A2B Tech

No detours, just destinations

Identity Management

 

Identity Management is the practice of managing authentication and authorization of principals such as users/principal lifecycle, groups of users, along with their assigned roles, resources, entitlements, and other authorizations. Identities typically reside in a directory, but in most IT environments no single directory is referenced by every computer, application, or service, so synchronization of identities and their relevant data, in a secure manner, is the tip of the Identity Management iceberg. Determining which accounts should exist in which systems, limiting them for security, scaling, and licensing reasons, is managed via business policies. Handling the methods of authentication, as well as the scope of authorization, in those systems is also handled via policy. Providing auditing of provisioning events, and verification of the provided access, falls under governance and certification activities. Allowing for user self-service for passwords, accounts, and other authorized areas, is all part of the same system. An ideal Identity Management environment then deals with managing the movement of bits as determined to be appropriate per the business or organizational policy, and doing so in a way that is friendly for end users in addition to administrators, business owners, and auditors.

 

A leader in Identity Management, Micro Focus (formerly NetIQ / Novell) ships its Identity Manager (IDM) suite of products which has evolved over more than a decade from a simple synchronization tool built on a solid directory, into a suite of products that meet the goals outlined above. User self-service, for both passwords as well as access requests, is built into the product and provides a simple interface on a variety of platforms (desktops, laptops, phones, tablets, etc.). Approvals can be managed via a web browser or a mobile application allowing those who perform those tasks frequently to do so securely from anywhere with an Internet connection. Mapping an organization's policies to synchronization logic, or moving from manual authorizations to computed and verified entitlements based on a Roles Based Access Control (RBAC) model, is all managed from the IDM Designer tool.

 

End-to-end test cases can be handled via the IDM Validator product, which allows creation of events in predictable or random inputs, to verify that the implemented policies perform as expected whether those come in via a web application, LDAP, or any other endpoint (database, text file, REST call, etc.). The IDM suite also comes with options to provide certification and governance of authorization in an organization's systems, whether directly linked to the overall IDM system or not, as well as tools to view and cleanup data before setting up an initial connection to a new system.

 

Security Management

 

Security Management is an area around capturing audit data from disparate sources, matching them up with Identity data from an Identity Management system when possible, and making business-relevant data from the flood of inputs around the organization. Because most systems do not design security events to a particular standard, there is a need for flexibility in a Security Information an Event Management's (SIEM) ability to receive and parse data.

 

Micro Focus (NetIQ / Novell) Sentinel provides this capability by allowing inputs in various formats, via various transport protocols, and integrating with various identity providers to add as much value to the events as possible. To enable customers and developers to easily integrate with Sentinel, a development kit is available which uses standards-based languages (ECMAscript / JavaScript) to allow simple extension using skills that most in IT already possess because of its use across the web.

 

Linux Management

 

As the Operating System (OS) which powers most of our phones, tablets, servers, software appliances, and other devices, Linux has proven its flexibility since its creation in the 1990's. While management can be done by anybody, it is sometimes advantageous to use outside help for tasks that may be risky, such as system migrations, large configuration changes, or new implementations. Whether the task is a migration from one system or hosting provider to another, upgrading applications to newer versions, or setting up new systems to scale for growth, we can provide time-tested processes to do so in a way that meets your needs, minimizes your risk, and provides you with the solid infrastructure expected of a server-class operating system.

 

Training

 

Training on the topics above can be arranged for individuals, teams, or entire companies; details can be found on the Training page. Some trainings work well in a remote setting, while others are most effective working face-to-face. Whether information is needed on the basics of Linux scripting, Identity Management best practices or developing custom components to audit home-grown applications, we can provide the information so your teams are as effective as possible.