Oracle Identity Management 11g R2 is designed to simplify the user experience, support cloud, mobile and social sign-on, and provide optimized system performance at a lower cost. The presentation outlines features of Oracle Identity Management 11g R2 such as mobile sign-on, privileged account management, and increased system directory server performance.
A lot has happened since OOW2011Workplace technology continues to evolve – we are seeing an explosion in mobile devices, social applications are important business tools, and cloud applications continue to proliferateIdentity management is at the center of how we work and collaborate. With R2 we focused on enabling the interaction and securing the experienceThe social enterprise will transform the way we collaborate as drastically as email as transformed the way we communicate.11gR2 was launched in July – and it was a major release for usLet me take you through some of the new functionality that we released
The theme of our 11gR2 launch was Simplify and Innovate – and we focused on 4 key areasSimplified User experience means that we focused on making our products easier to use, easier to customize and easier to configure.we wanted to take many of the common tasks users are doing and drastically simplify them for example Requesting access through a role or an entitlement is as simple as shopping online for the access needed.We integrated with Fusion Middleware ADF to make the user interface more configurable than ever before. Instead of just field and cascading style sheets, we now have the ability to redesign the entire screen with a simple web composer UI.The customizations are durable across releases and upgrade proof.We continue to focus on better Integration across the various products. We now consistently use our Entitlements server as an authorization engine within our Identity and Access products. We’re converging Federation functionality with Web Access and SSO. We’re creating a platform of security We enhanced our products with management features for Cloud, social and mobile applications, so that you can use your existing Oracle technology to manage these new platformsAs new forms of non-carbon based identities get IP addresses and mini-processors, we are pushing the limits of scale. We now have millions of cars, video game consoles, smart meters that have applications running on them that need to be secured. We are testing our products to meet those scaling requirements.We also recognized that our Sun customers were looking for a stable clear upgrade path and we put in migration and coexistence features to help make the transition to the next generation Oracle technologies
Cloud mobile and social are driving the biggest re-architecture in the past 20 yearsWe responded to the trend by creating a foundation for mobile identity managementExtending access control to encompass social sign-on And embraced open standards that would make it easier for customers to adopt public and private clouds With the R2 release we set the foundation for a mobile strategy that would allow IT organizations to leverage their existing policies internally to control access from mobile applications Today most organizations see mobile access as a VPN alone activity – but VPN’s are in-effective and don’t address the fundamental challenges with application authentication and authorizationToday 76% of mobile apps store credentials on the device and 10% of those store the password in plain text. Application developers today have no alternatives With R2 we provide an alternative so organizations can get it right the first time With R2 we don’t just provide mobile sign on .. we provide the ability to collect location data and other metrics about the device including OS version.
Every customer we speak with has hundreds and maybe thousands of accounts that are not associated with a named user. These are “root” accounts, application schemas in a database, or other shared accounts. These are typically very powerful accounts – with broad reaching privileges. The challenge customers have is that multiple people know the passwords to these high risk accounts and hence making it impossible to be able to audit and trace the usage to a single person. As people move into cloud environments, this problem gets worse.So what we are providing here is a password checkout system for shared OS, application and database accounts. With privilege account manager we can lease an account to a user for a period of time and remove the access when the time period has expired.Today most privileged account management solutions are aimed at single systems or intended as point solutions. The gap is that the lack a 360 degree view of accessWe are taking a platform approachIt takes a platform approach leveraging the connectors, workflows, certification and closed loop remediation of OIA and OIMProvides emergency access – and removes access within a given timeframe.With service accounts – we can control the time of day the account is used etc.
Because of the increasing demands put on directory services, we introduced a combined hardware and software Optimized System for Unified DirectoryOracle hardware engineers and software engineers worked together to match SPARC server hardware, dedicated storage and Unified Directory Software to get the highest performance available with off the shelf components.We are seeing up to 3x performance gains, by using high speed load balancing and while maintaining a HA configurationSince we pretuned the system, customers can expect quicker implementation times due to reduced configuration and testing – which brings significantly reduces costWe extended the scale of access management testing up to 250M users
It’s a very interesting time to be in ITWe are seeing a very significant shift in the way IT helps drive business into new markets to capture new opportunities and to engage customers in new waysBusiness is using IT to transform that way it worksAnd the way we work for our business is changing as well
With internet enabled mobile devices we can now work wherever we are – we no longer need to be in an office to get our work doneOur employees want access from any location: often over public wifi and increasingly with their own devices, so that changes how we think about application access.
Today many companies have an identity solution that covers a handful of users or a handful of apps but what they really want to do is cover all of their apps and users. To scale they need to simplify the deployment and simplify the user experience. When the experience is simple users do more instead of calling the help desk. Simplicity enables the scale. Today most solutions take too many FTE’s to manage and deploy. Simplicity enables the operational scale Many IDM deployments stall because the solution reaches a threshold of complexity so that they become un-usable and users see depreciating returns from expanding the deployment. The flexibility in R2 enables user satisfaction so that as we grow it enables user satisfactionInstead of installing multiple offerings that are purchased separately we have consolidated into 3 convenient suites so acquiring a new component is easy.
We have a lot of great customer references – these are customers dealing with a lot of the same issues you are dealing with - and they have agreed to share their successLet us help you build a roadmap for success
Oracle is a social company, we are social internally, and we are social with our customers.I encourage you to engage us online by joining the conversation on our Facebook page, follow our tweets and read our blogs