SlideShare a Scribd company logo

Journey to the cloud

Chris Avis
Chris Avis
Technology
1 of 16
JOURNEY TO THE CLOUD FIM 2010 Used for Management of AD the core of your Identity in the Private Cloud
Cloud Security Concerns • Security is the number 1 concern for cloud adoption • 75% responded 4 or 5 (on 1 to 5 scale) * • Key security issues: • Isolation of tenants from each other & hosting infrastructure • Compute and network layers • Authentication / Authorization / Auditing of access to cloud services • Unauthorized access / DoS due to weak (or mis)configuration * Source: IDC Enterprise Panel
Three Pillars Authentication Authorization Attributes Identity Management Platform
To The Cloud!
Typical Cloud ID Journey Authentication Authorization Attributes Federated Islands of Silos Identity (Islands of Identity)
A Better Journey Authentication Authorization Attributes Federated Islands of Silos Identity Identity Management Platform (Islands of Identity)
What is Forefront Identity Manager Self-Service integration Windows Log On FIM Portal Manages Active Directory LOB - secure delegation Applications of administration AD FS login across clouds - enable access to private cloud Databases Integrated login to applications Directories Secure the Private Cloud
Common Identity across clouds Private Cloud HR System FirstName Terry LastName Adams Title Sales Manager FirstName Terry Exchange Dept Sales LastName Adams SharePoint Mgr: Melissa Meyers Title Sales Manager Web EmplID 123 Dept Sales Sites Line of Group membership and user Mgr: Melissa Meyers Business attributes generated Apps File / Print LoginID Tadams Integrated Workflow Phone 555-1212 and federated Email Tadams@litware.com common FIM 2010 identity Public Cloud Groups Melissa’s Directs All in Sales PaaS Phone Sales App Owners SaaS Firstname Terry LastName Adams AD Windows Azure Office 36 Phone 555-1234 Email LoginID Tadams Email tadams@litware.com
Private Cloud Enabled Identity All Microsoft solutions for private cloud leverage a single identity store to authenticate users with Microsoft® Active Directory® across physical and virtual systems.  Active Directory System Center Virtual Forefront Identity Machine Manager Manager o Single identity store to authenticate users Forefront™ Security Solutions o Support across physical and Active Directory virtual systems Virtualization o Federated Identity Hardware Presentation Application  Forefront Identity Manager Hyper-V™ Terminal Microsoft o Easy user provisioning Services App. Virt. o Identity synchronization o Simplified management of Network Access Protection cloud resources Server and Domain Isolation
Solution Example – Enhancing Private Cloud with Identity • Hyper-V and SC Virtual Machine Manager uses roles • Roles can contain users or groups from AD • Delegation of datacenter management • Forefront Identity Manager securely manages membership in AD groups Private Cloud Roles in Leverage AD Manage AD Self Service Hyper-V and Groups in Groups in FIM secure and System Center roles compliant
Solution Example- Enhancing Private Cloud with Identity Hyper-V Authorization Manager + Common identity in Private Cloud • Default role allows access to all operations • Additional roles with desired rights can be created • 33 different operations OOB grouped under • Hyper-V Service Operations • Hyper-V Networks Operations • Hyper-V Virtual Machine Operations
Solution Example - Enhancing Private Cloud with Identity Virtual Machine Manager + Common identity in Private Cloud • The Administrator profile • Complete administrative access to all the hosts, virtual machines, and library servers in VMM 2008 • The Delegated Administrator profile • Grants administrative access to a defined set of host groups and library servers • The Self-Service User profile • Administrative access to a defined set of virtual machines through the Web-based Virtual Machine Manager Self-Service Portal • Additional delegation capabilities in Self service portal
FIM (Helping) with The Cloud Oh, alright then Can I have Admin access to cloud app? Request Approve User
EVERY JOURNEY NEEDS A HISTORY Authentication Authorization Attributes Audit Federated Islands of Silos Identity Identity Management Platform (Islands of Identity)
TO THE CLOUD! • Using Hyper-V as an infrastructure for Private Cloud is great for server optimization but, without an IAM architecture in place, this is just moving around the administrative problems • FIM provides a compliant and well managed AD. Compliance here is about automation of changing access permissions, making sure users have the right access, reporting. • Active Directory provides the common identity platform for classic datacenter hosted systems, to private cloud and also paves the way to enabling use of public cloud resources.
QUESTIONS ?

Recommended

Private cloud forefront identity manager 2010 (adam bresson)
Private cloud forefront identity manager 2010 (adam bresson)Private cloud forefront identity manager 2010 (adam bresson)
Private cloud forefront identity manager 2010 (adam bresson)Harold Wong
 
Iam4Cloud
Iam4CloudIam4Cloud
Iam4Cloudpvgendt
 
ECM and Enterprise 2.0
ECM and Enterprise 2.0ECM and Enterprise 2.0
ECM and Enterprise 2.0Carl Frappaolo
 
SharePoint Saturday Boston - Collaboration doesn't end with SharePoint
SharePoint Saturday Boston - Collaboration doesn't end with SharePointSharePoint Saturday Boston - Collaboration doesn't end with SharePoint
SharePoint Saturday Boston - Collaboration doesn't end with SharePointSentri
 
Manage Agility through Manage-ability – Introducing Design Time at Run Time ...
Manage Agility through Manage-ability – Introducing Design Time at Run Time ...Manage Agility through Manage-ability – Introducing Design Time at Run Time ...
Manage Agility through Manage-ability – Introducing Design Time at Run Time ...Lucas Jellema
 
Exploring IBM's Advanced Collaboration Solutions
Exploring IBM's Advanced Collaboration SolutionsExploring IBM's Advanced Collaboration Solutions
Exploring IBM's Advanced Collaboration SolutionsVincent Kwon
 
Track 2, session 5, aligning security with business kartik shahani
Track 2, session 5, aligning security with business kartik shahaniTrack 2, session 5, aligning security with business kartik shahani
Track 2, session 5, aligning security with business kartik shahaniEMC Forum India
 
Microsoft Unified Communications - Retail Presentation
Microsoft Unified Communications - Retail PresentationMicrosoft Unified Communications - Retail Presentation
Microsoft Unified Communications - Retail PresentationMicrosoft Private Cloud
 

Recommended

Private cloud forefront identity manager 2010 (adam bresson)
Private cloud forefront identity manager 2010 (adam bresson)Private cloud forefront identity manager 2010 (adam bresson)
Private cloud forefront identity manager 2010 (adam bresson)Harold Wong
 
Iam4Cloud
Iam4CloudIam4Cloud
Iam4Cloudpvgendt
 
ECM and Enterprise 2.0
ECM and Enterprise 2.0ECM and Enterprise 2.0
ECM and Enterprise 2.0Carl Frappaolo
 
SharePoint Saturday Boston - Collaboration doesn't end with SharePoint
SharePoint Saturday Boston - Collaboration doesn't end with SharePointSharePoint Saturday Boston - Collaboration doesn't end with SharePoint
SharePoint Saturday Boston - Collaboration doesn't end with SharePointSentri
 
Manage Agility through Manage-ability – Introducing Design Time at Run Time ...
Manage Agility through Manage-ability – Introducing Design Time at Run Time ...Manage Agility through Manage-ability – Introducing Design Time at Run Time ...
Manage Agility through Manage-ability – Introducing Design Time at Run Time ...Lucas Jellema
 
Exploring IBM's Advanced Collaboration Solutions
Exploring IBM's Advanced Collaboration SolutionsExploring IBM's Advanced Collaboration Solutions
Exploring IBM's Advanced Collaboration SolutionsVincent Kwon
 
Track 2, session 5, aligning security with business kartik shahani
Track 2, session 5, aligning security with business kartik shahaniTrack 2, session 5, aligning security with business kartik shahani
Track 2, session 5, aligning security with business kartik shahaniEMC Forum India
 
Microsoft Unified Communications - Retail Presentation
Microsoft Unified Communications - Retail PresentationMicrosoft Unified Communications - Retail Presentation
Microsoft Unified Communications - Retail PresentationMicrosoft Private Cloud
 
Microsoft X
Microsoft XMicrosoft X
Microsoft XCredera
 
Slimmer werken met Lotus Connections
Slimmer werken met Lotus ConnectionsSlimmer werken met Lotus Connections
Slimmer werken met Lotus ConnectionsJan Krans
 
Saurabh Gupta Design Portfolio 2002-08
Saurabh Gupta Design Portfolio 2002-08Saurabh Gupta Design Portfolio 2002-08
Saurabh Gupta Design Portfolio 2002-08Saurabh Gupta
 
SharePoint & ERM
SharePoint & ERMSharePoint & ERM
SharePoint & ERMNick Inglis
 
Jobo 1 ims_tm_value_2012_q2
Jobo 1 ims_tm_value_2012_q2Jobo 1 ims_tm_value_2012_q2
Jobo 1 ims_tm_value_2012_q2Helene Lyon
 
Forefront Identity Manager2010
Forefront Identity Manager2010Forefront Identity Manager2010
Forefront Identity Manager2010Microsoft Norge AS
 
Now that I have CRM, what else can I do with it?
Now that I have CRM, what else can I do with it?Now that I have CRM, what else can I do with it?
Now that I have CRM, what else can I do with it?Swimfish
 
E dms
E dmsE dms
E dmsSankom Pribun
 
Implats Cloud Journey
Implats Cloud JourneyImplats Cloud Journey
Implats Cloud JourneyPaul Cooper
 
Lessons Learned from an early Multi-Cloud journey
Lessons Learned from an early Multi-Cloud journeyLessons Learned from an early Multi-Cloud journey
Lessons Learned from an early Multi-Cloud journeyHardway Hou
 
Data Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudData Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudTrend Micro (EMEA) Limited
 
soCloud: distributed multi-cloud platform for deploying, executing and managi...
soCloud: distributed multi-cloud platform for deploying, executing and managi...soCloud: distributed multi-cloud platform for deploying, executing and managi...
soCloud: distributed multi-cloud platform for deploying, executing and managi...Fawaz Fernand PARAISO
 
Standing on the clouds
Standing on the cloudsStanding on the clouds
Standing on the cloudsClaudio Criscione
 
Philip Hung Cao - Cloud security, the journey has begun
Philip Hung Cao - Cloud security, the journey has begunPhilip Hung Cao - Cloud security, the journey has begun
Philip Hung Cao - Cloud security, the journey has begunSecurity Bootcamp
 
Security & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingSecurity & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingJohn D. Johnson
 
Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...PRISMACLOUD Project
 
Journey to the Cloud, Hype or Opportunity
Journey to the Cloud, Hype or OpportunityJourney to the Cloud, Hype or Opportunity
Journey to the Cloud, Hype or OpportunityCapgemini
 
Dimension Data – Enabling the Journey to the Cloud: Real Examples
Dimension Data – Enabling the Journey to the Cloud: Real ExamplesDimension Data – Enabling the Journey to the Cloud: Real Examples
Dimension Data – Enabling the Journey to the Cloud: Real Examplesitnewsafrica
 
Security: Enabling the Journey to the Cloud
Security: Enabling the Journey to the CloudSecurity: Enabling the Journey to the Cloud
Security: Enabling the Journey to the CloudCapgemini
 
Enterprise Journey to the Cloud
Enterprise Journey to the CloudEnterprise Journey to the Cloud
Enterprise Journey to the CloudAmazon Web Services
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Amazon Web Services
 
#askSAP: Journey to the Cloud: SAP Strategy and Roadmap for Cloud and Hybrid ...
#askSAP: Journey to the Cloud: SAP Strategy and Roadmap for Cloud and Hybrid ...#askSAP: Journey to the Cloud: SAP Strategy and Roadmap for Cloud and Hybrid ...
#askSAP: Journey to the Cloud: SAP Strategy and Roadmap for Cloud and Hybrid ...SAP Analytics
 

More Related Content

What's hot

Microsoft X
Microsoft XMicrosoft X
Microsoft XCredera
 
Slimmer werken met Lotus Connections
Slimmer werken met Lotus ConnectionsSlimmer werken met Lotus Connections
Slimmer werken met Lotus ConnectionsJan Krans
 
Saurabh Gupta Design Portfolio 2002-08
Saurabh Gupta Design Portfolio 2002-08Saurabh Gupta Design Portfolio 2002-08
Saurabh Gupta Design Portfolio 2002-08Saurabh Gupta
 
SharePoint & ERM
SharePoint & ERMSharePoint & ERM
SharePoint & ERMNick Inglis
 
Jobo 1 ims_tm_value_2012_q2
Jobo 1 ims_tm_value_2012_q2Jobo 1 ims_tm_value_2012_q2
Jobo 1 ims_tm_value_2012_q2Helene Lyon
 
Forefront Identity Manager2010
Forefront Identity Manager2010Forefront Identity Manager2010
Forefront Identity Manager2010Microsoft Norge AS
 
Now that I have CRM, what else can I do with it?
Now that I have CRM, what else can I do with it?Now that I have CRM, what else can I do with it?
Now that I have CRM, what else can I do with it?Swimfish
 

What's hot (8)

Microsoft X
Microsoft XMicrosoft X
Microsoft X
 
Slimmer werken met Lotus Connections
Slimmer werken met Lotus ConnectionsSlimmer werken met Lotus Connections
Slimmer werken met Lotus Connections
 
Saurabh Gupta Design Portfolio 2002-08
Saurabh Gupta Design Portfolio 2002-08Saurabh Gupta Design Portfolio 2002-08
Saurabh Gupta Design Portfolio 2002-08
 
SharePoint & ERM
SharePoint & ERMSharePoint & ERM
SharePoint & ERM
 
Jobo 1 ims_tm_value_2012_q2
Jobo 1 ims_tm_value_2012_q2Jobo 1 ims_tm_value_2012_q2
Jobo 1 ims_tm_value_2012_q2
 
Forefront Identity Manager2010
Forefront Identity Manager2010Forefront Identity Manager2010
Forefront Identity Manager2010
 
Now that I have CRM, what else can I do with it?
Now that I have CRM, what else can I do with it?Now that I have CRM, what else can I do with it?
Now that I have CRM, what else can I do with it?
 
E dms
E dmsE dms
E dms
 

Viewers also liked

Implats Cloud Journey
Implats Cloud JourneyImplats Cloud Journey
Implats Cloud JourneyPaul Cooper
 
Lessons Learned from an early Multi-Cloud journey
Lessons Learned from an early Multi-Cloud journeyLessons Learned from an early Multi-Cloud journey
Lessons Learned from an early Multi-Cloud journeyHardway Hou
 
Data Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudData Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudTrend Micro (EMEA) Limited
 
soCloud: distributed multi-cloud platform for deploying, executing and managi...
soCloud: distributed multi-cloud platform for deploying, executing and managi...soCloud: distributed multi-cloud platform for deploying, executing and managi...
soCloud: distributed multi-cloud platform for deploying, executing and managi...Fawaz Fernand PARAISO
 
Philip Hung Cao - Cloud security, the journey has begun
Philip Hung Cao - Cloud security, the journey has begunPhilip Hung Cao - Cloud security, the journey has begun
Philip Hung Cao - Cloud security, the journey has begunSecurity Bootcamp
 
Security & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingSecurity & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingJohn D. Johnson
 
Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...PRISMACLOUD Project
 
Journey to the Cloud, Hype or Opportunity
Journey to the Cloud, Hype or OpportunityJourney to the Cloud, Hype or Opportunity
Journey to the Cloud, Hype or OpportunityCapgemini
 
Dimension Data – Enabling the Journey to the Cloud: Real Examples
Dimension Data – Enabling the Journey to the Cloud: Real ExamplesDimension Data – Enabling the Journey to the Cloud: Real Examples
Dimension Data – Enabling the Journey to the Cloud: Real Examplesitnewsafrica
 
Security: Enabling the Journey to the Cloud
Security: Enabling the Journey to the CloudSecurity: Enabling the Journey to the Cloud
Security: Enabling the Journey to the CloudCapgemini
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Amazon Web Services
 
#askSAP: Journey to the Cloud: SAP Strategy and Roadmap for Cloud and Hybrid ...
#askSAP: Journey to the Cloud: SAP Strategy and Roadmap for Cloud and Hybrid ...#askSAP: Journey to the Cloud: SAP Strategy and Roadmap for Cloud and Hybrid ...
#askSAP: Journey to the Cloud: SAP Strategy and Roadmap for Cloud and Hybrid ...SAP Analytics
 
Cloud computing security from single to multiple
Cloud computing security from single to multipleCloud computing security from single to multiple
Cloud computing security from single to multipleKiran Kumar
 
UKOUG Journey To The Cloud - March 2017
UKOUG Journey To The Cloud - March 2017UKOUG Journey To The Cloud - March 2017
UKOUG Journey To The Cloud - March 2017Phil Wilkins
 

Viewers also liked (16)

Implats Cloud Journey
Implats Cloud JourneyImplats Cloud Journey
Implats Cloud Journey
 
Lessons Learned from an early Multi-Cloud journey
Lessons Learned from an early Multi-Cloud journeyLessons Learned from an early Multi-Cloud journey
Lessons Learned from an early Multi-Cloud journey
 
Data Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudData Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the Cloud
 
soCloud: distributed multi-cloud platform for deploying, executing and managi...
soCloud: distributed multi-cloud platform for deploying, executing and managi...soCloud: distributed multi-cloud platform for deploying, executing and managi...
soCloud: distributed multi-cloud platform for deploying, executing and managi...
 
Standing on the clouds
Standing on the cloudsStanding on the clouds
Standing on the clouds
 
Philip Hung Cao - Cloud security, the journey has begun
Philip Hung Cao - Cloud security, the journey has begunPhilip Hung Cao - Cloud security, the journey has begun
Philip Hung Cao - Cloud security, the journey has begun
 
Security & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingSecurity & Privacy in Cloud Computing
Security & Privacy in Cloud Computing
 
Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...
 
Journey to the Cloud, Hype or Opportunity
Journey to the Cloud, Hype or OpportunityJourney to the Cloud, Hype or Opportunity
Journey to the Cloud, Hype or Opportunity
 
Dimension Data – Enabling the Journey to the Cloud: Real Examples
Dimension Data – Enabling the Journey to the Cloud: Real ExamplesDimension Data – Enabling the Journey to the Cloud: Real Examples
Dimension Data – Enabling the Journey to the Cloud: Real Examples
 
Security: Enabling the Journey to the Cloud
Security: Enabling the Journey to the CloudSecurity: Enabling the Journey to the Cloud
Security: Enabling the Journey to the Cloud
 
Enterprise Journey to the Cloud
Enterprise Journey to the CloudEnterprise Journey to the Cloud
Enterprise Journey to the Cloud
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices
 
#askSAP: Journey to the Cloud: SAP Strategy and Roadmap for Cloud and Hybrid ...
#askSAP: Journey to the Cloud: SAP Strategy and Roadmap for Cloud and Hybrid ...#askSAP: Journey to the Cloud: SAP Strategy and Roadmap for Cloud and Hybrid ...
#askSAP: Journey to the Cloud: SAP Strategy and Roadmap for Cloud and Hybrid ...
 
Cloud computing security from single to multiple
Cloud computing security from single to multipleCloud computing security from single to multiple
Cloud computing security from single to multiple
 
UKOUG Journey To The Cloud - March 2017
UKOUG Journey To The Cloud - March 2017UKOUG Journey To The Cloud - March 2017
UKOUG Journey To The Cloud - March 2017
 

Similar to Journey to the cloud

The 'SharePoint and...Story
The 'SharePoint and...StoryThe 'SharePoint and...Story
The 'SharePoint and...StorySentri
 
Scribe insight 2009
Scribe insight 2009Scribe insight 2009
Scribe insight 2009jeroenpaters
 
Customer presentation: Trisys, Introduction to AWS, Cambridge
Customer presentation: Trisys, Introduction to AWS, CambridgeCustomer presentation: Trisys, Introduction to AWS, Cambridge
Customer presentation: Trisys, Introduction to AWS, CambridgeAmazon Web Services
 
Microsoft Lync: Communication Innovation
Microsoft Lync: Communication InnovationMicrosoft Lync: Communication Innovation
Microsoft Lync: Communication InnovationSentri
 
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...CA API Management
 
FOREST - VMware Zimbra Collaboration Server Overview
FOREST - VMware Zimbra Collaboration Server OverviewFOREST - VMware Zimbra Collaboration Server Overview
FOREST - VMware Zimbra Collaboration Server OverviewMuhammad Alif Abdul Malek
 
MPLS 2010: Network Enabled Cloud and Service Models
MPLS 2010: Network Enabled Cloud and Service ModelsMPLS 2010: Network Enabled Cloud and Service Models
MPLS 2010: Network Enabled Cloud and Service ModelsCisco Service Provider
 
Acronym Soup: CMS, DAM, WCXM, CEM, CXM, ECM, WCM Dissected
Acronym Soup: CMS, DAM, WCXM, CEM, CXM, ECM, WCM DissectedAcronym Soup: CMS, DAM, WCXM, CEM, CXM, ECM, WCM Dissected
Acronym Soup: CMS, DAM, WCXM, CEM, CXM, ECM, WCM DissectedIrina Guseva
 
Next Generation of Middleware Solutions
Next Generation of Middleware SolutionsNext Generation of Middleware Solutions
Next Generation of Middleware SolutionsBruno Borges
 
The Executive View on Cloud Service Brokers – Cloud Computing Association Con...
The Executive View on Cloud Service Brokers – Cloud Computing Association Con...The Executive View on Cloud Service Brokers – Cloud Computing Association Con...
The Executive View on Cloud Service Brokers – Cloud Computing Association Con...Chad Lawler
 
Aras Vision and Roadmap with Aras Innovator PLM Software
Aras Vision and Roadmap with Aras Innovator PLM SoftwareAras Vision and Roadmap with Aras Innovator PLM Software
Aras Vision and Roadmap with Aras Innovator PLM SoftwareAras
 
Enabling the Social Enterprise - Trae Chancellor
Enabling the Social Enterprise - Trae ChancellorEnabling the Social Enterprise - Trae Chancellor
Enabling the Social Enterprise - Trae ChancellorRicoh Nederland
 
Enabling the Social Enterprise
Enabling the Social EnterpriseEnabling the Social Enterprise
Enabling the Social EnterpriseIMAGINE
 
Sogeti Cloud Seminar Identity In The Clouds
Sogeti Cloud Seminar Identity In The CloudsSogeti Cloud Seminar Identity In The Clouds
Sogeti Cloud Seminar Identity In The CloudsRon Moerman
 
Truth and Lies about Latency in the Cloud, Jelle Frank v.d. Zwet, Interxion
Truth and Lies about Latency in the Cloud, Jelle Frank v.d. Zwet, InterxionTruth and Lies about Latency in the Cloud, Jelle Frank v.d. Zwet, Interxion
Truth and Lies about Latency in the Cloud, Jelle Frank v.d. Zwet, InterxionCloudOps Summit
 
Integration SharePoint 2010 with CRM 2010 by Mai Omar Desouki
Integration SharePoint 2010 with CRM 2010 by Mai Omar DesoukiIntegration SharePoint 2010 with CRM 2010 by Mai Omar Desouki
Integration SharePoint 2010 with CRM 2010 by Mai Omar DesoukiMai Omar Desouki
 
Aras PLM Roadmap
Aras PLM RoadmapAras PLM Roadmap
Aras PLM RoadmapAras
 
Oracle CRM On Demand - Computer Telephony Integration for Avaya
Oracle CRM On Demand - Computer Telephony Integration for AvayaOracle CRM On Demand - Computer Telephony Integration for Avaya
Oracle CRM On Demand - Computer Telephony Integration for AvayaCRMIT
 
Connect the Cloud: A Strategy for Enterprise, Mobile and Developer APIs
Connect the Cloud: A Strategy for Enterprise, Mobile and Developer APIs Connect the Cloud: A Strategy for Enterprise, Mobile and Developer APIs
Connect the Cloud: A Strategy for Enterprise, Mobile and Developer APIsRyan Boyles
 

Similar to Journey to the cloud (20)

The 'SharePoint and...Story
The 'SharePoint and...StoryThe 'SharePoint and...Story
The 'SharePoint and...Story
 
Vormetric - Gherkin Event
Vormetric - Gherkin EventVormetric - Gherkin Event
Vormetric - Gherkin Event
 
Scribe insight 2009
Scribe insight 2009Scribe insight 2009
Scribe insight 2009
 
Customer presentation: Trisys, Introduction to AWS, Cambridge
Customer presentation: Trisys, Introduction to AWS, CambridgeCustomer presentation: Trisys, Introduction to AWS, Cambridge
Customer presentation: Trisys, Introduction to AWS, Cambridge
 
Microsoft Lync: Communication Innovation
Microsoft Lync: Communication InnovationMicrosoft Lync: Communication Innovation
Microsoft Lync: Communication Innovation
 
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
 
FOREST - VMware Zimbra Collaboration Server Overview
FOREST - VMware Zimbra Collaboration Server OverviewFOREST - VMware Zimbra Collaboration Server Overview
FOREST - VMware Zimbra Collaboration Server Overview
 
MPLS 2010: Network Enabled Cloud and Service Models
MPLS 2010: Network Enabled Cloud and Service ModelsMPLS 2010: Network Enabled Cloud and Service Models
MPLS 2010: Network Enabled Cloud and Service Models
 
Acronym Soup: CMS, DAM, WCXM, CEM, CXM, ECM, WCM Dissected
Acronym Soup: CMS, DAM, WCXM, CEM, CXM, ECM, WCM DissectedAcronym Soup: CMS, DAM, WCXM, CEM, CXM, ECM, WCM Dissected
Acronym Soup: CMS, DAM, WCXM, CEM, CXM, ECM, WCM Dissected
 
Next Generation of Middleware Solutions
Next Generation of Middleware SolutionsNext Generation of Middleware Solutions
Next Generation of Middleware Solutions
 
The Executive View on Cloud Service Brokers – Cloud Computing Association Con...
The Executive View on Cloud Service Brokers – Cloud Computing Association Con...The Executive View on Cloud Service Brokers – Cloud Computing Association Con...
The Executive View on Cloud Service Brokers – Cloud Computing Association Con...
 
Aras Vision and Roadmap with Aras Innovator PLM Software
Aras Vision and Roadmap with Aras Innovator PLM SoftwareAras Vision and Roadmap with Aras Innovator PLM Software
Aras Vision and Roadmap with Aras Innovator PLM Software
 
Enabling the Social Enterprise - Trae Chancellor
Enabling the Social Enterprise - Trae ChancellorEnabling the Social Enterprise - Trae Chancellor
Enabling the Social Enterprise - Trae Chancellor
 
Enabling the Social Enterprise
Enabling the Social EnterpriseEnabling the Social Enterprise
Enabling the Social Enterprise
 
Sogeti Cloud Seminar Identity In The Clouds
Sogeti Cloud Seminar Identity In The CloudsSogeti Cloud Seminar Identity In The Clouds
Sogeti Cloud Seminar Identity In The Clouds
 
Truth and Lies about Latency in the Cloud, Jelle Frank v.d. Zwet, Interxion
Truth and Lies about Latency in the Cloud, Jelle Frank v.d. Zwet, InterxionTruth and Lies about Latency in the Cloud, Jelle Frank v.d. Zwet, Interxion
Truth and Lies about Latency in the Cloud, Jelle Frank v.d. Zwet, Interxion
 
Integration SharePoint 2010 with CRM 2010 by Mai Omar Desouki
Integration SharePoint 2010 with CRM 2010 by Mai Omar DesoukiIntegration SharePoint 2010 with CRM 2010 by Mai Omar Desouki
Integration SharePoint 2010 with CRM 2010 by Mai Omar Desouki
 
Aras PLM Roadmap
Aras PLM RoadmapAras PLM Roadmap
Aras PLM Roadmap
 
Oracle CRM On Demand - Computer Telephony Integration for Avaya
Oracle CRM On Demand - Computer Telephony Integration for AvayaOracle CRM On Demand - Computer Telephony Integration for Avaya
Oracle CRM On Demand - Computer Telephony Integration for Avaya
 
Connect the Cloud: A Strategy for Enterprise, Mobile and Developer APIs
Connect the Cloud: A Strategy for Enterprise, Mobile and Developer APIs Connect the Cloud: A Strategy for Enterprise, Mobile and Developer APIs
Connect the Cloud: A Strategy for Enterprise, Mobile and Developer APIs
 

Recently uploaded

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 

Recently uploaded (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 

Journey to the cloud

  • 1. JOURNEY TO THE CLOUD FIM 2010 Used for Management of AD the core of your Identity in the Private Cloud
  • 2. Cloud Security Concerns • Security is the number 1 concern for cloud adoption • 75% responded 4 or 5 (on 1 to 5 scale) * • Key security issues: • Isolation of tenants from each other & hosting infrastructure • Compute and network layers • Authentication / Authorization / Auditing of access to cloud services • Unauthorized access / DoS due to weak (or mis)configuration * Source: IDC Enterprise Panel
  • 3. Three Pillars Authentication Authorization Attributes Identity Management Platform
  • 5. Typical Cloud ID Journey Authentication Authorization Attributes Federated Islands of Silos Identity (Islands of Identity)
  • 6. A Better Journey Authentication Authorization Attributes Federated Islands of Silos Identity Identity Management Platform (Islands of Identity)
  • 7. What is Forefront Identity Manager Self-Service integration Windows Log On FIM Portal Manages Active Directory LOB - secure delegation Applications of administration AD FS login across clouds - enable access to private cloud Databases Integrated login to applications Directories Secure the Private Cloud
  • 8. Common Identity across clouds Private Cloud HR System FirstName Terry LastName Adams Title Sales Manager FirstName Terry Exchange Dept Sales LastName Adams SharePoint Mgr: Melissa Meyers Title Sales Manager Web EmplID 123 Dept Sales Sites Line of Group membership and user Mgr: Melissa Meyers Business attributes generated Apps File / Print LoginID Tadams Integrated Workflow Phone 555-1212 and federated Email Tadams@litware.com common FIM 2010 identity Public Cloud Groups Melissa’s Directs All in Sales PaaS Phone Sales App Owners SaaS Firstname Terry LastName Adams AD Windows Azure Office 36 Phone 555-1234 Email LoginID Tadams Email tadams@litware.com
  • 9. Private Cloud Enabled Identity All Microsoft solutions for private cloud leverage a single identity store to authenticate users with Microsoft® Active Directory® across physical and virtual systems.  Active Directory System Center Virtual Forefront Identity Machine Manager Manager o Single identity store to authenticate users Forefront™ Security Solutions o Support across physical and Active Directory virtual systems Virtualization o Federated Identity Hardware Presentation Application  Forefront Identity Manager Hyper-V™ Terminal Microsoft o Easy user provisioning Services App. Virt. o Identity synchronization o Simplified management of Network Access Protection cloud resources Server and Domain Isolation
  • 10. Solution Example – Enhancing Private Cloud with Identity • Hyper-V and SC Virtual Machine Manager uses roles • Roles can contain users or groups from AD • Delegation of datacenter management • Forefront Identity Manager securely manages membership in AD groups Private Cloud Roles in Leverage AD Manage AD Self Service Hyper-V and Groups in Groups in FIM secure and System Center roles compliant
  • 11. Solution Example- Enhancing Private Cloud with Identity Hyper-V Authorization Manager + Common identity in Private Cloud • Default role allows access to all operations • Additional roles with desired rights can be created • 33 different operations OOB grouped under • Hyper-V Service Operations • Hyper-V Networks Operations • Hyper-V Virtual Machine Operations
  • 12. Solution Example - Enhancing Private Cloud with Identity Virtual Machine Manager + Common identity in Private Cloud • The Administrator profile • Complete administrative access to all the hosts, virtual machines, and library servers in VMM 2008 • The Delegated Administrator profile • Grants administrative access to a defined set of host groups and library servers • The Self-Service User profile • Administrative access to a defined set of virtual machines through the Web-based Virtual Machine Manager Self-Service Portal • Additional delegation capabilities in Self service portal
  • 13. FIM (Helping) with The Cloud Oh, alright then Can I have Admin access to cloud app? Request Approve User
  • 14. EVERY JOURNEY NEEDS A HISTORY Authentication Authorization Attributes Audit Federated Islands of Silos Identity Identity Management Platform (Islands of Identity)
  • 15. TO THE CLOUD! • Using Hyper-V as an infrastructure for Private Cloud is great for server optimization but, without an IAM architecture in place, this is just moving around the administrative problems • FIM provides a compliant and well managed AD. Compliance here is about automation of changing access permissions, making sure users have the right access, reporting. • Active Directory provides the common identity platform for classic datacenter hosted systems, to private cloud and also paves the way to enabling use of public cloud resources.

Editor's Notes

  1. This is not directly related to Private Cloud - did you find this in private cloud mtrl from marketing then you are good to go. If not then this is for Public cloud.
  2. the pillar slides are generic to CLoud computing and not specific to Private Cloud so the speaker should make the audience aware of this and that identity is a common platform across private and public cloud
  3. modifying this slide to reflect private cloud. needs more work and perhaps needs to have builds where the left hand side is shown first to talk about enhancing data in Active directory with classic provisioning and synchronization then add the top level to provide info on how datacenter admin can give application owners a way to manage security groups that they will use inside of the applications they own and are deploying on top of the private cloud. same goes true for datacenter administrators that own the private cloud and want to delegate access to certain admins to have access to part of the private cloud (this is done in the VMM self service portal and it uses security groups in AD)
  4. moved this slide to kick off transfer from generic cloud discussion to private cloud. ... the final comment from speaker should be .. now lets look at how identity is levereged in managing the private cloud
  5. In Private cloud you really dont need the .CSV file to issue identities in the cloud app as it is all on-premises and is either AD integrated. Having this link to apps in private cloud that are not AD integrated is fine but dont use just a CSV file .. just say account provisioning
  6. Great value add for FIM to talk about the need for audit history of datacenter admins having requested new VM's, app owners creating new SG's and approving users access to their applications or provide devs access to their applciations and finally the end users requests for these apps.