webinar: access management with the forgerock identity platform - so what’s new?

© 2016 ForgeRock. All rights reserved.

Access Management with the ForgeRock Identity Platform

So What’s New?

Andy Hall, Director of Product ManagementMarkus Weber, Senior Product Marketing Manager


• Fastest-growing open source identity security software company in the world

• Founded: 2010• Headquartered in San Francisco with offices

in 6 countries• Employees: 350+• Customers: 400+ Enterprises in 30+ countries• Global Reach: ~50% international revenue• Hybrid Revenue Model with low Churn: <5%• Funding to Date (thru Series C): $52M• Investors: Accel Partners, Foundation Capital

and Meritech Capital Partners

Key Facts Mission Statement

ForgeRock: At a Glance

The forgerock identity platform currently powers

more than 500 million identities. It is our goal to become the market leader

in digital transformation and security for enterprise

identity worldwide.


Shared Services : User Interface, Self-Service, REST API, HTTP, Scripting, Audit and Logging

Federation Synchronization

Authentication & Strong Authentication

Identity Provisioning Application & Service Gateway

Authorization & UMA Provider

Workflow Engine IoT Identity Gateway

Adaptive Risk Self-Service Password Capture & Replay

UMA Protector

Access Management Identity Management Identity Gateway

Data Store

High Availability

Data Segmentation

LDAP / REST

Directory Services

Open Standards, High Availability, On-Premises, Cloud, Hybrid

The ForgeRock Identity Platform is built from the open source projects OpenAM, OpenIDM, OpenIG and OpenDJ

The ForgeRock Identity Platform


What’s New inAccess Management


Access ManagementThemes

• Smarter Security• Privacy and Consent• Internet of Things• Scalability and Performance• Ease of Use• Developer-friendly


Smarter SecurityAuthentication

• Mobile Authenticator App and Authentication Module

• iOS and Android• Strong 2FA based on OATH

standard• Easy to setup using QR codes• Integrated with Contextual

Authentication


Smarter SecurityAuthentication

• SAML Authentication Module• Brings federation into

authentication framework• Contextual Authentication now

applied to federated identities


Smarter SecurityContextual Authorization

• Enhanced Policy Editor supporting Scriptable Conditions

• Custom logic integrated into Policy decisions

• Supports Javascript or Groovy• REST-calls to external Policy

Information Points (PIP)

Access Management Session

Contextual Change

System Detects

New Location

System detects change during session and

requests further authentication


Smarter SecurityUniversal Authorization

• New Resource Types• Define arbitrary resource

descriptions using patterns and actions

• Policies can apply to multiple Resource Types


Smarter SecurityCommon Audit Framework

• Common Audit Framework• Complete view of activity

across all products• Extensible architecture

delivering CSV, JDBC, Syslog• Realm-specific Auditing• Fine-grained control of logging

ForgeRock Identity Platform

Common System & Activity

Logs

Access Management

Identity Management

Identity Gateway

Directory Services


Privacy and ConsentUser Managed Access

• Putting users in control of access to their data

• Fully compliant UMA Authorization Server

• REST APIs and User Resource Pages

• Supporting:• Resource Set Registration• Resource Sharing• Resource Labeling• Pending Requests• Audit history


Internet of ThingsOAuth2 Device Flow

• De-facto standard for pairing devices with user identities

• Ideal for devices with no input and limited output capabilities

• Revocation controlled by user


Scalability and ElasticityStateless Sessions

• New deployment option• Per-Realm attribute• JWT-based sessions• Ideal for Elastic Cloud-based

deployments• Massive horizontal scalability

12:00

:00 A

M

1:00:0

0 AM

2:00:0

0 AM

3:00:0

0 AM

4:00:0

0 AM

5:00:0

0 AM

6:00:0

0 AM

7:00:0

0 AM

8:00:0

0 AM

9:00:0

0 AM

10:00

:00 A

M

11:00

:00 A

M

11:59

:59 A

M

Demand

Clus

ter S

ize

Elastic Load Balancer


Ease of UseNew Administrator and End-User Interfaces

User• Rich user experience with latest XUI • Contextual tools to streamline UX• Extended self-service capabilities

Administrator• Powerful improvements to Administration

Console• Easier configuration using XUI• Realm-centric administration• Common task wizards e.g. OAuth2

Providers


Developer-friendlyForgeRock Platform Services

• More REST endpoints to extend developer flexibility

• More Scriptable extension points• Consistent and Responsive User

Interfaces• New SOAP-STS • Standards conformance

• OpenID Certified

http://oixnet.org/openid-certifications/


ForgeRock Access ManagementSummary

• Smarter Security• Privacy and Consent• Internet of Things• Scalability and Performance• Ease of Use• Developer-friendly


Thank You!

Questions?

webinar: access management with the forgerock identity platform - so what’s new?

Software