Business Development on NetIQ IDM
By Novell Consulting Ukraine (NCU)Overview on value add of NCU
• Built new integration modules (drivers)
• Build a Risk Assesment System inside NetIQ IDM
• Enhanced user interface features of the portal IDM
UserApplication
• Comprehensive Separation of Duties management on
the application request stage.
• Other examples of enhancements made to NetIQ IDM
IDM integration module for Microstrategy
Risk Assessment System inside NetIQ IDM
Enhanced user interface features of the portal IDM UserApplication
Comprehensive Separation of Duties management
2. Overview on value add of NCU
• Built new integration modules (drivers)
• Build a Risk Assesment System inside NetIQ IDM
• Enhanced user interface features of the portal IDM
UserApplication
• Comprehensive Separation of Duties management on
the application request stage.
• Other examples of enhancements made to NetIQ IDM
4. Customers demands:
Automation of access permissions and objects management for
Microstrategy (provider of enterprise software platforms for
Data Analytics & Audits).
Who uses Microstrategy: SWIFT, 1st Financial Bank USA, Adidas, First National
Bank, Bayer Healthcare, BNP Paribas, UniCredit, Deutsche Bank AG, DHL, Samsung
Electronics, eBay, Facebook, Hyundai Mortor Company etc.
http://www.microstrategy.com/us/about-us/customers/customer-list
Current NetIQ Deliverables:
None: There are no off shelf integration modules for the leader in
analytic and audit industry: MicroStrategy.
IDM integration module for
Microstrategy
5. IDM integration module for
Microstrategy
NCU developments:
• Fully-functional driver, built according to IDM and SDK architecture from NetIQ
• Complete Java implementation, uses Java Web API from MicroStrategy SDK
• Allows bi-directional synchronization of User, Group, Report data and other
MicroStrategy metadata with NetIQ IDM
• Delivered with built-in policy set, that lets achieve a result out of box
• Tested with MicroStrategy version 9.x in an actual project in Ukraine
Future NetIQ Deliverables:
Off shelf integration modules for the leader in analytic and audit industry:
MicroStrategy.
6. • components: IDM 4.x
• deliverables: .jar, .xml
• services: installation, configuration, documentation
• support: updates & upgrades, 2nd line support
IDM integration module for
Microstrategy Deliverables by NCU
8. Risk Assessment for applied and
authorized permissions
Customers demands:
Pro-active reaction to redundant permissions risks (do not
allow to apply for the critical permission set on the
access request stage).
Receive comprehensive authorized permissions assessment
for damages forecast and re-assessment planning.
Current NetIQ Deliverables:
There are no Risk Assessment components inside NetIQ IDM.
The feature is arranged in an off-line mode through reporting - and a
refined version through Access Review.
9. Risk Assessment for applied and
authorized permissions
NCU developments:
• Data and Permissions Risk Assessment module for NetIQ IDM
(Abuse of permissions risk, Permissions loss risk, Permissions
delegation risk, Information distortion risk, Data breach risk etc.)
• Pro-active analysis of risk level feature during access request
application stage
• Worlds best practices in Risk Assessment reports
• Administration setting tools
Future NetIQ Deliverables:
Pro Active Risk Assessment for applied and authorized permissions
inside NetIQ IDM
20. Risk Assessment System module
Conclusion
●
Risk Assessment based on characteristics of the objects used in
access approval and maintenance
●
Prevention/notification during assignment of roles associated with
risks
●
Risk Analysis and Forecasting
●
Assessment Indicator settings according to Customer demands
●
Analysis visualization for critical areas retrieval and assessment
●
“Heat Map” building for analysis acceleration
●
Assessment engine scaling according to object characteristics, risks,
object evaluations
23. IDM User Application interface
features extension
Customers demands:
The ability not only to manage user group/target system role
membership though IDM, but also to manage (create, edit)
roles/access-groups in target systems WITHOUT system
administrator's help.
Current NetIQ deliverables:
Building tools for Simple forms, suitable for requests with short
number of controls (fields, checkboxes etc.)
26. User Application + jqGrid
• Open Source jqGrid solution integration with
UserApplication Interface.
• jgGrid controls binding with IDM role-based system.
• As a result — ability to build more robust target system
permission management interfaces.
When need such features:
• Integration with systems that does not have native
interfaces for permission grouping or systems with
inconvenient interfaces.
• Demand to create and transfer to business the interfaces
for target system object creation (particularly topical in
banking).
28. Customers demands:
Prevent the registration request on conflict roles (SoD), having
invested the role of the lower levels.
Current NetIQ Deliverables:
NetIQ IDM does not check SoD policies in online forms and between
role model levels. NetIQ IDM does not communicate with the user in
case of policy violation.
Avoiding conflict of roles order
29. SoD Online control from
UserApplication forms
• SoD validation on all built-in
levels in UserApplication
forms.
• SoD violation notification.
• SoD policies creation
interface stays unchanged.
BusinessBusiness
Role 1Role 1
BusinessBusiness
Role 2Role 2
CommonCommon
Role 1Role 1
CommonCommon
Role 2Role 2
CommonCommon
Role 3Role 3
Prohibited
roles combi-
nation (SoD)
30. Other examples of enhancements
made to NetIQ IDM
• Optimized existing drivers (ActiveDirectory, Lotus Notes)
• Digital Signature solution made inside the approval
processes stage
• Extended and customized IDM reports