etc.)

Examples:• Run sales pipeline report• Access to drug dispensing system

RMA Puts it all on One Screen• Shows all Enterprise Roles configured in

Novell® IDM• Discovers and retrieves all Authorizations

in the connected systemBusiness Analyst• Drags Authorizations on to Roles—

associating the Authorization with the RoleNovell IDM• Automatically provisions the people in the

Role with the Authorization• Keeps it updated as role membership

changes or as Role/Authorization associations change

... Novell Identity Manager


Ready for Cloud Computing

• Uniquely ready for the challenges of the Cloud Computing

– Cloud-ready architecture makes the location of resources transparent—on-site, hosted, or both

– User organizations enjoy the same security, management capabilities and predictability whether inside the organization or out in the cloud

• Seamless integration with SaaS and hosted solutions

– User provisioning/de-provisioning, request/approval processes, password changes, identity profile updates, reporting, etc.

• Powerful tools make the hosted business model transparent, scalable and efficient

– SaaS application support with scalability and high availability to ensure compliant SaaS processes

Ensuring your organization is ready for—and taking full advantage of—cutting edge IT trends.


Intelligent Content Control

Allows customization of IDM to your environment without getting painted into a corner

• Protects your configuration IP and simplifies troubleshooting

– Leverages and protects your tremendous investments in policies, work-flow definitions, and other configuration

– Alerts you when you're changing something that is used in multiple places and could have unintended effects

– 'Factory Mode' temporarily overrides any changes made and/or allows return to clean slate

• Enables content libraries– Capture, archive, share, reuse good policy elements– Integrators can create their unique 'canonical' approach

• Future: Out-of-the-box Business Relevance via Compliance Content Packs from Novell®

– Addressing key compliance needs aligning to regulations such as PCI/DSS, SOX, HIPAA, FISMA, GLBA, Basel II, FERC/NERC, etc.


Improved User Experience

Providing controls in the hands of users to enhance productivity

• Work Dashboard– A single consolidated view bringing together upcoming

tasks, resource and role assignment, status of outstanding requests, etc.

– “Much less clicking”

• Resource Model and Assignments Dashboard– A clear, easily understood view of who currently has

access to what– Eliminates the “tech speak gap” for ordinary users who

need to make decisions about who should get what

• Built in SSO Support– Out-of-the-box integration with AD/Kerberos ticket

systems, SAML assertions, and SAP Logon ticket systems

– Eliminates the need for an external SSO tool when accessing IDM


New Work Dashboard

Novell® Identity Manager 4New Architectural Features


Technical Advancements

• Unified installation– Streamlined installation covers all components– Preconfiguration with best-practice “content” from

Novell® and their 13+years' experience in the business– Optional virtual machine image deployment

• Embedded IDV option– Silent and invisible identity vault– A dedicated purpose identity store– Managed with application specific tools

(vs. going into iManager and managing Novell® eDirectory™ attributes manually)

• Coming: Driver fan-out and high availability– Manage 1000's of similar target systems via one driver

(ex: Oracle DB's, AD instances, AS/400 systems)– True software-based driver failover

Many “Under the Hood” Enhancements to make your IDM even more powerful


Development Platform

• True identity services architecture– Modular, accessible functions

• Easily consumed into your environment (“mashup”)

– Your company portal

– Custom or mobile application

– Help desk or other business processes

• Over 100 standards-based identity services

– REST, SOAP, LDAP, JDBC, etc.

– Management and end-user actions

Easily consume, manage and interact with identity management functions however you need to.

Novell® Identity Manager 4New Integration Modules and Tools


New and Updated Drivers

• Microsoft SharePoint– Fine-grained integration with this

popular collaboration environment

• Salesforce.com– Seamless SaaS integration

• SOAP/SPML– Updated for easier SOAP endpoint integration

– Supports latest version of SPML

• eDirectory-to-eDirectory Driver– Eliminates the need for each instance of

Novell® eDirectory™ to have its own IDM engine

– Simplifies licensing and management

– Uniform challenge/response sets for passwords

• Oracle and SAP– Easier to discern and buy

– Oracle drivers enhanced

Ongoing improvements in connectivity to keep your IDM system most relevant


Industry-leading Deployment Tools

• Designer– Model, deploy and document identity policies– Explore “what if” scenarios– Version control, save/archive and reuse efforts– Up to 50% less cost in deployment

• Analyzer– Evaluate, cleanse and prepare identity data within

systems to be managed– Up to 80% less time and effort in

manual-intensive prep work

Bringing the “industrial revolution” to the highly manual, expensive process of rolling out identity management.


Novell® Analyzer

Data Browsing

Data Analysis

Automation to help you analyze, cleanse and prepare identity data for management

Novell® Identity Manager 4Product Editions and Planned Availability


Novell® Identity Manager 4 Product Family

Merisa

Dorado

Capricorn


• IDM 4 “Capricorn”– The The traditional way Novell® Identity Manager has

been offered to customers– Designed for organizations who want to selectively

choose which components best fit their needs• IDM 4 “Dorado”

– A new, comprehensive packaging of pre-integrated solution components

– Additional market leading capabilities not available in any other offering (Novell or competition)

– Designed for organizations looking for a single offering that includes everything needed for state-of-the-art user provisioning and identity management

IDM 4 “Capricorn” vs “Dorado”



• IDM 4 “Capricorn” is comparable to IDM 3.6 today– Updated user application (not including RBPM functionality)– Will include a few basic reports– Streamlined install with Embedded IDV option– The designated next version for IDM 3.6 customers

• IDM 4 “Dorado” (items not included in “Capricorn”)– Includes all “Capricorn” + RBPM capabilities– Includes Advanced ID Data Warehouse/Reporting– Includes Role Mapping Administrator– Includes additional drivers (Salesforce, SharePoint)– Includes Analyzer– Is “content-ready”– Offers the full API set (REST and SOAP interfaces)



OptionallyEmbedded IDV

IDM Policy Engine

User Application

BasicDrivers

AdvDrivers

Approval WF and Role-based Provisioning

Advanced Reporting Suite


Content Pack Readiness

Extensive REST/SOAPAPIs

IDM 4 “Dorado”

Analyzer tool

OptionallyEmbedded IDV

IDM Policy Engine

User Application

BasicDrivers

Basic Reports

IDM 4 “Capricorn”


Planned Release Schedule

• Beta test Spring 2010

• IDM 4 “Dorado” will be available in Summer 2010

• IDM 4 “Capricorn” will be available approximately 1Q later

• Driver high availability/fan-out capability will be available later in the year


www.novell.com/identitymanager

Questions?

Unpublished Work of Novell, Inc. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.

General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.

what's new in novell identity manager 4.0

Technology