Upload File

web access management in the cloud: problem solved! · web access management in the cloud: problem...

  • Home
  • Documents
  • Web Access Management in the Cloud: Problem Solved! · Web Access Management in the Cloud: Problem Solved! Single Sign On, Session Management and how to use your existing on-premises
13
Web Access Management in the Cloud: Problem Solved! Single Sign On, Session Management and how to use your existing on-premises Access Management solution to protect applications in the Cloud

Upload: others

Post on 05-Jun-2020

10 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Web Access Management in the Cloud: Problem Solved! · Web Access Management in the Cloud: Problem Solved! Single Sign On, Session Management and how to use your existing on-premises

WebAccessManagementintheCloud:ProblemSolved!SingleSignOn,SessionManagementandhowtouseyourexistingon-premisesAccessManagementsolutiontoprotectapplicationsintheCloud

Page 2: Web Access Management in the Cloud: Problem Solved! · Web Access Management in the Cloud: Problem Solved! Single Sign On, Session Management and how to use your existing on-premises

2www.idfconnect.com

Server-sideApplicationIntegration

AJAX/Mobile/ThickClientApplicationIntegration

ApplicationsintheCloud

WAM-as-a-Service

"Agent-less"Infrastructure

5SSO/RestUseCases

SSO/RestSolvesManyChallenges

Page 3: Web Access Management in the Cloud: Problem Solved! · Web Access Management in the Cloud: Problem Solved! Single Sign On, Session Management and how to use your existing on-premises

3www.idfconnect.com

TheSituation

50ormoreapplicationsintegratedwithyouron-premisesWAMinfrastructure

Multipleuserdirectories

MultiplePasswordpolicies

Multipleauthenticationmechanisms

ACommonQuandary!

Constraints

NOnewfirewallports

NOcloud-to-datacenterVPNs

NOsyncing/pushingemployeecredentialstothecloud

KeyQuestion HowdoweleverageourexistingWAMinfrastructuretohandleplatforms&applicationsinthepubliccloud?

Page 4: Web Access Management in the Cloud: Problem Solved! · Web Access Management in the Cloud: Problem Solved! Single Sign On, Session Management and how to use your existing on-premises

4www.idfconnect.com

AuthenticationManagement

AccessControlEnforcement

SingleSignOn

IdleSessionTimeout

SessionMaximumTime-to-Live

CentralizedAudit

WebAccessManagement

06 01

02

0304

05

ACompleteWebAccessManagementSolution

Page 5: Web Access Management in the Cloud: Problem Solved! · Web Access Management in the Cloud: Problem Solved! Single Sign On, Session Management and how to use your existing on-premises

5www.idfconnect.com

CentralizedAudit

CentralizedAudit

WAMGapsintheCloud

AuthenticationManagement

AccessControlEnforcement

SingleSignOn

IdleSessionTimeout

SessionMaximumTime-to-Live

01

03

06

SessionMaximumTime-to-Live

IdleSessionTimeout

AccessControlEnforcement

02WebAccessManagement(Gapsinthe

Cloud)

04

05

Page 6: Web Access Management in the Cloud: Problem Solved! · Web Access Management in the Cloud: Problem Solved! Single Sign On, Session Management and how to use your existing on-premises

6www.idfconnect.com

AccessControlEnforcement

IdleSessionTimeout

SessionMaximumTime-to-Live

CentralizedAudit

CentralizedAudit

WAMGapsintheCloudAllSolvedbySSO/Rest

AuthenticationManagement

AccessControlEnforcement

SingleSignOn

IdleSessionTimeout

SessionMaximumTime-to-Live

01

03

06

02WebAccessManagement(Gapsinthe

Cloud)

04

05

Page 7: Web Access Management in the Cloud: Problem Solved! · Web Access Management in the Cloud: Problem Solved! Single Sign On, Session Management and how to use your existing on-premises

7www.idfconnect.com

Remember:FederationisNOTtheSameasWebAccessManagement

Federation WebAccessManagement(WAM)

One-timehandofffrompartnerIDP

LimitedlogoutcapabilityPerimeterDefense

Audit

Accesscontrol

www.yourwebsite.com

future business

PolicyEnforcementPoint(PEP)

PolicyDecisionPoint(PDP)

www.yourwebsite.com

future business

Authentication

Sessionlifecyclemanagement

Page 8: Web Access Management in the Cloud: Problem Solved! · Web Access Management in the Cloud: Problem Solved! Single Sign On, Session Management and how to use your existing on-premises

8www.idfconnect.com

TheSSO/RestSolution

A

B

C

D

SSO/Restcombinesexisting

andemergingtechnologiesto

extendtheperimeterofyour

WAMsolutionsafelyand

securelyintoyourpublicCloud

platforms

SSO/Rest!

Restbased- lightweight

Nofirewallholes- secure

Easytouse,handleslatency,transparent….

Engineeredtosolvethisproblem

Page 9: Web Access Management in the Cloud: Problem Solved! · Web Access Management in the Cloud: Problem Solved! Single Sign On, Session Management and how to use your existing on-premises

9www.idfconnect.com

SSO/RestSolutionArchitecture

CloudApp(s) SSO/RestGateway PolicyDecisionPointLegend

BrowserHTTPtraffic SSO/RestHTTPtraffic CASSO(SiteMinder)Agenttunnel

CorporateNetwork

SSO/RestPlugin

Cloud

Browser

Page 10: Web Access Management in the Cloud: Problem Solved! · Web Access Management in the Cloud: Problem Solved! Single Sign On, Session Management and how to use your existing on-premises

10www.idfconnect.com

SSO/RestFeatures• Enforcesaccesspolicies,sessionmanagementrulesandtimeoutsacrossallappswhetheron-siteor

cloud-based• BroadPlug-insupport,includingApacheHTTPServer,MicrosoftIIS,NGINX,generic.Net andJ2EE,IBM

WebSphere,RedHatWildfly (JBoss),ApacheTomcat,andOracleWebLogic• Built-inwebapplicationandserviceforpluginself-registration• RichclientintegrationsupportforAJAX,AdobeFlex,MicrosoftSilverlight,andMobileapplications• ComprehensiveOAuthandOIDCsupport,includingwrappingvendor-specificSSOtokensinside

OAuth/OIDCtokensfortightestintegrationandsecurity• GatewaycomponentisavailableasaJ2EEWARfile,apreconfiguredTomcatzipdistribution,aVM

appliance,oraDockerimage• SupportsCASSOandOracleAccessManager– withastandalonepolicydecisionpointbasedonan

XACMLrulesenginecominginQ3• Fullysupportsmostcloud-basedplatforms,includingAmazonAWS,MicrosoftAzure,GoogleApp

Engine,andCloudFoundry• Extensibleagentlogic(somethingthatmostWAMout-of-the-boxagentscannotprovide)

Page 11: Web Access Management in the Cloud: Problem Solved! · Web Access Management in the Cloud: Problem Solved! Single Sign On, Session Management and how to use your existing on-premises

11www.idfconnect.com

“LookMom!NoVPN!”

SSO/RestEngine

Login

UpdateSession

Validate Session

isProtected

Gateway

Enable/ Disable

Change Password

isAuthorized

SSO/RestWebService Endpoints

Page 12: Web Access Management in the Cloud: Problem Solved! · Web Access Management in the Cloud: Problem Solved! Single Sign On, Session Management and how to use your existing on-premises

12www.idfconnect.com

IIS

HTML5

XML

Cloud

CSS3

ProvenSuccesseswithLargeEnterprises

SeamlessandSecureIntegrationFortune50retailcompanymakesanacquisition,andhasseamlesslyandsecurelyintegratedthenewwebappswithitseCommerceportal,withouthavingtobringtheappsin-houseorcreatingaVPNtothenewcompany

SuccessfullyMove.Net applicationstoMicrosoftAzureFortune50financecompanysuccessfullymovesits.NetapplicationstoMicrosoftAzurewhilepreservingallofitsSSOintegrations,authenticationandaccesspolicies,andauditcapabilities

js

PHP

AcquiredCompanyExistingWebApps

.NET

.Net Applications MicrosoftAzure

C#

eCommercePortal

ASP.NET

Page 13: Web Access Management in the Cloud: Problem Solved! · Web Access Management in the Cloud: Problem Solved! Single Sign On, Session Management and how to use your existing on-premises

THANK YOU !ForMoreInformation,PleaseVisit

IDFConnect,Inc.2207ConcordPike#359Wilmington,DE19803Phone:(888)765-1611Fax:(888)765-7284

www.idfconnect.com

www.linkedin.com/in/rsand

@IDFConnect

www.facebook.com/IDFConnect

@rsand2

TurnCASSOintoyourEnterprise2-FactorAuth SolutionwithSSO/MobileKey.Formoredetailsvisitwww.idfconnect.com/products/sso-mobilekey/

Alsocheckoutourotherproducts:www.idfconnect.com/products


Operatoin Management Solved

TE_6_A Problem Shared = A Problem Solved!

Electric Circuits Class (Solved problem set F)

High RTWP Problem Solved with InterferenceAdvisorTM

Problem solved? Absurdist humour and incongruity-resolution

ME 301 THEORY OFD MACHINES I SOLVED PROBLEM SET 3me301.cankaya.edu.tr/uploads/files/ME 301 Solved... · ME 301 THEORY OFD MACHINES I SOLVED PROBLEM SET 3. a) b) PROBLEM 2 In the six-link

Electric Circuits Class (Solved problem set E)

Prudy's Problem and how she solved it

Scan 3 -MDOF Solved Problem Structural dynamics

Problem solved: university research answering today’s

Problem Solved Employees

Global Problem Solved!

KOPLA Warpage Problem Solved Using Moldex3D Integrated

High RTWP Problem Solved with InterferenceAdvisor

Problem Solved! Managing Electronic Resource Workflows

Common C programming problem (solved)

A problem defined is a problem half solved

Solved Example Transportation Problem Help for Transportation Model, Management, Homework Help - Transtutors

Is cosmology a solved problem?

The Expression Problem solved, finally!

Electric Circuits Class (Solved problem set D)

Pidm Problem Solved

WorldVentures Review | WorldVentures Biggest Problem Solved

Time Work Solved problem

Big Ideas, Focused Action, Problem Solved

Decision theory - Decision Analyisis 4 Solved problem

The Great BYOD Problem, Solved!

Another condensation problem solved with the BES

3.1 Solved Problem Set.pdf

Mid Term Problem 3 Solved

Nonlinear Programming, Solved Problem

Is the database a solved problem?

Certificate Management Problem Solved - Comodo...Certificate Management Problem Solved “Since installing the Comodo Certificate Manager solution, it has become a major part ... aid

Problem Solved | 6272webproducts.jj-invision.com/ProductPages/ProblemSolved_6272.pdf · Problem Solved | 6272 ... Protection from Delamination Failure, Tuft Bind Strength (edge ravel,

GFS MOS Wind Guidance: Problem Solved?