Modernize IAM with a Web Scale LDAP Directory Server

(1)

Modernize IAM with a Web Scale LDAP

Directory Server

(2)

Today’s Speakers

Nathanael Coﬃng

Co-‐Founder,

Syntegrity

Terry Sigle

Dir. of SoluEons

Engineering,

UnboundID

(3)

Typical Enterprise IT challenges today

Diverse range of new,

modern apps being added

Relentless Pressure to Contain

IT Costs and Improve Security

1

2

3

4 Increasing demand for

scale and reliability

Move to virtualized

infrastructure or cloud

+

₊

+

Partners

+

ReLrees

99.999%

Require HA

$$

New Partner App New Mobile App New SaaS New Employee App Private Public Hybrid

(4)

Weak Link? Legacy IAM systems and 1990’s LDAP

End Users Outages Poor performance Costly maintenance Can’t support new apps

Diﬃcult to manage mul9ple silos Inadequate security

Internal App Partner App Internal _{App
2} SaaS

Legacy Dir

Servers Legacy Dir Server

No virtualiza9on or cloud support

?

IT OperaLons:

“I need to upgrade

my legacy IAM

systems”

(5)

Reasons why: Brief LDAP Directory Server history

DSEE 5.2 DSEE 6.3 ODSEE 11g Novell

1995-2005

Period of investment

and innovation

2006-Present

Innovation stops, replaced by

(6)

•  Company founder are pioneers in idenEty management with leadership posiEons at Netscape, Sun, and Oracle. •  UnboundID has developed a next-‐generaEon idenEty and preference management plaSorm

•  Customers use UnboundID to modernize IdenEty and Access Management and enable new, customer-‐facing digital business strategies

•  100% customer renewal rate and more than 1 billion idenLLes deployed with some of the world’s most

inﬂuenEal brands

6

UnboundID was founded in 2007…

PARTNERS CUSTOMER EXAMPLES

(7)

Designed to address a changing IAM market

Dynamic Pricing Data Store Data Sync Metrics Engine Data Broker

Secure | Scalable | Uniﬁed | Adaptable

Partners Mobile Workers BYOD Contractors Mobile Social & Web Cloud & SaaS IoT

7

Workforce Enablement Customer Engagement

Systems of Engagement

Systems of Record

MDM CRM Big Data Legacy Directory

MarkeLng AutomaLon Loyalty Programs

(8)

Data Store

Securely store and deliver idenEty and preference data at web scale for billions of idenEEes and a\ributes

Data Broker

High-‐speed, high-‐volume data delivery via REST API and governed with centralized policy controls

Data Sync

Bi-‐direcEonally synch massive volumes of data between systems of record in real-‐Eme to create uniﬁed customer views

Metrics Engine

Monitor real-‐Eme operaEonal metrics to ensure SLA compliance and gain visibility into idenEty and preference data trends

UnboundID Pla]orm

Iden9ty and Preference Management at web scale

Secure | Scalable | Uniﬁed | Adaptable

Pl aS orm Mo du les

(9)

UnboundID Data Store

9

Securely store and deliver iden2ty and

preference data at web scale

Extreme Scale and Performance

–  Performance opEmized through memory

caching, self tuning, and horizontal scaling

Adaptable/VersaEle

–  Store rich user proﬁles, preferences, opt-‐in/

out selecEons, privacy direcEves and more –  Deploy on premise, virtualized, or in cloud

–  Services exposed via REST APIs

“At last iPhone launch, we peaked at 30-‐40x regular traﬃc. Since using UnboundID, we have had no issues.” -‐Telco Customer

2.5 billion daily transac9ons, sub-‐millisecond latency and 99.999998% availability

– Large U.S. wireless telco provider

Costly, Poor Performing Legacy LDAP

Migrate

Enterprise-grade security Web scale performance

(10)

UnboundID Data Sync

10

Connect to disparate data stores

–  Sync/migrate from Oracle, MS AcEve Directory, and more

–  Use for one-‐Eme migraEons or ongoing synchronizaEon

–  Transform and map a\ributes between data stores

Bi-‐DirecEonal SynchronizaEon

–  Support massive data volumes at high speed

–  Real-‐Eme or scheduled

MDM CRM Big Data Legacy Directory

UNIFIED VIEW

Unify, synchronize, and migrate massive volumes

of data between disparate systems

“We feel the UnboundID’s Data Sync is the best product for migra9ng data from one Oracle system to another.” -‐EU bank customer

Data Mapping and Sync

“We were able to migrate 258 million entries in 13 minutes.”

(11)

UnboundID Metrics Engine

11

Sense and Respond to Customer SenEment

-  Opt-‐in/op-‐out trends

-  Policy enforcement

Customized dashboards with visibility into

Real-‐Time OperaEonal Performance

–  Capacity usage, resource loads, historical trends

–  Push to standard monitoring tools

–  REST API for idenEty analyEcs integraEon

Visibility into opera2onal performance, iden2ty/

preference trends, and service level agreements

(12)

UnboundID beneﬁts for IAM modernizaLon

•  25%-‐90% reducLon in TCO compared with legacy IAM

•  Industry leading scale, performance and reliability

•  Support modern apps (SCIM, OAuth2, OpenID Connect)

•  Seamless data migraLon without disrupLng exisLng apps

•  Consolidate data silos or provide real-‐Lme bi-‐direcLonal sync

•  Deploy to virtualized infrastructure and/or cloud

•  Adaptable security framework with encrypLon at all stages

•  Provide real-‐Lme operaLonal visibility

What our customers say:

“There has never been an service-‐level outage in our UnboundID deployments across 530M entries going back to 2009.” -‐ Telco Customer

“Rock solid performance and availability to over 1000 legacy applicaEons.”

– Global Aerospace Firm

“500+ million entries, 250k concurrent users, deployed on VMware and zero down Eme.” – SP500 Sogware Co.

“5x Performance & ½ server footprint” -‐ Fortune 50 mulEnaEonal bank

(13)

Today’s Speakers

Nathanael Coﬃng

Co-‐Founder

Syntegrity

Terry Sigle

Dir. of SoluEons

Engineering,

UnboundID

(14)

Closing the Security Gaps

Too many demands for

too few staff

§ IT staff deploy-and-support

overload

§ Increasing pressure to improve

time-to-market and business agility

§ Patchwork approach and siloed

security technologies makes organizations vulnerable

(15)

OrchIS: Automate UnboundID Platform deployment

Simplified Drag and Drop IAM Security Architecture

§ Automated setup/deployments in minutes with reusable architecture blueprints

§ Flexible UI to design, adapt and implement security component architectures

§ Cross platform

policy-writing and auditing

§ Automation of security

policies and configuration for applications

(16)

OrchIS: Deploy/migrate to major Cloud Providers

Design Once, Deploy Anywhere

§ Support for most major cloud providers and DevOps platforms

§ Compress components into less complex environments (single box Dev instance)

§ Ensure configurations 

match between  Dev/QA/Prod

§ Load balancer support

§ Dynamically add  

servers to increase

(17)

OrchIS: Automated Security Configuration

Automate Security

§ Macro Policy Definition at the

Application Tier

§ Automated Micro Policies for

Security Services

§ Cross platform

policy-writing and auditing

§ Available for Cloud Apps

§ Leverages existing infrastructure

§ Remedy/ServiceNow Integration

§ Simplifies application integration

and updates

WAF Policy Password

Policy AM Policy

(18)

Q&A

Email:

[email protected]

Phone:

+1-‐512-‐600-‐7777

Blog:

www.unboundid.com/blog

TwiDer:

twi\er.com/unboundid

Modernize IAM with a Web Scale LDAP Directory Server