Open sso enterprise customer pitch
- 1. OpenSSO Enterprise Daniel Raskin Senior Product Line Manager [email protected] 1
- 2. OpenSSO Enterprise Buy one solution to solve ALL of your SSO problems Web access management, Federation, and Secure Web services 2
- 3. OpenSSO Enterprise Model ● Purchase an OpenSSO Enterprise perpetual license (formerly Access Manager), Sun Identity Management Suite subscription or Java Enterprise System subscription ● Receive Support and indemnification on OpenSSO commercial builds and Express builds. ● Customers choose whichever builds works best for them! 3
- 4. OpenSSO Enterprise Options • OpenSSO Express Build > A community build that has undergone extensive automated testing and moderate manual testing by Sun Quality Assurance Engineering Team. > Delivered every 3 months • OpenSSO Commercial Build > A community build that has undergone extensive manual and automated testing by Sun Quality Assurance Engineering Team. > Delivered every 12 – 15 months 4
- 5. Solution: OpenSSO Web Access Management Three Tough Challenges. One Powerful Solution. • Centralized server configuration • Centralized agent configuration • Agent and proxy modes • AAA Identity Services • Embedded directory server for user store and policy store • XACML support for standards-based policy management • Consumes and translates 3rd party tokens from all major WAM solutions 5
- 6. Solution: OpenSSO Federation Three Tough Challenges. One Powerful Solution. • The Fedlet, 8.5MB package that allows service providers to create fully configured trust networks based SAML 2 in minutes • Multi-protocol Federation Hub, easily federate with any company regardless of what “federation language” they speak • Virtual Federation Proxy, incorporate any number of legacy authentications with a single instance of OpenSSO • Supports all major standards including SAML, WS-Federation, Liberty ID-FF, WS-Trust, WS-Security, and WS-Policy • Consumes and translates 3rd party tokens from all major WAM solutions 6
- 7. Solution: OpenSSO Secure Web Services Three Tough Challenges. One Powerful Solution. • Only standards-based solution in the world to provide a pluggable, end-to-end secure web-services solution • Out -of-box tooling by Netbeans and Glassfish • SecurityToken Service that can be deployed as an Integrated, or standalone, solution • Security Token Service that can handle token issuance, validation and translation via WS-Trust • Policy enforcement point plugins for Weblogic, WebSphere, Tomcat and JBOSS 7
- 8. Bonus: Entitlement Management • Ability to protect resources and objects within them > Generic policy engine > Policy Decision Point > Policy Management Point > Identity Web Services to invoke Authorization > Supports Java, C, REST, SOAP and XACML 8
- 9. Sun is Positioned in the Leaders Quadrant Gartner Magic Quadrant for Web Access Management, Ray Wagner, Earl Perkins, Perry Carpenter, 10 November 2008 The Magic Quadrant is copyrighted 10 November 2008 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the “Leaders” quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. The Magic Quadrant graphic was published by Gartner, Inc., as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Sun Microsystems. 9
- 10. What's Next • Carrier-Grade Monitoring (Q1 2009) • More Ease-of-Use Task Flows (Q1 / Q2 2009) • SaaS Federation Task Flows (Q1 / Q2 2009) • Entitlement Management (Q2 2009) 10
- 11. Carrier-Grade Monitoring (Q1 2009) • Working with key Telco companies to develop carrier-grade monitoring in OpenSSO • Will provide server level monitoring and management across entire OpenSSO Enterprise deployment > Test agents to ensure they are responding to client requests. > Real-time of view of OpenSSO Deployment > Quickly identify and address problems • Integrates with 3rd party monitoring and reporting tools 11
- 12. More Ease-of-Use Task Flows (Q1 / Q2 2009) • Protect a Resource Flow • Create a Realm Flow • Configure / Deploy and Agent Flow • Configure an Authentication Store • Configure an Instance • Select an Admin for a Realm 12
- 13. SaaS Federation Task Flows (Q1 / Q2 2009) • Provide simple task flows for configuring federated SSO with popular SaaS services • Focus on standards-based services rather than proprietary 13
- 14. Entitlement Management (Spring 2009) • Extend OpenSSO to solve access management, federation, secure web services and ENTITLEMENT MANAGEMENT. > Policy Engine Benchmark – Millions of policies > Killer Policy Management User interface > Build as reusable composite service for RM and IM > Policy attestation and entitlements warehouse • 3 +1 = 4 Tough Challenges. One powerful solution. 14
- 15. Entitlement Management (Spring 2009) Composite, Reusable Service • Easily embed policy management point and policy decision point as a composite, reusable service in Identity Manager, Role Manager, 3rd party application. • Allows for a single policy store and common user experience • Invoke EM web services using IDE of choice 15
- 16. OpenSSO: Latest Innovation • Presto-Change-O Install > Embedded Glassfish > JavaWebstart Installation > Pre-configured > One Click • http://tinyurl.com/openssonow 16
- 17. Free Training Labs • Five downloadable, self-paced labs > deploy two Apache Tomcat servers > SSL-enable them > install a software load balancer > install OpenSSO into the environment > configure for session failover • Includes virtual image containing OpenSolaris, Glassfish, OpenSSO and OpenDS > Fast forward or rewind image using ZFS • Go to OpenSSO.org and click on Training 17
- 18. OpenSSO Community • In less than 2 years... > 750+ project members at opensso.org > ~15 external committers • Production deployments > www.audi.co.uk 250,000 customer profiles > openid.sun.com OpenID for Sun employees > telenet.be Foundation for fine-grained authorization 18