220 likes | 431 Views
Jackson Shaw Sr. Director, Product Management Jackson.Shaw@Quest.com http://jacksonshaw.blogspot.com. Agenda. Who is Quest Software Who am I? What is the problem we have generated for ourselves? What are the possible solutions? Can we find the “Holy Grail”? Quest’s solution
E N D
Jackson Shaw Sr. Director, Product Management Jackson.Shaw@Quest.com http://jacksonshaw.blogspot.com
Agenda • Who is Quest Software • Who am I? • What is the problem we have generated for ourselves? • What are the possible solutions? • Can we find the “Holy Grail”? • Quest’s solution • Wrap-up / Q & A • Resources
Financial Health Annual Revenues • Leadership • Steady, consecutive growth for 10+ years • $735 million in 2008 revenues • $260 million cash on hand • Healthy operating margins (over 18% in 2008) • 100,000+ customers (75% in Fortune 500)
Industry Position • Recognition • Two-time winner, Microsoft Global ISV Partner of the Year Award • #5 in the IT Management Software Market, 2008 (Forrester) • #2 in Application Management – North America region, 2008 (Gartner) • #1 in Database Development and Management Tools – replication segment, 2007 (IDC) • Named a leader in Active Directory management software, 2008 (Forrester) Partnerships
A Traditionof Focus, Expertiseand Innovation Milestones
Thought Leadership in Active Directory Named Microsoft Global ISV Partner of the Year! 2007 & 2004 Mature Products Working with Microsoft’s enterprise directory (NT & AD) since 1993 The Migration Expert Over 20 Million user accounts migrated by Quest Most Managed Users Over 45 Million user accounts managed using Quest’s Active Directory solutions Strategic Investment Multiple patents and patents pending for our technology Trusted Partner Over 7,000 companies look to Quest to help managetheir Active Directory Single Vendor for Your AD requirements Migration, Availability, Auditing & Reporting, Efficiency, Extending the Reach Cross-platform 7
Thought Leadership in Identity and Access Management Quest One Identity Solution named “Best Buy” by SC Magazine January 2009 Quest One single sign-on for SAP solutions certified by SAP SAPgui/R3 NetWeaver Quest Enterprise Single Sign-on favorably positioned in Gartner Magic Quadrant 8
What is the problem? • We live in a heterogeneous world: Windows, Unix, Linux, Mac, Java, .Net, Oracle, Siebel, SAP, … • 9 out of 10 enterprise users have multiple work related passwords • The average end-user has 5-6 work related passwords • Password policies vary from system to system • Length requirements • Complexity • Re-use • Exclusion of dictionary terms • The greater the complexity or number of passwords the greater the number of calls to the helpdesk Increases IT operational expenses End-users just want to do their job – they have enough to worry about… Sources: Aberdeen, Gartner
Single sign-on means different things… Enterprise SSO Federated SSO Web SSO SAML SinglePassword WS-* Reduced SSO
What are the possible solutions? There is no one ideal solution…
What would the “Holy Grail” solution look like? Kerberos Kerberos Consolidate Kerberos Kerberos Kerberos Kerberos Kerberos
Unfortunately, there is no “Holy Grail” solution! • We all have to deal with legacy baggage • We all have to deal with a changing environments • We all have to deal with auditors and compliance officers • We all have to deal with human nature • We all have to deal with vendors • We all can’t drop, swap and run to Windows • We all have to deal with the 8th layer of the OSI stack
Therefore, we must take a blended approach • Consolidates identities (directories) whenever possible • Leverages the advantages of Kerberos as much as possible • Provides strong authentication options • Supports multiple platforms • Enables maximum flexibility • Based on the system you log into every day
Quest One Identity Solution blended approach • Centered around Active Directory • Nearly everyone logs in to it – daily • It’s based on Kerberos so it is interoperable and secure • IT understands it, knows how to manage it and trusts it • Leverages Kerberos for its advantages • Broad industry and platform support (Unix, Linux, Java) • Supported by major applications (SAP, Oracle, IBM) • Logon automation for everything else • Stores credentials in Active Directory • Automates entering credentials for Windows-based dialog boxes • Use a Web single sign-on product to proxy multiple applications • Strong authentication options • Solve the “keys to the kingdom” problem • Smart cards • Tokens
What are the components? Use your Active Directory password as your key Protect that key with Quest’s Defender Kerberos integration Quest Authentication Services for Unix, Linux, Java and SAP Achieve web single sign-on with Quest’s Webthority Logon automation with Quest Enterprise Single Sign-on
The result? • You get to chose what’s best for you • The industry’s only single sign-on solution that spans multiple platforms:Windows, Unix, Linux and Java desktops and servers • Support for thick, thin and Web-based clients and applications • You mix and match solutions based on your requirements • Kerberos-based for the most secure and best single sign-on experience • Logon automation for other non-Kerberos integrated solutions • Web single sign-on for multiple web-based applications • You choose the level of security you need • Active Directory credential only or two-factor (strong) authentication • Brought to you by an industry leading vendor • A complete solution from one vendor • The market leader in Active Directory management
Kerberos Advanced Single Sign-on The result? Login Automation
Resources • Quest’s identity management solutions • http://www.quest.com/identity-management • Quest Authentication Services • http://www.quest.com/authentication-services • Enterprise Single Sign-on: The Holy Grail of Computing (white paper) • Kerberos Consortium (http://kerberos.org) • Apple, Google, MIT, Microsoft, Sun and others • Jackson.Shaw@Quest.com • My blog: http://jacksonshaw.blogspot.com • Always happy to answer questions via e-mail