More Related Content Similar to CON8040 Identity as a Service - Extend Enterprise Controls and Identity to the Cloud (20) CON8040 Identity as a Service - Extend Enterprise Controls and Identity to the Cloud1. Roger Wigenstam
Oracle Identity Management
September 29, 2014
Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
Identity as a Service
Extend Enterprise Controls and Identity to the Cloud
2. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
Safe Harbor Statement
The following is intended to outline our general product direction. It is intended for
information purposes only, and may not be incorporated into any contract. It is not a
commitment to deliver any material, code, or functionality, and should not be relied upon
in making purchasing decisions. The development, release, and timing of any features or
functionality described for Oracle’s products remains at the sole discretion of Oracle.
Oracle Confidential – Internal/Restricted/Highly Restricted 2
3. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
Program Agenda
Cloud Ready Identity Management
Managed Cloud Identity
Public Cloud Identity Services
Customer Presentation – Sanjeev Topiwala, Intuit
1
2
3
Oracle Confidential – Internal/Restricted/Highly Restricted 3
4
4. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
Enterprise IT Challenges
CLOUD • Extend Business Processes to Cloud Apps
• Simplify Access to Cloud Apps from Any Device
• Maintain Awareness of Cloud Apps
• Expand Private Cloud Services
5. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
On-premise or Private Cloud
Identity Governance
Access Management
Mobile Security
Directory
CLOUD READY
IDENTITY SERVICES
MANAGED IDENTITY
SERVICES
PUBLIC CLOUD
IDENTITY SERVICES
Pre-configured, Oracle
Managed Identity Service
Full Enterprise IDM
functionality
Manage access to Enterprise
and SaaS Apps
Identity as a Service - hosted in
the Oracle Cloud
Integrated SSO and User
Management
Pre-configured for all major
Cloud / SaaS apps
Integrated with Enterprise IDM
Now Now FY15
Oracle Cloud Identity Initiatives
6. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
Oracle Cloud Identity Initiatives
On Premise
IDM
Enterprise Apps
Oracle Managed
IDM
Enterprise Apps
On Premise or
Oracle Managed
IDM
Enterprise Apps Oracle
Cloud Identity
Services
8. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
Oracle Identity Governance
Unified Approach for Complete Identity Governance
Business-Friendly
Request Catalog
Streamlined Business
Process for Approvals
Intelligent and Flexible
Certification
Scalable and Rapid
Fulfillment
Extensible, Customizable
Privileged Access and Audit
9. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
Oracle Access Management
Cloud Access Portal
• Cloud SSO Portal
– Provide seamless access to SaaS, Partner, and OAM
protected resources
– Web-based interface that adapts to the device
– RESTful interfaces enable integration and
customization
– Cloud SSO through different technologies
• Federation, Form-Fill, Multi-Factor
10. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
Authentication
• 250M Users
• 3K TPS – 1 server
• 5K TPS – 2 servers
Authorization
Oracle Access Management
Scalability for the Cloud
12. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
Business Drivers for Managed Solutions
• Eliminate need to hire specialized resources
• Eliminate need to install and maintain supporting
infrastructure
• Budget limitations for upfront investments
• Seamless integration with hosted/SaaS
applications
• Align with broader IT outsourcing strategy
• Operational efficiency
13. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
• Distinct offerings for Identity Governance and
Access Management
• Hosted by Oracle Managed Cloud Services (OMCS)
– Pre-packaged
– Pre-sized
– Rapid deployment with room to scale
• Fully functional, customizable products
• Single-tenant software, dedicated hardware
• Dedicated Oracle solution delivery engineer
• Powered by IDM 11gR2 PS2
MANAGED IDENTITY
SERVICES
Managed Identity as a Service (MIDaaS)
Customer owned, Oracle managed
14. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
Embassy-Grade Security
• Virtual Private Clouds
• VPN connectivity to enterprise included
• Optional public Internet connectivity
• Unique customizable security for firewalls
• SSAE16 audited and ISO certified
Performance & Availability
• Uptime: 99.9% and up - based on
demand
• Complete redundancy
• Sub-millisecond access time
• 24x7 round-the-clock support
Managed Cloud Services
Security, Quality of Service, and Integration in the Cloud
15. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
ACCESS EXTENDEDGOVERNANCE
•Solution Package
• Single Sign-On
• Federation
• Mobile, Social
• OAuth, Secure Tokens
• Identity Store
• Directory Sync
+ Supporting Infrastructure
Managed Identity Offerings
•Solution Package
• User Provisioning
• Role Management
• Certification
• Separation of Duties
• Connectors
+ Supporting Infrastructure
• Any additional IAM functionality
• Mobile Security
• Risk & Fraud Detection
• API Security
• Fine Grained Authorization
• Enterprise Single Sign-On
• Access Portal
• Privileged Access
+ Additional environments
+ Custom topologies & requirements
16. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
• Development, Production Support, and Production environments
• DMZ, private mid-tier, and DB deployment tiers
• HA configuration (RAC DB) with full hardware redundancy
• DR (active-passive) option
• 600 GB of storage per environment (configurable)
Managed Identity as a Service
Standard Environment
17. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
• Oracle has over 19 data centers globally
• OMCS currently operates in a select set of Oracle and partner data centers
• North America: Austin, Salt Lake City, and Rocky Mountains
• EMEA: Linlithgow (Scotland), Reading (England)
• APAC: Sydney
• Disaster recovery sites
• Choice of secondary DC determined by primary DC region
OMCS Data Centers
Global Footprint
19. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
• Organizations continue to adopt SaaS applications to meet various
business demands including CRM, HCM and Collaboration.
– Quick time to value, reduced infrastructure costs and reduced management
overhead are just some of the promised benefits.
• Organizations are also realizing the cost of these benefits:
– Lack of visibility and control
– Provisioning & De-provisioning challenges
– Users are forced to remember multiple usernames and passwords
– Traditional enterprise IAM is complex to integrate
Market Trends & Challenges
The New Digital Experience
20. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
Manages SaaS account provisioning and
de-provisioning
Simplifies the user experience to access
SaaS applications (SSO)
Provides seamless integration with
enterprise Identity stores and
authentication services
Facilitates compliance activities by
clearly reporting on SaaS application
usage
SaaS
Provisioning
SSO to SaaS
User Portal
Reporting
Enterprise
Integration
What is needed is a solution that…
21. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
Connects your Enterprise
with the Cloud
Multi-tenant offering,
hosted in the Oracle Cloud
Oracle Cloud Identity Service
Identity as a Service
22. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
Pre-configured
SaaS Integrations
Automated
Password Reset
User Enrollment
and Management
Enterprise ID store
Connectivity
Identity Governance
Integration
Group to SaaS
Account & Entitlement
mapping
Automated Provisioning
& De-provisioning
Oracle Cloud Identity Service
Identity
23. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
Enterprise IDP
Integration
Access Management
Integration
Advanced
Authentication
Single Sign-On
to SaaS Applications
Oracle Cloud Identity Service
Access
24. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
Admin Dashboards
Password Policy
Monitoring &
Activity Reports
Configuration
& Customization
REST API’s
for Programmatic Control
Approvals & WorkflowsUser Portal
Oracle Cloud Identity Service
Administration & Self Service
25. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
Tenant
Registration
SaaS
Configuration
User
Management &
Enterprise
Integration
SaaS
Provisioning
User Access Dashboard &
Reports
1 2 3 4 5 6
IDaaS Experiance
Onboarding, configuration, access and reporting
27. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. |
On-premise or Private Cloud
Governance, Access, Directory
CLOUD READY
IDENTITY SERVICES
MANAGED IDENTITY
SERVICES
PUBLIC CLOUD
IDENTITY SERVICES
Pre-configured, Oracle
Managed Identity Service
Full Enterprise IDM
functionality
Identity as a Service - hosted in
the Oracle Cloud
Multi-tenant, pre-configured
for all major Cloud / SaaS apps
Cloud Identity
Recap
30. Copyright© 2014, Oracle and/or its affiliates.All rights reserved. | Oracle Confidential – Internal/Restricted/Highly Restricted 30