This article can also be found in the Premium Editorial Download "Information Security magazine: Security Readers' Choice Awards 2008."
Download it now to read this article plus other related content.
IDENTITY & ACCESS MANAGEMENT|
Identity & access management, SSO and provisioning
Novell Identity Manager
Buying information security technology has often been compared to buying life insurance, but user identity provisioning is one category that has offered quick, measurable ROI from the start. Novell Identity Manager, this year's identity management winner, is widely regarded as a leader in this market, automating user provisioning to get employees what they need--and only what they need--to get to work quickly.
A key part of Novell's suite of identity management tools, centered on its eDirectory LDAP service, Identity Manager resolves the labor-intensive task of provisioning users with access to the applications, information and tools they require. Role-based provisioning makes assignments by business role and policies, and automated workflows assure that changes are implemented quickly and accurately.
Access is cut promptly and accurately as roles change or employees are terminated. In addition to providing cost savings, this helps meet security and regulatory requirements.
Identity Manager users particularly liked its user transparency, ease of use, scalability and, most important, ROI.
NOTABLE While most of its leading competitors--such as Sun/Waveset, Oracle/Thor and Oblix, CA/Netegrity, IBM/Access 360--owe much of their IAM technology to acquisitions, Novell has built its products from within.
RSA Access Manager
Access control was relatively straightforward when data and applications were largely restricted to business silos: company, division, department. That's all changed as Web-based access has enabled vast opportunities--and complex access and security issues.
RSA Access Manager is among the top products in the Web-based access control market, designed to bring order to the formidable task of giving employees, partners and customers quick and appropriate access via intranets, extranets, portals and Internet-facing applications.
To manage this maze of access privileges to disparate back-end data stores, Access Manager provides highly flexible role-based policies, including appropriate security/authentication controls (e.g., passwords for one level, tokens or biometrics for another).
Single sign-on (SSO) capabilities, a key component of Web-based access control tools, simplify the user experience and reduce cost by centralizing user management and reducing help- desk calls for password resets.
Access Manager scored well for scalability, integration and compatibility with multiple directory stores, authentication products, etc., and extensibility.
NOTABLE Since the EMC deal, RSA acquired DLP vendor Tablus, and boosted its position with financial institutions, buying Cyota and PassMark Security.
This was first published in April 2008