Webinar: Access Management with the ForgeRock Identity Platform - So What’s New?
Download as PPTX, PDF3 likes1,055 views
ForgeRock is a leading open-source identity security software company founded in 2010, providing an identity platform that manages over 500 million identities. Key new features include enhanced authentication and authorization for increased security, user control over data access, and improvements for scalability and usability. The platform aims to support digital transformation across enterprises globally through advanced features tailored for developers and administrators.
Webinar: Access Management with the ForgeRock Identity Platform - So What’s New?
- 1. © 2016 ForgeRock. All rights reserved. Access Management with the ForgeRock Identity Platform So What’s New? Andy Hall, Director of Product Management Markus Weber, Senior Product Marketing Manager
- 2. © 2016 ForgeRock. All rights reserved. • Fastest-growing open source identity security software company in the world • Founded: 2010 • Headquartered in San Francisco with offices in 6 countries • Employees: 350+ • Customers: 400+ Enterprises in 30+ countries • Global Reach: ~50% international revenue • Hybrid Revenue Model with low Churn: <5% • Funding to Date (thru Series C): $52M • Investors: Accel Partners, Foundation Capital and Meritech Capital Partners Key Facts Mission Statement ForgeRock: At a Glance The forgerock identity platform currently powers more than 500 million identities. It is our goal to become the market leader in digital transformation and security for enterprise identity worldwide.
- 3. © 2016 ForgeRock. All rights reserved. Shared Services : User Interface, Self-Service, REST API, HTTP, Scripting, Audit and Logging Federation Synchronization Authentication & Strong Authentication Identity Provisioning Application & Service Gateway Authorization & UMA Provider Workflow Engine IoT Identity Gateway Adaptive Risk Self-Service Password Capture & Replay UMA Protector Access Management Identity Management Identity Gateway Data Store High Availability Data Segmentation LDAP / REST Directory Services Open Standards, High Availability, On-Premises, Cloud, Hybrid The ForgeRock Identity Platform is built from the open source projects OpenAM, OpenIDM, OpenIG and OpenDJ The ForgeRock Identity Platform
- 4. © 2016 ForgeRock. All rights reserved. What’s New in Access Management
- 5. © 2016 ForgeRock. All rights reserved. Access Management Themes • Smarter Security • Privacy and Consent • Internet of Things • Scalability and Performance • Ease of Use • Developer-friendly
- 6. © 2016 ForgeRock. All rights reserved. Smarter Security Authentication • Mobile Authenticator App and Authentication Module • iOS and Android • Strong 2FA based on OATH standard • Easy to setup using QR codes • Integrated with Contextual Authentication
- 7. © 2016 ForgeRock. All rights reserved. Smarter Security Authentication • SAML Authentication Module • Brings federation into authentication framework • Contextual Authentication now applied to federated identities
- 8. © 2016 ForgeRock. All rights reserved. Smarter Security Contextual Authorization • Enhanced Policy Editor supporting Scriptable Conditions • Custom logic integrated into Policy decisions • Supports Javascript or Groovy • REST-calls to external Policy Information Points (PIP) Access Management Session Contextual Change System Detects New Location System detects change during session and requests further authentication
- 9. © 2016 ForgeRock. All rights reserved. Smarter Security Universal Authorization • New Resource Types • Define arbitrary resource descriptions using patterns and actions • Policies can apply to multiple Resource Types
- 10. © 2016 ForgeRock. All rights reserved. Smarter Security Common Audit Framework • Common Audit Framework • Complete view of activity across all products • Extensible architecture delivering CSV, JDBC, Syslog • Realm-specific Auditing • Fine-grained control of logging ForgeRock Identity Platform Common System & Activity Logs Access Management Identity Management Identity Gateway Directory Services
- 11. © 2016 ForgeRock. All rights reserved. Privacy and Consent User Managed Access • Putting users in control of access to their data • Fully compliant UMA Authorization Server • REST APIs and User Resource Pages • Supporting: • Resource Set Registration • Resource Sharing • Resource Labeling • Pending Requests • Audit history
- 12. © 2016 ForgeRock. All rights reserved. Internet of Things OAuth2 Device Flow • De-facto standard for pairing devices with user identities • Ideal for devices with no input and limited output capabilities • Revocation controlled by user
- 13. © 2016 ForgeRock. All rights reserved. Scalability and Elasticity Stateless Sessions • New deployment option • Per-Realm attribute • JWT-based sessions • Ideal for Elastic Cloud-based deployments • Massive horizontal scalability ClusterSize Demand Elastic Load Balancer
- 14. © 2016 ForgeRock. All rights reserved. Ease of Use New Administrator and End-User Interfaces User • Rich user experience with latest XUI • Contextual tools to streamline UX • Extended self-service capabilities Administrator • Powerful improvements to Administration Console • Easier configuration using XUI • Realm-centric administration • Common task wizards e.g. OAuth2 Providers
- 15. © 2016 ForgeRock. All rights reserved. Developer-friendly ForgeRock Platform Services • More REST endpoints to extend developer flexibility • More Scriptable extension points • Consistent and Responsive User Interfaces • New SOAP-STS • Standards conformance • OpenID Certified
- 16. © 2016 ForgeRock. All rights reserved. ForgeRock Access Management Summary • Smarter Security • Privacy and Consent • Internet of Things • Scalability and Performance • Ease of Use • Developer-friendly
- 17. © 2016 ForgeRock. All rights reserved. Thank You! Questions?
Editor's Notes
- #5: Daniel
- #6: Smarter Security - Stronger Security, as and when, required Authentication NewMobile Authenticator App and associated Authentication module New SAML2 authentication module Authorization Smarter Authorization as to who can access what, when and under which conditions with scriptable conditions Broader Authorization capabilities now protecting any type of resource Audit Privacy and Consent User Managed Access (UMA) for putting the user in control of their resources Internet of things Standards-based pairing of devices using OAuth device flow UMA to control access to devices and the data they gather Latest Standards Conformance OAuth2 Provider wizards OpenID Connect Provider Mobile Connect Provider UMA Provider OpenID Connect claims scripts OpenID Connect conformance Scalability and Performance Stateless sessions Ease of Use New admin console New end-user interface New self-service features
- #17: Smarter Security - Stronger Security, as and when, required Authentication NewMobile Authenticator App and associated Authentication module New SAML2 authentication module Authorization Smarter Authorization as to who can access what, when and under which conditions with scriptable conditions Broader Authorization capabilities now protecting any type of resource Audit Privacy and Consent User Managed Access (UMA) for putting the user in control of their resources Internet of things Standards-based pairing of devices using OAuth device flow UMA to control access to devices and the data they gather Latest Standards Conformance OAuth2 Provider wizards OpenID Connect Provider Mobile Connect Provider UMA Provider OpenID Connect claims scripts OpenID Connect conformance Scalability and Performance Stateless sessions Ease of Use New admin console New end-user interface New self-service features