Integrating Novell Access Governance Suite with Novell Identity Manager
1 like851 views
The document outlines the integration of Novell Access Governance Suite with Novell Identity Manager, focusing on access governance, certification, and role-based provisioning. It emphasizes a dynamic governance process, effective role lifecycle management, and the importance of compliance and user access monitoring. Additionally, it highlights the flexibility and security offered through an integrated provisioning approach.
Integrating Novell Access Governance Suite with Novell Identity Manager
- 1. Integrating Novell Access Governance ® Suite with Novell Identity Manager Steve Lewis Identity Compliance Specialist Novell, Inc. /slewis1@novell.com
- 2. Agenda Access Governance Suite Overview – Certification Manager – Role Manager Roles Based Provisioning Manager Overview – The 3 R's of Provisioning Access Governance Suite/ Roles Based Provisioning Module Integration Demo 2 © Novell, Inc. All rights reserved.
- 3. Access Governance Suite Overview
- 4. Novell Access Governance Suite ® (AGS) Business-driven accountability, visibility and certification Compliance Certification Manager Roles Lifecycle Manager 4 © Novell, Inc. All rights reserved.
- 5. Effective Governance of Access Requires a Dynamic, Ongoing Process Regular Review and Analytics for Certification of User Decision Support Access Change Management for User Access Discovery and Collection of User Access Information Orchestration of Controls to Remediate Inappropriate Access Role Design and Maintenance 5 © Novell, Inc. All rights reserved.
- 6. Novell Access Governance Suite ® Enabling Access Certification • Business-oriented certification process – Provides business context with insightful analytics – Highly personalized business dashboards • Continuous, business-event-driven, or cyclical frequency • Process to initiate remediation of inappropriate access • Auditable evidence of access compliance 6 © Novell, Inc. All rights reserved.
- 7. Novell Access Governance Suite ® Delivering Role Lifecycle Management • Effective, flexible model for defining enterprise roles – Role discovery, business role modeling and change management (top-down and bottom-up) – Mapping of business roles to IT roles – Collaborative review, design and approval of roles • Continuous process for role lifecycle management – Analytics provide insightful decision support information • Roles capability and comprehensive reporting provide sustainable compliance 7 © Novell, Inc. All rights reserved.
- 8. Role Based Positioning Module (RBPM) Overview
- 9. A Balanced Approach to Provisioning Novell provides: ® Role Based Easiest to define and maintain Most integrated governance Provisioning Integrated monitoring Least expensive Heavy implementation Most coverage and maintenance effort Optimum effectiveness and efficiency Rules-based Request-based Provisioning Provisioning Difficulty in Governance Operational Nightmare An integrated provisioning approach usually provides the best all-around results for security, efficiency and flexibility 9 © Novell, Inc. All rights reserved.
- 10. Roles Based Provisioning Module (RBPM) • Roles Module for Novell Identity Manager (IDM) ® – An RBAC/Compliance solution, nicely integrated with Novell's product line, and open to accommodating specialized/custom/best-of-breed solutions – Addresses the most common customer use cases: > Role-based assignment of resources and permissions > Runtime enforcement of compliance rules, including separation of duties (SoD) > Management of the compliance process (reporting, review of authorizations, re certification business process, etc.) 10 © Novell, Inc. All rights reserved.
- 11. Integrated Roles Infrastructure • Built into the infrastructure of the Novell Identity and ® Security product line – Role objects located within the Identity Vault > available to be leveraged across the product line and beyond – Accessible via the Identity Manager User Application portal and iManager > administration and end-user interfaces are already familiar – Leverages the Identity Manager approval workflow system > unified method of requesting and re-certifying resources – Ties into Identity Manager event system and services > immediate policy enforcement 11 © Novell, Inc. All rights reserved.
- 12. IDM/RBPM and AGS Integration
- 13. Integration • Role Engineering – Collect Roles from RBPM/IDM – Collect Entitlements from RBPM/IDM – Model Roles with RBPM/IDM entitlements – Publish Roles with RBPM/IDM entitlements to AGS – Use Roles for Provisioning and De-provisioning • Certification Reviews – Revocation of Role memberships in AGS will flow to RBPM – All entitlements associated with the Roles will be De-provisioned 13 © Novell, Inc. All rights reserved.
- 14. Demo
- 16. Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.