Transcription
Web Access Management in the Cloud:Problem Solved!Single Sign On, Session Management and how to use your existing on-premisesAccess Management solution to protect applications in the Cloud
SSO/Rest Solves Many ChallengesApplications in the Cloud"Agent-less" InfrastructureAJAX / Mobile / Thick ClientApplication IntegrationServer-side ApplicationIntegration5 SSO/RestUse Caseswww.idfconnect.comWAM-as-a-Service2
A Common Quandary!Key QuestionHow do we leverage our existing WAM infrastructure to handle platforms & applications in the public cloud?The SituationConstraints50 or more applicationsintegrated with your onpremises WAM infrastructureNO new firewall portsMultiple user directoriesNO cloud-to-datacenter VPNsMultiple Password policiesNO syncing/pushing employeecredentials to the cloudMultiple authenticationmechanismswww.idfconnect.com3
A Complete Web Access Management o-Live04AuthenticationManagementWeb AccessManagementIdle SessionTimeoutSingleSign Onwww.idfconnect.com02Access ControlEnforcement034
WAM Gaps in the ive04AuthenticationManagementWeb AccessManagement(Gaps in theCloud)Idle SessionTimeoutSingleSign Onwww.idfconnect.com02Access ControlEnforcement035
WAM Gaps in the CloudAll Solved by o-Live04AuthenticationManagementWeb AccessManagement(Gaps in theCloud)Idle SessionTimeoutSingleSign Onwww.idfconnect.com02Access ControlEnforcement036
Remember: Federation is NOT the Same as Web Access ManagementFederationWeb Access Management (WAM)future businesswww.yourwebsite.comfuture businesswww.yourwebsite.comPolicy Enforcement Point (PEP)AuthenticationPolicy Decision Point (PDP)One-time handoff from partner IDPPerimeter DefenseAccess controlAuditSession lifecyclemanagementLimited logout capabilitywww.idfconnect.com7
The SSO/Rest SolutionSSO/Rest combines existingand emerging technologies toextend the perimeter of yourWAM solution safely andsecurely into your public CloudplatformsARest based- lightweightBEngineered to solve thisproblemCEasy to use, handles latency,transparent .DNo firewall holes - secureSSO/Rest!www.idfconnect.com8
SSO/Rest Solution ArchitectureCorporate NetworkCloudBrowserCloud App(s)SSO/Rest GatewayPolicy Decision PointLegendSSO/RestPluginBrowser HTTP trafficSSO/Rest HTTP trafficwww.idfconnect.comCA SSO (SiteMinder) Agent tunnel9
SSO/Rest Features Enforces access policies, session management rules and timeouts across all apps whether on-site orcloud-based Broad Plug-in support, including Apache HTTP Server, Microsoft IIS, NGINX, generic .Net and J2EE, IBMWebSphere, Red Hat Wildfly (JBoss), Apache Tomcat, and Oracle WebLogic Built-in web application and service for plugin self-registration Rich client integration support for AJAX, Adobe Flex, Microsoft Silverlight, and Mobile applications Comprehensive OAuth and OIDC support, including wrapping vendor-specific SSO tokens insideOAuth/OIDC tokens for tightest integration and security Gateway component is available as a J2EE WAR file, a preconfigured Tomcat zip distribution, a VMappliance, or a Docker image Supports CA SSO and Oracle Access Manager – with a standalone policy decision point based on anXACML rules engine coming in Q3 Fully supports most cloud-based platforms, including Amazon AWS, Microsoft Azure, Google AppEngine, and CloudFoundry Extensible agent logic (something that most WAM out-of-the-box agents cannot provide)www.idfconnect.com10
SSO/Rest Web Service Endpoints“Look Mom! No VPN!”LoginUpdate SessionGatewaySSO/RestEngineEnable / DisableChange PasswordValidate SessionisProtectedisAuthorizedwww.idfconnect.com11
Proven Successes with Large EnterprisesSeamless and Secure IntegrationFortune 50 retail company makes an acquisition, and hasseamlessly and securely integrated the new web apps with itseCommerce portal, without having to bring the apps in-houseor creating a VPN to the new companySuccessfully Move .Net applications to Microsoft AzureFortune 50 finance company successfully moves its .Netapplications to Microsoft Azure while preserving all of its SSOintegrations, authentication and access policies, and auditcapabilitiesHTML5jsCSS3XMLCloudPHPAcquired Company Existing Web AppsASP.NETC#.NETIIS.Net Applicationswww.idfconnect.comeCommerce PortalMicrosoft Azure12
Also check out our other products:www.idfconnect.com/productsTurn CA SSO into your Enterprise 2-FactorAuth Solution with SSO/MobileKey. Formore details K YOU!For More Information, Please VisitIDF Connect, Inc.2207 Concord Pike #359Wilmington, DE 19803Phone: (888) 765-1611Fax: (888) nkedin.com/in/rsandwww.facebook.com/IDFConnect
d Browser HTTP traffic SSO/Rest HTTP traffic CA SSO (SiteMinder) Agent tunnel Corporate Network SSO/Rest Plugin Cloud Browser. www.idfconnect.com 10 SSO/Rest Features Enforces access policies, session management rules and timeouts across all apps whether on-site or cloud-based
