Breaking the Kubernetes Kill Chain: Host Path Mount
Identity as a Managed Cloud Service
1. 2013 Open Stack Identity Summit - France
Leveraging Cloud and Expert Managed
Services to simplify your IAM implementation
2. Simeio Solutions
• A comprehensive suite of services and solutions that provide a single-source
for all IAM needs
3. Simeio Solutions
•
Successful deployments of all ForgeRock Open Identity
Stack products in a Cloud, Hosted, or On-Premise model
•
Managed services operation center in Bombay
providing expert resources for ops & maintenance
•
ForgeRock products provided with Quick Start
offerings in the Simeio Business-Ready IAM Cloud
•
Developed Simeio Advanced Authentication Service
for leveraging OpenAM in the Cloud
•
Developed portable administration console for
OpenSSO / OpenAM - POssO
4. Drivers for Cloud Managed Services
Improved Risk Mitigation via faster project deployment
o Measured 60% better time on deployment in the Cloud vs. traditional on-premise
o Re-usable components in terms of code
o Can turn on hardware with pre-configured environment in days
o No lead time to get High Availability, Disaster Recovery, Scaling setup
o Images are cloned with basic OOTB use cases configured
➡ Lower Capital Investment & Supporting Infrastructure costs
o Clients who do not have investment in particular DB/App Server/OS
o Clients who do not have standard or in-house skills for ForgeRock
Operational Efficiencies & Quicker Time to Value
o Hybrid solutions for Clients interesting in migration from Sun/legacy to ForgeRock
o Reduced timing to procure hardware
o Quick-start packages for initial trials
5. Simeio Business-Ready IAM Cloud
An enterprise-grade Identity-as-a-Service (IDaaS) platform having
over 10 million Identities managed
• Complete
•
•
•
•
•
Access Management
Identity Administration
Role and Compliance Management
IT Governance, Risk and Compliance
Security and Risk Intelligence
• Flexible
• Technology agnostic
• Tailored to specific specifications
• Flexible subscription options
• Secure & Reliable
• Architected for security, scalability and reliability
• Multiple certifications and attestations (e.g. ISO 27001, SOC 1/SSAE)
6. Simeio Business-Ready IAM Cloud
•
Complete end-to-end IAM services and solutions
• Seamless, secure and role-appropriate access to information and
services anytime, anywhere, on any device.
7. Representative Case Studies
A European Financial Services organization
•
•
•
Managing customer relationships for B2B services
Chose the ForgeRock Open Identity Stack as strategic IAM platform
Deployed OpenIDM for access request & provisioning
An American Research company with global based
•
•
•
Enabling Business Performance through Cloud-based IAM services
Centralized authentication and SSO
OpenAM in Cloud Authentication Service
A Media-Entertainment giant from AsiaPac
•
•
•
Simplifying IAM experience through expert managed services
Migration of legacy systems to ForgeRock
Managing large volume of identities using OpenDJ
8. Case Study 1
• Managing customer relationships using ForgeRock OpenIDM
Business Challenges
• Replace legacy Customer Access
Request and Administration tool
• Lack of efficient customer registration,
management, and request processes
• Extensive use of ‘model-on’ methods
for granting access
• Relationship managers do not know
which groups to request for the
customer as they are “IT groups”
• Process relied on trust & knowledge of
business users, as there was no
systemized review of validity of the
requestor and customers they manage
• Potential in-efficiencies of user id
management
• Lack of management visibility into who
has access to what
The Simeio Solution
• Replaced legacy mainframe system
functionality with OpenIDM for customer
registration, assigning certificates and
provisioning LDAP groups
• Implement approval workflows for
required controls
Key Results
• Reduced costs & time for customer onboarding through automatic
registration / population customer data
data requiring only service
administrator approvals
• Implement account creation and
automated provisioning capabilities
• Improved accuracy of access grants
through business-friendly descriptions
of access groups
• Implement end-user e-mail notifications
and data reconciliation with target
systems
• Enablement of connectors for
integration and basic IAM services for
underlying applications
• Provide a business friendly user interface
for relationship managers to register
customers, renew certificates & request
access to target systems
• Increased productivity by reducing the
time required to create accounts,
passwords, and access rights for new
customers
• Enhance audit controls by providing audit
trail reporting & task delegation
capabilities
• Automated generation of necessary
attributes, such as mailboxes an
account names
9. Case Study 2
• Enabling Business Performance through Cloud-based IAM services
Business Challenges
• Users distributed all over the world (40
countries, 80+ locations) need a
seamless and single method to access
enterprise services
• Existing SSO solution is limited in terms
of global reach, as well as integrating
applications;
• Needed access to both on-premise and
SaaS applications, using one set of
credentials;
• Be able to use certificates as user
identifier instead of loginID +password
• Consolidate users distributed across
different AD instances all over the world
and create a single window for
provisioning and user authentication
The Simeio Solution
Simeio Cloud Authentication Service
• Provided a cloud-based single sign-on
and virtual directory solution;
• Provided single sign-on service for 10
applications In 10 weeks time
• Provided SSO service to in-house, onpremise (e.g. EBS) and SaaS (e.g.
travel, learning management)
• Added new applications (after first
deployment) within a week;
• Users can access either by using a
user cert issued by Client, or using AD
credentials
• Seamless access to Office365 and
SharePoint applications
Key Results
• Delivered an Access Management
platform that is able to onboard new
applications with very little integration
• Established a standard and integrated
with SaaS applications
• Integration with ADFS for Office365
and SharePoint users
• Certificate based authentication
provides increased security
• Seamless access from desktop and
mobile devices, both from within the
network and over VPN
• Single view of all the users and single
solution to provision and manage user
identities for all the locations across the
globe
10. Case Study 3
• Simplifying IAM through Expert Managed Services
Business Challenges
• Layoffs in security group led to search
for managed services organization to
assist wit multiple products
• Sun Identity Manager
• CA SiteMinder
• Virtual Directory
• Migration of ForgeRock products
• 24x7 support for incident and problem
management (root cause analysis,
resolution & reporting)
• Knowledge base creation &
maintenance
• Periodic development & integration
support requirements
The Simeio Solution
Key Results
• Off-shore and on-shore model for
management, monitoring &
maintenance of IAM infrastructure
• Streamlined vendor management
process – Simeio now handling all
support, maintenance & enhancements
• Program management – Simeio
providing operational support &
managed services staff
• Operational cost savings – economies
of scale gained from shared
infrastructure & shared resources
• Skilled managed services team
integrated into Client organization
taking over production system support
• Improved management of capital &
resources – operational & capital
expenses became more predictable
and cash flow improved
• Access to large source of IAM technical
specialists with ability to scale as
needed through shared services model
• Ensure high availability of IAM
infrastructure, and production
environment support to include
reporting, application support, log
monitoring & patching
• Enhanced integration & delivery time
for on-going projects by 40%
• Agility and increased business focus –
Client was able to focus on core
business activities, their market and
customer
11. Our Differentiators
COMPLETE
We’re the only company that offers complete, end-to-end IAM services, from
plan to build to operate.
FOCUSED
All we do is IAM. Our technical, functional and domain knowledge is
unparalleled.
FLEXIBLE
We sell solutions, not products. We’re not tied to any one vendor, technology or
model, so we’re free to deliver a perfect-fit solution.
12. Our Global Service Team
For more information contact:
Abhimanyu Yadav, VP | ayadav@simeiosolutions.com | +44 (0) 7919955480