Contenu connexe Similaire à CIS13: Identity Bridges and IDaaS: Connecting Users, Internal Applications and Cloud Service Providers (20) Plus de CloudIDSummit (20) CIS13: Identity Bridges and IDaaS: Connecting Users, Internal Applications and Cloud Service Providers1. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
Identity Bridges and IDaaS:
Connecting Users, Internal Applications
and Cloud Service Providers
Bob Johnson, Director of IT
2. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
Agenda
Introduction
The Challenge
The Solution
The Results
3. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
ACCUVANT
The Authoritative Source for Information Security
4. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
Accuvant Is…
The Authoritative Source for Information Security
Accuvant Provides:
• Comprehensive Set of Services and Solutions
• For Enterprise-Class Organizations
• To Plan, Build and Operate
• Information Security Systems and Programs
Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
5. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
The Authoritative Source
Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
7. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
Employee Growth
0
100
200
300
400
500
2009 2010 2011 2012
NumberofEmployees
Accuvant has grown from 170 employees in 2009 to more than 500 today
8. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
Dispersed User Base
2002:
• Denver, CO
• Minneapolis, MN
2003:
• Dallas, TX
• Phoenix, AZ
• Sacramento, CA
• Los Angeles, CA
2004:
• Salt Lake City, UT
• Cleveland, OH
• Chicago, IL
2005:
• Columbus, OH
• Orange County, CA
• San Diego, CA
• Las Vegas, NV
2006:
• Santa Barbara, CA
• Houston, TX
2007:
• San Francisco, CA
• Seattle, WA
• Cincinnati, OH
2008:
• Portland, OR
• Miami, FL
2009:
• Atlanta, GA
• Kansas City, KS
• Knoxville, TN
• Milwaukee, WI
2010:
• Austin, TX
• Raleigh, NC
• Detroit, MI
• New York, NY
• Baltimore, MD
• Richmond, VA
• Honolulu, HI
• San Antonio, TX
• Montgomery, AL
2011:
• Toronto, Canada
• St. Louis, MO
• Boston, MA
• Indianapolis, IN
Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
10. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
The Dissolving Perimeter
Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
11. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
The Dissolving Perimeter
Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
12. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
Managing New Cloud Instances
Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
Cloud D
Cloud F
Cloud J
Cloud C
Cloud G
Cloud H
Cloud I
Cloud B
CloudE
Cloud A
13. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
Frustrating User Experience
Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
Too Many Systems
to Track
Too Many Passwords
to Remember
No Integration from Cloud
Systems to Internal Systems
Login
40%
Hardware
21%
Questions
27%
Access
12%
Too Many Support
Issues
16. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
Requirements
• Single Sign On for both Cloud and On-
Premise Applications
• Identity Provisioning across Cloud and On-
Premise Applications
• No development resources
17. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
Proof of Concept
• 45 minute setup
• SaaS Sandbox
• Flawless performance
19. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
Implementation
• Install on-premises federation server and run as a
windows service
• Procure certificates for IDP signing
• Install integration kits of on-premises applications
• Install connectors for SaaS applications
20. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
Issues
• URL redirection required an unplanned redirect
site (single sign on url is not a domain name
cname won’t work with url, must have domain
name)
• Each SaaS is a little different in how they label or
describe fields
• Dealing with SaaS support groups was
challenging, some wanted us to pay for their
professional services.
21. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
Issues
• High availability services required the introduction
of load balancers
• Multiple instances of the same SaaS could not use
integration kits (manual configuration)
24. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
Results of Implementation
Drop in User
Access
Issues
Easy Access
to Business
Applications
Adoption
Increased
Dramatically
Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
25. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.
Bob Johnson
1125 17th Street, Suite 1700, Denver, CO 80202
800.574.0896
bjohnson@accuvant.com
www.accuvant.com