SlideShare a Scribd company logo

T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.

ForgeRock, profile picture
ForgeRock

This document discusses delivering Identity and Access Management (IAM) solutions as a managed service from the cloud. It describes ForgeRock's IAM platform and how Telekom delivers it as Identity Protect Pro. Identity Protect Pro is a managed IAM service that uses virtualization, containers, and automation tools to deploy and manage standardized ForgeRock software bundles for customers in a secure, high-availability private cloud environment. Customers benefit from the convenience, security, and scalability of the cloud-based managed service while avoiding the upfront costs of an on-premise solution.

Technology
1 of 13
Downloaded 27 times
1
2
3
4
5
6
7
8
9
10
11
12
13
Telekom Security: Id Security Automating ForgeRock Deployments to a Magenta Cloud - Peter Weik -
Consumer IAM (B2C) Enterprise IAM (B2E/B2B) Internet of Things IAM (B2T) User Centric digital Identities Social Logins & User profiles Domain Centric Digital Identities Identity & Access Gov. B2B Federations with Partners & Suppliers Service Centric Digital Identities Non-Human Identities & API Security Three Disciplines of Today's Identity & Access Management
The Modern IAM Ecosystem Identity & Access Management Things Consumers Employees PArtners Mobile Workforce Privileged Users Applications Data Office workspace User directory On-Premise/PrivateCloud Software asaService CloudPlatforms &WebServices
Delivery Models for Cloud Based Identity & Access Mgmt Identity as a Service Multitenant IAM Offering delivered as Software as a Service in a Public Cloud.  Weak integration with existing IAM deployments in the customer domain  Focus on Single Sign-On and identity federation  Limited functionality with regards to authentication and identity management  Operation and data storage typically in the US. Very few providers operate in Germany as well  Public pricing information available, usage or user based pricing models. Managed IAM Service Application outsourcing of an IAM product within a Private Cloud offered as managed service.  Strong integration with existing IAM deployments in the customer domain possible  Full IAM functionality available (depending on IAM product used).Focus on IdM customizations.  Operation and data storage depends on customer requirements and data center locations of the service provider  No public pricing information available; Time & material based quotes are common
“Cloudification Grades” of IdentIty & access MGMt Hosted IAM Solution HW HW HW OS OS OS IAMInstance1 IAMInstance2 IAMInstancex … One individual IAM Instance per customer with dedicated IT resources. Multi-tenant IAM as a Service HW OS Tenant1 Tenant2 Tenantx … IAM Instance One standard IAM SaaS instance for all tenants in Public Cloud VM(s) Virtualized IAM Instances One individual IAM instance per customer with virtualized IT resources VM 1 VM 2 VM x HW OS OS OS IAMInstance1 IAMInstance2 IAMInstancex … Virtualized & Containerized IAM Services Individual IAM instances per customer with virtualized IT resources and containerized IAM VM(s( VM (s) VM (s) HW OS OS OS Tenant1 Tenant2 Tenantx … IAM Instance IAM Instance IAM Instance Private Cloud Public Cloud Managed Service Un-managed Service
Identity Protect Pro
“Cloudification Grade” of IdentIty Protect Pro Hosted IAM Solution HW HW HW OS OS OS IAMInstance1 IAMInstance2 IAMInstancex … One individual IAM Instance per customer with dedicated IT resources. Multi-tenant IAM as a Service HW OS Tenant1 Tenant2 Tenantx … IAM Instance One standard IAM SaaS instance for all tenants in Public Cloud VM(s) Virtualized IAM Instances One individual IAM instance per customer with virtualized IT resources VM 1 VM 2 VM x HW OS OS OS IAMInstance1 IAMInstance2 IAMInstancex … Virtualized & Containerized IAM Services Individual IAM instances per customer with virtualized IT resources and containerized IAM VM (s) VM(s) VM (s) HW OS OS OS Tenant1 Tenant2 Tenantx … IAM Instance IAM Instance IAM Instance Identity Protect Pro
Identity Protect Pro Office 365 Identity Protect Pro Identity & Access Management from the Cloud powered by IdentityManagement Access Management Applications Data Office workspace User directory Enterprise a Applications Data Office workspace User directory Enterprise B Partner Nomadic Worker Google Box Private Cloud Salesforce
Identity provisioning Identity Synchronization User Self Services Identity Data Management Authentication Service Adaptive Risk Evaluation Identity Federation Single Sign-On Dashboard Services Social Login Identity Protect Pro: Functionalities
Identity Protect Pro: The IAM Software Instance vApp IAM iNSTANCE VM AS01 VM DB01 VM AS02 VM DB02 ApplicationLayerDatabaseLayer vApp FW vApp FW OSFW OSFW AppNet Web-Frontend AppNetOperation OSFW OSFW
Identity Protect Pro: A Managed IAM Service with Tooling Remarks Configuration management by means of Subversion for the management of customer configurations within in a central repository and support of lifecycle measures for existing customer configurations that are already operational. Deployment of standardized IAM software bundles (incl. required middleware) by means of Docker. A private Docker repository eases the provisioning of patches and updates for all customer instances. Usage of T-Systems DSI vCloud (vmWare based IaaS offering) for the realization of virtual data centers for Identity Protect Pro. IT automation and orchestration of deployments (software and configurations) by means of Ansible. Virtualized & Containerized IAM Services Individual IAM instances per customer with virtualized IT resources and containerized IAM VM (s) VM (s) VM (s) HW OS OS OS Tenant1 Config&Data Tenant2 Config&Data Tenantx Config&Data … IAMInstance (Containerized) IAMInstance (Containerrized) IAMInstance (Containerized) Tools ForgeRock’s Identity Platform supports the required separation of IAM executables, IAM data and IAM configurations.
Peace of mind – now and future Access to skilled IAM experts; compliance with international standards; deployment of the latest technologies and mechanisms. Identity Protect Pro: Identity & Access Mgmt delivered as Managed Service from a Magenta Cloud availability The solution is delivered from a high- availability Telekom/T-Systems data center – for minimum downtime. protection of Investments Identity Protect Pro complements your existing IAM infrastructures, providing staff with secure access to cloud applications. convenience Employees can request access rights via self- service workflows and single sign-on increases staff productivity. Cost savings Identity Protect Pro is charged on a demand- driven basis – so you only pay for the resources you actually need. Cost-efficiency Lower up-front investment compared to local IAM solutions (OPEX replaces CAPEX). security Identity Protect Pro is operated in a highly secure data center of Telekom/T-Systems in line with German data protection legislation. speed The deployment of high-performance hardware and broadband network connections enables fast IAM transactions. scalability Identity Protect Pro can be tailored to meet your specific day-to-day requirements (e.g. number of employees).
WWW.TELEKOM.DE/IDENTITY-PROTECT-PRO

More Related Content

PPTX
Identity Live Sydney 2017 - Michael Dowling
ForgeRock
 
PPTX
Identity Live Sydney 2017 - Daniel Raskin
ForgeRock
 
PDF
Security On The Edge - A New Way To Think About Securing the Internet of Things
ForgeRock
 
PPTX
Identity Live London 2017 | Daniel Raskin
ForgeRock
 
PDF
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
Ping Identity
 
PPTX
Identity Live London 2017 | Ashley Stevenson
ForgeRock
 
PPTX
Securing Access to SaaS Apps with WSO2 Identity Server
WSO2
 
PPTX
Webinar: ForgeRock Identity Platform Preview (Dec 2015)
ForgeRock
 
Identity Live Sydney 2017 - Michael Dowling
ForgeRock
 
Identity Live Sydney 2017 - Daniel Raskin
ForgeRock
 
Security On The Edge - A New Way To Think About Securing the Internet of Things
ForgeRock
 
Identity Live London 2017 | Daniel Raskin
ForgeRock
 
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
Ping Identity
 
Identity Live London 2017 | Ashley Stevenson
ForgeRock
 
Securing Access to SaaS Apps with WSO2 Identity Server
WSO2
 
Webinar: ForgeRock Identity Platform Preview (Dec 2015)
ForgeRock
 

What's hot (20)

PDF
The Future is Now: The ForgeRock Identity Platform, Early 2017 Release
ForgeRock
 
PPTX
IdM vs. IDaaS
Drew Koenig
 
PDF
Webinar: Three Steps to Transform Your Mobile App into a Security Factor
Ping Identity
 
PPTX
Ping Identity
Ping Identity
 
PDF
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Ping Identity
 
PDF
Pimping the ForgeRock Identity Platform for a Billion Users
ForgeRock
 
PPTX
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Ping Identity
 
PDF
ForgeRock Platform Release - Summer 2016
ForgeRock
 
PDF
Identity as a Service: a missing gap for moving enterprise applications in In...
Hoang Tri Vo
 
PPTX
Identity Live Sydney 2017 - Ian Sorbello
ForgeRock
 
PPTX
Identity Gateway with the ForgeRock Identity Platform - So What’s New?
ForgeRock
 
PPTX
Criteria for Effective Modern IAM Strategies (Gartner IAM 2018)
Ping Identity
 
PPTX
Identity Live Paris 2017 | Ian Sorbello, HSBC
ForgeRock
 
PDF
Connected Car: Putting Digital Identity Behind the Wheel
ForgeRock
 
PDF
Webinar: Deep Diving Into the KuppingerCole IDaaS Leadership Compass
Ping Identity
 
PPTX
2015 Identity Summit - Stepping Up to New Data Protection Challenges
ForgeRock
 
PPTX
9.35am robert humphrey
Argyle Executive Forum
 
PPTX
Webinar: Identity Wars: The Unified Platform Awakens
ForgeRock
 
PPTX
Identity Live Paris 2017 | Monetising Digital Customer Relationships
ForgeRock
 
PPTX
HSBC - ForgeRock Identity Summit 2017 Dusseldorf
ForgeRock
 
The Future is Now: The ForgeRock Identity Platform, Early 2017 Release
ForgeRock
 
IdM vs. IDaaS
Drew Koenig
 
Webinar: Three Steps to Transform Your Mobile App into a Security Factor
Ping Identity
 
Ping Identity
Ping Identity
 
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Ping Identity
 
Pimping the ForgeRock Identity Platform for a Billion Users
ForgeRock
 
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Ping Identity
 
ForgeRock Platform Release - Summer 2016
ForgeRock
 
Identity as a Service: a missing gap for moving enterprise applications in In...
Hoang Tri Vo
 
Identity Live Sydney 2017 - Ian Sorbello
ForgeRock
 
Identity Gateway with the ForgeRock Identity Platform - So What’s New?
ForgeRock
 
Criteria for Effective Modern IAM Strategies (Gartner IAM 2018)
Ping Identity
 
Identity Live Paris 2017 | Ian Sorbello, HSBC
ForgeRock
 
Connected Car: Putting Digital Identity Behind the Wheel
ForgeRock
 
Webinar: Deep Diving Into the KuppingerCole IDaaS Leadership Compass
Ping Identity
 
2015 Identity Summit - Stepping Up to New Data Protection Challenges
ForgeRock
 
9.35am robert humphrey
Argyle Executive Forum
 
Webinar: Identity Wars: The Unified Platform Awakens
ForgeRock
 
Identity Live Paris 2017 | Monetising Digital Customer Relationships
ForgeRock
 
HSBC - ForgeRock Identity Summit 2017 Dusseldorf
ForgeRock
 
Ad

Viewers also liked (19)

PDF
GDPR is coming in Hot. Top Burning Questions Answered to Help You Keep Your C...
ForgeRock
 
PDF
Winning with GDPR: How to Win Customer Loyalty and Trust
ForgeRock
 
PPTX
Identity Live Sydney 2017 - Ashley Stevenson
ForgeRock
 
PDF
The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017
ForgeRock
 
PDF
IoT Wonderland: Understanding the Magic of OAuth2 Device Registration Flow
ForgeRock
 
PPTX
Identity Live Sydney 2017 - Andrew Latham
ForgeRock
 
PPTX
OpenAM - An Introduction
ForgeRock
 
PDF
Paradigmo. Rock Kit, the Rapid Deployment Toolkit for ForgeRock Identity Plat...
ForgeRock
 
PPTX
Identity Live Sydney 2017 - Allan Foster & Eve Maler
ForgeRock
 
PPTX
Identity Live London 2017 | Kenneth May
ForgeRock
 
PPTX
Keynote: Tech, Trust, and Transformation - Paris Identity Summit 2016
ForgeRock
 
PDF
Implications of GDPR in Conjunction with UMA
ForgeRock
 
PPTX
Analyst Keynote: Putting Customers First Requires Innovation and Identity - P...
ForgeRock
 
PPTX
Keynote : Customer Identity Builds Digital Trust - Paris Identity Summit
ForgeRock
 
PPTX
OpenAM: An Introduction
ForgeRock
 
PDF
DevOps Unleashed: Strategies that Speed Deployments
ForgeRock
 
PDF
The digital pains of retail
ForgeRock
 
PPTX
Identity Live London 2017 | Marko Orenius
ForgeRock
 
PPTX
A Backstage Tour of Identity - Paris Identity Summit 2016
ForgeRock
 
GDPR is coming in Hot. Top Burning Questions Answered to Help You Keep Your C...
ForgeRock
 
Winning with GDPR: How to Win Customer Loyalty and Trust
ForgeRock
 
Identity Live Sydney 2017 - Ashley Stevenson
ForgeRock
 
The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017
ForgeRock
 
IoT Wonderland: Understanding the Magic of OAuth2 Device Registration Flow
ForgeRock
 
Identity Live Sydney 2017 - Andrew Latham
ForgeRock
 
OpenAM - An Introduction
ForgeRock
 
Paradigmo. Rock Kit, the Rapid Deployment Toolkit for ForgeRock Identity Plat...
ForgeRock
 
Identity Live Sydney 2017 - Allan Foster & Eve Maler
ForgeRock
 
Identity Live London 2017 | Kenneth May
ForgeRock
 
Keynote: Tech, Trust, and Transformation - Paris Identity Summit 2016
ForgeRock
 
Implications of GDPR in Conjunction with UMA
ForgeRock
 
Analyst Keynote: Putting Customers First Requires Innovation and Identity - P...
ForgeRock
 
Keynote : Customer Identity Builds Digital Trust - Paris Identity Summit
ForgeRock
 
OpenAM: An Introduction
ForgeRock
 
DevOps Unleashed: Strategies that Speed Deployments
ForgeRock
 
The digital pains of retail
ForgeRock
 
Identity Live London 2017 | Marko Orenius
ForgeRock
 
A Backstage Tour of Identity - Paris Identity Summit 2016
ForgeRock
 
Ad

Similar to T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud. (20)

PPTX
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
IBM Security
 
PPT
Up 2011-ken huang
Ken Huang
 
PPTX
IAM.pptxIAM.pptxIAM.pptxIAM.pptxIAM.pptx
Gangujyothi
 
PDF
Securing your Applications for the Cloud Age
Artur Alves
 
PDF
CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...
oow123
 
PDF
Identity as a Managed Cloud Service
ForgeRock
 
DOCX
School of Computer & Information SciencesITS-532 Cloud C.docx
jeffsrosalyn
 
PDF
CIS14: Lean In: Enterprise Cloud Identity
CloudIDSummit
 
PPTX
I am sharing 'unit 3' with youuuuuu.PPTX
padhaipadhai639
 
PPTX
I am sharing 'unit 3' with youuuuuu.PPTX
padhaipadhai639
 
PDF
Cloud computing identity management summary
Brandon Dunlap
 
PDF
What is Identity and Access Management..
kandrasupriya99
 
PDF
Cloud Computing: A study of cloud architecture and its patterns
IJERA Editor
 
PDF
Aditro - IAM as part of Cloud Business strategy
Ubisecure
 
PDF
Identity and Access Management Tools
ijtsrd
 
PPTX
IAM Cloud
Aidy Tificate
 
PDF
Identity and Access Management in Cloud Computing.
kandrasupriya99
 
PDF
Identity-As-A-Service (IDaaS) – Everything You Need To Know
GauriKale30
 
PPTX
Identity and Access Management - Powerpoint
tkavipriya
 
DOCX
Directions Answer each question individual and respond with full .docx
mariona83
 
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
IBM Security
 
Up 2011-ken huang
Ken Huang
 
IAM.pptxIAM.pptxIAM.pptxIAM.pptxIAM.pptx
Gangujyothi
 
Securing your Applications for the Cloud Age
Artur Alves
 
CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...
oow123
 
Identity as a Managed Cloud Service
ForgeRock
 
School of Computer & Information SciencesITS-532 Cloud C.docx
jeffsrosalyn
 
CIS14: Lean In: Enterprise Cloud Identity
CloudIDSummit
 
I am sharing 'unit 3' with youuuuuu.PPTX
padhaipadhai639
 
I am sharing 'unit 3' with youuuuuu.PPTX
padhaipadhai639
 
Cloud computing identity management summary
Brandon Dunlap
 
What is Identity and Access Management..
kandrasupriya99
 
Cloud Computing: A study of cloud architecture and its patterns
IJERA Editor
 
Aditro - IAM as part of Cloud Business strategy
Ubisecure
 
Identity and Access Management Tools
ijtsrd
 
IAM Cloud
Aidy Tificate
 
Identity and Access Management in Cloud Computing.
kandrasupriya99
 
Identity-As-A-Service (IDaaS) – Everything You Need To Know
GauriKale30
 
Identity and Access Management - Powerpoint
tkavipriya
 
Directions Answer each question individual and respond with full .docx
mariona83
 

More from ForgeRock (20)

PDF
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
ForgeRock
 
PPTX
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
ForgeRock
 
PDF
Identity Live Sydney: Identity Management - A Strategic Opportunity
ForgeRock
 
PDF
Identity Live Singapore: Transform Your Cybersecurity Capability
ForgeRock
 
PDF
Identity Live Singapore 2018 Keynote Presentation
ForgeRock
 
PDF
Identity Live Sydney 2018 Keynote Presentation
ForgeRock
 
PDF
Identity Live Singapore: Just Ask 'Em
ForgeRock
 
PDF
Identity Live Singapore: Building Trust & Privacy in a Connected Society
ForgeRock
 
PDF
Identity Live Sydney: Intelligent Authentication
ForgeRock
 
PDF
Identity Live Sydney: Building Trust and Privacy in a Connected Society
ForgeRock
 
PDF
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
ForgeRock
 
PPTX
Get the Exact Identity Solution You Need - In the Cloud - Overview
ForgeRock
 
PDF
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock
 
PDF
Opening Keynote (Identity Live Berlin 2018)
ForgeRock
 
PDF
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
ForgeRock
 
PDF
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
ForgeRock
 
PDF
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
ForgeRock
 
PDF
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
ForgeRock
 
PDF
Shift from GDPR readiness to sustained compliance to improve your business an...
ForgeRock
 
PDF
Intelligent Authentication (Identity Live Berlin 2018)
ForgeRock
 
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
ForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
ForgeRock
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
ForgeRock
 
Identity Live Singapore: Transform Your Cybersecurity Capability
ForgeRock
 
Identity Live Singapore 2018 Keynote Presentation
ForgeRock
 
Identity Live Sydney 2018 Keynote Presentation
ForgeRock
 
Identity Live Singapore: Just Ask 'Em
ForgeRock
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
ForgeRock
 
Identity Live Sydney: Intelligent Authentication
ForgeRock
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
ForgeRock
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
ForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
ForgeRock
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock
 
Opening Keynote (Identity Live Berlin 2018)
ForgeRock
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
ForgeRock
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
ForgeRock
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
ForgeRock
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
ForgeRock
 
Shift from GDPR readiness to sustained compliance to improve your business an...
ForgeRock
 
Intelligent Authentication (Identity Live Berlin 2018)
ForgeRock
 

Recently uploaded (20)

PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Bridging biosciences and deep learning for revolutionary discoveries: a compr...
IAESIJAI
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
A Presentation on Artificial Intelligence
memembruh336
 
KodekX | Application Modernization Development
KodekX
 
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Bridging biosciences and deep learning for revolutionary discoveries: a compr...
IAESIJAI
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 

T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.

  • 1. Telekom Security: Id Security Automating ForgeRock Deployments to a Magenta Cloud - Peter Weik -
  • 2. Consumer IAM (B2C) Enterprise IAM (B2E/B2B) Internet of Things IAM (B2T) User Centric digital Identities Social Logins & User profiles Domain Centric Digital Identities Identity & Access Gov. B2B Federations with Partners & Suppliers Service Centric Digital Identities Non-Human Identities & API Security Three Disciplines of Today's Identity & Access Management
  • 3. The Modern IAM Ecosystem Identity & Access Management Things Consumers Employees PArtners Mobile Workforce Privileged Users Applications Data Office workspace User directory On-Premise/PrivateCloud Software asaService CloudPlatforms &WebServices
  • 4. Delivery Models for Cloud Based Identity & Access Mgmt Identity as a Service Multitenant IAM Offering delivered as Software as a Service in a Public Cloud.  Weak integration with existing IAM deployments in the customer domain  Focus on Single Sign-On and identity federation  Limited functionality with regards to authentication and identity management  Operation and data storage typically in the US. Very few providers operate in Germany as well  Public pricing information available, usage or user based pricing models. Managed IAM Service Application outsourcing of an IAM product within a Private Cloud offered as managed service.  Strong integration with existing IAM deployments in the customer domain possible  Full IAM functionality available (depending on IAM product used).Focus on IdM customizations.  Operation and data storage depends on customer requirements and data center locations of the service provider  No public pricing information available; Time & material based quotes are common
  • 5. “Cloudification Grades” of IdentIty & access MGMt Hosted IAM Solution HW HW HW OS OS OS IAMInstance1 IAMInstance2 IAMInstancex … One individual IAM Instance per customer with dedicated IT resources. Multi-tenant IAM as a Service HW OS Tenant1 Tenant2 Tenantx … IAM Instance One standard IAM SaaS instance for all tenants in Public Cloud VM(s) Virtualized IAM Instances One individual IAM instance per customer with virtualized IT resources VM 1 VM 2 VM x HW OS OS OS IAMInstance1 IAMInstance2 IAMInstancex … Virtualized & Containerized IAM Services Individual IAM instances per customer with virtualized IT resources and containerized IAM VM(s( VM (s) VM (s) HW OS OS OS Tenant1 Tenant2 Tenantx … IAM Instance IAM Instance IAM Instance Private Cloud Public Cloud Managed Service Un-managed Service
  • 7. “Cloudification Grade” of IdentIty Protect Pro Hosted IAM Solution HW HW HW OS OS OS IAMInstance1 IAMInstance2 IAMInstancex … One individual IAM Instance per customer with dedicated IT resources. Multi-tenant IAM as a Service HW OS Tenant1 Tenant2 Tenantx … IAM Instance One standard IAM SaaS instance for all tenants in Public Cloud VM(s) Virtualized IAM Instances One individual IAM instance per customer with virtualized IT resources VM 1 VM 2 VM x HW OS OS OS IAMInstance1 IAMInstance2 IAMInstancex … Virtualized & Containerized IAM Services Individual IAM instances per customer with virtualized IT resources and containerized IAM VM (s) VM(s) VM (s) HW OS OS OS Tenant1 Tenant2 Tenantx … IAM Instance IAM Instance IAM Instance Identity Protect Pro
  • 8. Identity Protect Pro Office 365 Identity Protect Pro Identity & Access Management from the Cloud powered by IdentityManagement Access Management Applications Data Office workspace User directory Enterprise a Applications Data Office workspace User directory Enterprise B Partner Nomadic Worker Google Box Private Cloud Salesforce
  • 9. Identity provisioning Identity Synchronization User Self Services Identity Data Management Authentication Service Adaptive Risk Evaluation Identity Federation Single Sign-On Dashboard Services Social Login Identity Protect Pro: Functionalities
  • 10. Identity Protect Pro: The IAM Software Instance vApp IAM iNSTANCE VM AS01 VM DB01 VM AS02 VM DB02 ApplicationLayerDatabaseLayer vApp FW vApp FW OSFW OSFW AppNet Web-Frontend AppNetOperation OSFW OSFW
  • 11. Identity Protect Pro: A Managed IAM Service with Tooling Remarks Configuration management by means of Subversion for the management of customer configurations within in a central repository and support of lifecycle measures for existing customer configurations that are already operational. Deployment of standardized IAM software bundles (incl. required middleware) by means of Docker. A private Docker repository eases the provisioning of patches and updates for all customer instances. Usage of T-Systems DSI vCloud (vmWare based IaaS offering) for the realization of virtual data centers for Identity Protect Pro. IT automation and orchestration of deployments (software and configurations) by means of Ansible. Virtualized & Containerized IAM Services Individual IAM instances per customer with virtualized IT resources and containerized IAM VM (s) VM (s) VM (s) HW OS OS OS Tenant1 Config&Data Tenant2 Config&Data Tenantx Config&Data … IAMInstance (Containerized) IAMInstance (Containerrized) IAMInstance (Containerized) Tools ForgeRock’s Identity Platform supports the required separation of IAM executables, IAM data and IAM configurations.
  • 12. Peace of mind – now and future Access to skilled IAM experts; compliance with international standards; deployment of the latest technologies and mechanisms. Identity Protect Pro: Identity & Access Mgmt delivered as Managed Service from a Magenta Cloud availability The solution is delivered from a high- availability Telekom/T-Systems data center – for minimum downtime. protection of Investments Identity Protect Pro complements your existing IAM infrastructures, providing staff with secure access to cloud applications. convenience Employees can request access rights via self- service workflows and single sign-on increases staff productivity. Cost savings Identity Protect Pro is charged on a demand- driven basis – so you only pay for the resources you actually need. Cost-efficiency Lower up-front investment compared to local IAM solutions (OPEX replaces CAPEX). security Identity Protect Pro is operated in a highly secure data center of Telekom/T-Systems in line with German data protection legislation. speed The deployment of high-performance hardware and broadband network connections enables fast IAM transactions. scalability Identity Protect Pro can be tailored to meet your specific day-to-day requirements (e.g. number of employees).