Identiprise Services Company Support Contact
  OUR PRODUCTS
   
  Enterprise IAM:
Broad Platform Support
Identiprise Features
Identiprise FAQ's
   
  Identiprise Options:
Enterprise Edition
Web Edition
On Demand
 
  Your Location:   home    products    Identiprise Home  
 

Our experts in the Advanced Security Group are happy to answer questions about the Identiprise Suite and how it will work with your current systems.

Question
Answer
How does the Identiprise Suite, Enterprise Edition coexist with my current Web-based SSO-IAM solution?

Client/server security, an important feature of the Identiprise™ Suite, Enterprise Edition, can be added to an environment with an existing Web-based SSO-IAM solution in one of two ways:

1. Identiprise Server communicates with SmartClients, using proxy authentication and credential mapping as a means to close Identiprise Server connections. In this case:

a. 

The SmartClient connects to Identiprise Server
b.  The Application Password Map redirects the connection to the existing Web-based SSO-IAM solution to obtain the necessary credentials.
c Once returned from the existing SSO-IAM solution, Identiprise verifies the credentials and responds to the client.

2. The SmartClient is configured to interact with the existing SSO-IAM product directly.

We have roaming users. How does Identiprise handle remote authentication and user profiles? SmartClients have virtual private network capabilities built in. Remote users can use these when roaming. Or your VPN server can authenticate to Identiprise using LDAP or Radius protocols.

Smart Plug-ins support access to Web-based services.
We have multiple directories, each with their own identity information. Can Identitprise help us aggregate these? Yes, the Virtual Directory allows Identiprise Server to integrate identities from any number of directories or databases. It can also manage identical user’s that have different identities in those directories.

Can Identiprise synchronize the information in it’s Virtual Directory? Actually, the Virtual Directory does not replicate any information that is stored in target directories, so synchronization is not usually required.

Synchronization can be an issue across target directories. If this is true for your organization, directory synchronization products such as Dir-XML or MIIS can be used in conjunction with the Identiprise provisioning framework to address directory synchronization requirements.
Does Identiprise have transactional rules to enable dynamic look-ups in databases and LDAP directories to support authorization decisions? Absolutely, they are part of the dynamic entitlements in the Identiprise Suite that allow flexible access to databases and LDAP directories through the Virtual Directory. Rules are not limited to implementing business logic, and can perform user registration, changes to entitlements, and more using a standard powerful scripting language.
Does Identiprise provide dynamic transactional authorization for multipartner Web services? How? Identiprise provides standards-based Web Services interfaces that provide access to all Identiprise functions including authentication, and dynamic authorization.

The Identiprise rules engine provided supports state-less, state-full, and transactional models for carrying out authorization decisions.
Does Identiprise have APIs that allow developers to bundle authentication and authorization requests from legacy and new applications? Yes, our APIs are supported as a C-language library on almost any POSIX-compliant platform. They are also available using Visual Basic via an Active-X adapter, and are .NET compliant.

In many cases, the use of APIs are not required when using the Identiprise Suite, as our PSM technology and SmartClient eliminates the need to do timely re-coding.
   CONTACT US   |   PRIVACY   |   CUSTOMER SUPPORT