simplifying sharepoint security is easier than you think · simplifying sharepoint security is...

Build Trust, Deliver Value

Simplifying SharePoint SecurityIs Easier Than You ThinkIs Easier Than You Think

March 17, 2010

Novell and CrescentBuild Trust, Deliver Value

Enterprise Technology Consulting

Identity and Security Management Consulting

Information ManagementFocus on Solving Customer

ManagementEnterprise-wide LinuxSystems Management g

Business IssuesStrategic InitiativesTactical Project Execution

Systems Management

Tactical Project Execution

Managing Access to SharePointBuild Trust, Deliver Value

• Small / Medium Enterprise

– Active Directory – SharePoint Identity / Policy Store

– Administrator manages users and policies in the common store

• Large Enterprise / Multiple Communitiesg p p

– Active Directory – SharePoint Identity / Policy Store

– LDAP and legacy policy stores

– Extranets, customers and partners, Open Source users, multiple BUs

– International regulations, privacy laws

– Heavy administrative load managing users, policies

Without Novell Access ManagerManaging Access to SharePointBuild Trust, Deliver Value

• SharePoint user management for multiple communities– Options:p

> Manual registration / management

> User name/password databases

– Issues> Management overhead

> Security holes, orphaned accounts, shared passwords

> Difficult to audit, limited accountability

Microsoft Active Active

eDirectory “Employees”

SharePoint Directory “SharePoint”

Active Directory

Sun One “Customers”

Federated IdentityBuild Trust, Deliver Value

Claims-based authenticationauthentication

WS-Federation

Security Token ServiceSecurity Token Service

Similar to AD Trust relationshipse a o s ps

Heterogeneous environments

More control over 3rd

party access

Without Novell Access ManagerSharePoint and Novell® Access Manager™

Build Trust, Deliver Value

eDirectory Novell Access

Easy access to SharePointUsers authenticate to Access

Active Directory

y“Employees”

Novell Access ManagerManager

Users access SharePointDirectory

Sun One “Customers”

Access Managertransforms LDAP

and FederatedIdentity into ADFS

claims

Single Sign-on

Improved user experience

Si lifi d d i i t tiSimplified administration

Map claims to existing SharePoint or Active Directory groups

MicrosoftSharePoint

Active Directory

“SharePoint”

y g p

Single place to administer security

No dead or orphan accounts

Novell® Access Manager™ 3.1Build Trust, Deliver Value

Single solutions protects Web and Enterprise applications

SAML WS Federation Liberty AllianceSAML, WS-Federation, Liberty Alliance

No modification to web servers/infrastructure

P id ll t bilitiProvides all access management capabilities

Authentication, Authorization, web single sign-on, personalizationpersonalization

SSL VPN out of the boxMulti-platform supportMulti-platform support

Client integrity checking

“Shredded after use” folders

Identity and Access ManagementBuild Trust, Deliver Value

Identity and Access ManagementBuild Trust, Deliver Value

IdentityManagement Roles

Management

SimplifiedSecureAccessAccess

PasswordManagement

AccessCertification

Build Trust, Deliver Value

N ll A M 3 1Novell Access Manager 3.1

Demonstration

• Secure Extranets and PortalsSecure Extranets and Portals• Microsoft/Novell engineered

for SharePoint• User management tools• Web single sign-onWeb single sign on• Policy-based governance• No orphan accountsNo orphan accounts

Build Trust, Deliver Value

Stuart Proffitt, PrincipalId tit d A M tIdentity and Access Management

SProffitt@novell.com530-878-1873

J Steven Fritzinger Vice President

530-878-1873

J. Steven Fritzinger, Vice PresidentInformation Management & Business Productivity

steve.fritzinger@crescententerprise.netsteve.fritzinger@crescententerprise.net703-349-4226