1 / 34

The Four Pillars of Identity: A Solution for Online Success

AAP302. The Four Pillars of Identity: A Solution for Online Success . Heath Aubin Solution Architect Microsoft Corporation. Objectives. Gain an understanding of key industry trends and how you may apply them in your designs

dana
Download Presentation

The Four Pillars of Identity: A Solution for Online Success

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. AAP302 The Four Pillars of Identity: A Solution for Online Success Heath Aubin Solution Architect Microsoft Corporation

  2. Objectives • Gain an understanding of key industry trends and how you may apply them in your designs • Learn about the 4 Pillars of identity and how they will be useful in creating your strategic direction • Learn about how Microsoft Services designs solutions for identity

  3. Introduction • Trends and Challenges • Importance of Identity

  4. Industry Trends 66% run 14% 20% transform grow EXPLOSIVE DATA GROWTH PROLIFERATIONOF DEVICES BUDGETREDUCTIONS ITCONSTRAINTS Companies are under pressure to do more with less

  5. Access Challenges ENABLING DEVICES AVAILABILITY ROLE & DEVICEDRIVEN PRIVILEGES ALLOW CUSTOMERS& PARTNERS Companies must facilitate productivity without impacting security

  6. Management Challenges ADAPTING TOCLOUD RAPID ON-BOARDING OF SERVICES MERGERS &ACQUISITIONS PROLIFERATION OF GROUPS & USERS Management must adapt rapidly to changing business needs

  7. Security Challenges f RAPID RESPONSE PROTECTWHILE EXTENDING CENTRALIZE & STANDARDIZE REPORT & AUDIT Companies need an integrated security strategy

  8. Importance of Identity EMPOWERUSERS TAKE CONTROL PLAN FOR THE FUTURE Incorporating Identity into your environment can transform your business

  9. Defining Identity • The Role of Identity • The Four Pillars of Identity

  10. The Role of Identity Identity Spans Environment • Users & Devices to Infrastructure • Infrastructure to Apps & Services • Users & Devices to Apps & Services USERS & DEVICES APPS & SERVICES INFRASTRUCTURE IDENTITY

  11. Identity is Essential for Cloud Computing USERS & DEVICES PUBLIC APPS & SERVICES PRIVATE INFRASTRUCTURE TRADITIONAL IT IDENTITY HYBRID CLOUD

  12. How Microsoft Views Identity • Single View Mgmt. • Application of Business Rules • Automated Requests, Approvals, and Access Assignment • User Sign-on Experience • Trusted Source • Standard and Secure Protocols • Level of Assurance • How and where are authorizations handled • Can a user access the resource and what can they do when they access it? • Track who does what, when, where and how • Focused Alerting • In-Depth Collated Reporting • Governance ADMINISTRATION AUTHENTICATION AUTHORIZATION AUDITING

  13. Administration • A system which is highly configurable around business processes Administration Provides AUDIT ADMINISTRATION AUTHENTICATION AUTHORIZATION Group Management Provision &De-provision Identity Updates Synchronization Change Control • The agility to scale resources according to demand • Cost savings through the distribution and automation of management IdentityProliferation InterfaceSelection • Flexibility around synchronization, proliferation, and change control

  14. Authentication • Flexible, standards compliant, authentication that integrates across the organization Authentication Provides AUDIT ADMINISTRATION AUTHENTICATION AUTHORIZATION FlexibleSign-on Methods SecurityProtocols Supported Sources AssuranceMethods • Integration of disparate sources, applications, and protocols • Employs many different industry standard methods of validation and assurance

  15. Authorization • Extensive methods of assigning entitlement allowing for increased security and less administration AUDIT ADMINISTRATION AUTHENTICATION AUTHORIZATION Authorization Provides EntitlementType Access Policies EnforcementStrategy • Policies written or centrally enforced • Simplify and accelerate enforcement through agent, API, and proxy based approaches

  16. Audit • Proactive/reactive reporting and alerts to enforce policies and identify problems quickly Audit Provides AUDIT ADMINISTRATION AUTHENTICATION AUTHORIZATION Reporting Alerting Governance methods Collection of data • Governance of auditing data ensures proper authorizations, historical accuracy, and compliance • Collation and centralization of audit data from disparate enterprise resources

  17. How do you build an Identity Strategy? • Infrastructure Optimization and Identity • How do you build an Identity Strategy

  18. Understand Infrastructure Optimization • The four-tiered Infrastructure Optimization Model from Microsoft helps organizations diagnose the level at which their infrastructure is currently functioning • IO helps prioritize the actions and investments that will boost them to a higher level of performance • By standardizing, automating, and more tightly controlling IT infrastructure, organizations can increase efficiencies and have an opportunity at cost savings http://aka.ms/io

  19. Levels of Infrastructure Optimization

  20. Identity IO Matrix

  21. Building an Identity Strategy Innovate • Understand business priorities • Assess against maturity matrix • Determine desired state • Execute your roadmap and begin maturing your environment Build a Plan • Prioritize Capabilities & Define Roadmap • Establish Architectural Principles and Guidelines • Plan Remediation and/or New Functionalities Assess

  22. Microsoft Solutions for Identity • Dynamic Identity Framework • Access Enablement Gateway

  23. Dynamic Identity Framework One Day Workshop • Workshops are designed to introduce Identity and help customers understand how an identity solution could help their enterprise. • Customer Benefits Include: • Introduction to core tenants of Identity • Discussion around recommended practices • Detailed explanation of Microsoft identity solutions • Business Value modeling 2 Week Assessment and Roadmap Identity Solutions Education Planning Deployment Assess Business Assess Infrastructure Define Roadmap Traditional IT Private Public Partners TECHNOLOGIES Hybrid DESIRED END STATES

  24. Dynamic Identity Framework 1-3 Day Workshops One Day Workshop 2 Week Assessment and Roadmap Identity Solutions Education Planning Deployment Assess Business Assess Infrastructure Define Roadmap • Assessment designed to help the you understand your current state within identity and to provide a roadmap towards maturity based upon business needs and goals. • Customer Benefits Include: • Detailed assessment report and recommended path forward • Logical roadmap based on assessment, experience and recommended practices Traditional IT Private Public Partners TECHNOLOGIES Hybrid DESIRED END STATES

  25. Dynamic Identity Framework 1-3 Day Workshops One Day Workshop 2 Week Assessment and Roadmap Identity Solutions Education Planning Deployment Assess Business Assess Infrastructure Define Roadmap • Microsoft Services Identity Offerings Include: • Enterprise Identity Management using Forefront Identity Manager 2010 • Enterprise Identity Federation using Active Directory Federation Services • Access Enablement Gateway and Identity Service Solution • Application Identity Assessment for Windows Azure Traditional IT Private Public Partners TECHNOLOGIES Hybrid DESIRED END STATES

  26. Access Enablement Gateway & Identity ServiceSimplify, Streamline, and Secure • Scalable way to secure enterprise applications to external users • Reduce cost and effort behind managing and securing their solution • Ability to bring a broader audience to applications through leveraging existing platforms • Ability to delegate or automate application access to other organizations AEGIS Solution Application Users Application Owners • Easier registration for users • Secure access • Ability to leverage existing credentials • Organization wide access to applications

  27. Access Enablement Gateway & Identity ServiceArchitectural Reference SP Trust SP Trusts AuthN Federation SP AuthZ Retrieval Federated Registration Course-Grained AuthZ DB Identity Store Identity Sync Published Apps Application DB’s Partner Management Profile Management Entitlement Stores Identity Synchronization Service & Workflow Gateway Identity Updates Managed Registration AEGIS IdM Apps Identity Management

  28. Objectives • Gain an understanding of key industry trends and how you may apply them in your designs • Learn about the 4 Pillars of identity and how they will be useful in creating your strategic direction • Learn about how Microsoft Services designs solutions for identity

  29. Related Content • AAP201 Hybrid Computing is the New Net Norm • SIA202 Microsoft Trustworthy Computing Cloud Security, Privacy and Reliability in a Nutshell • SIA204 Cloudy Weather: How Secure is the Cloud? • SIA207 Windows Server 2012 Dynamic Access Control Overview • SIA312 What's New in Active Directory in Windows Server 2012 • SIA313 Self-Service Password Reset for Active Directory with Microsoft Forefront Identity Manager 2010 R2 • SIA316 Windows Server 2012 Dynamic Access Control Best Practices and Case Study Deployments in Microsoft IT • SIA318 Managing and Extending Active Directory Federation Services • SIA321 What's New in Windows Identity Foundation in Microsoft .NET Framework 4.5 • SIA341 Windows Server 2012 Dynamic Access Control Deep Dive for Active Directory and Central Authorization Policies • SIA21-HOL Using Dynamic Access Control to Automatically and Centrally Secure Data in Windows Server 2012 • SIA01-TLC Microsoft Identity and Access • SIA02-TLC Windows Server 2012 Active Directory Dynamic Access Control

  30. Resources Learning TechNet • Connect. Share. Discuss. • Microsoft Certification & Training Resources http://northamerica.msteched.com www.microsoft.com/learning • Resources for IT Professionals • Resources for Developers • http://microsoft.com/technet http://microsoft.com/msdn

  31. Complete an evaluation on CommNet and enter to win!

  32. Please Complete an Evaluation Your feedback is important! Multipleways to Evaluate Sessions Be eligible to win great daily prizes and the grand prize of a $5,000 Travel Voucher! Scan the Tag to evaluate this session now on myTechEdMobile

  33. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

More Related