© 2016 ForgeRock. All rights reserved. Access Management with the ForgeRock Identity Platform So What’s New? Andy Hall, Director of Product Management Markus Weber, Senior Product Marketing Manager
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
© 2016 ForgeRock. All rights reserved.
Access Management with the ForgeRock Identity Platform
So What’s New?
Andy Hall, Director of Product ManagementMarkus Weber, Senior Product Marketing Manager
© 2016 ForgeRock. All rights reserved.
• Fastest-growing open source identity security software company in the world
• Founded: 2010• Headquartered in San Francisco with offices
in 6 countries• Employees: 350+• Customers: 400+ Enterprises in 30+ countries• Global Reach: ~50% international revenue• Hybrid Revenue Model with low Churn: <5%• Funding to Date (thru Series C): $52M• Investors: Accel Partners, Foundation Capital
and Meritech Capital Partners
Key Facts Mission Statement
ForgeRock: At a Glance
The forgerock identity platform currently powers
more than 500 million identities. It is our goal to become the market leader
in digital transformation and security for enterprise
identity worldwide.
© 2016 ForgeRock. All rights reserved.
Shared Services : User Interface, Self-Service, REST API, HTTP, Scripting, Audit and Logging
Federation Synchronization
Authentication & Strong Authentication
Identity Provisioning Application & Service Gateway
Authorization & UMA Provider
Workflow Engine IoT Identity Gateway
Adaptive Risk Self-Service Password Capture & Replay
UMA Protector
Access Management Identity Management Identity Gateway
Data Store
High Availability
Data Segmentation
LDAP / REST
Directory Services
Open Standards, High Availability, On-Premises, Cloud, Hybrid
The ForgeRock Identity Platform is built from the open source projects OpenAM, OpenIDM, OpenIG and OpenDJ
The ForgeRock Identity Platform
© 2016 ForgeRock. All rights reserved.
What’s New inAccess Management
© 2016 ForgeRock. All rights reserved.
Access ManagementThemes
• Smarter Security• Privacy and Consent• Internet of Things• Scalability and Performance• Ease of Use• Developer-friendly
© 2016 ForgeRock. All rights reserved.
Smarter SecurityAuthentication
• Mobile Authenticator App and Authentication Module
• iOS and Android• Strong 2FA based on OATH
standard• Easy to setup using QR codes• Integrated with Contextual
Authentication
© 2016 ForgeRock. All rights reserved.
Smarter SecurityAuthentication
• SAML Authentication Module• Brings federation into
authentication framework• Contextual Authentication now
applied to federated identities
© 2016 ForgeRock. All rights reserved.
Smarter SecurityContextual Authorization
• Enhanced Policy Editor supporting Scriptable Conditions
• Custom logic integrated into Policy decisions
• Supports Javascript or Groovy• REST-calls to external Policy
Information Points (PIP)
Access Management Session
Contextual Change
System Detects
New Location
System detects change during session and
requests further authentication
© 2016 ForgeRock. All rights reserved.
Smarter SecurityUniversal Authorization
• New Resource Types• Define arbitrary resource
descriptions using patterns and actions
• Policies can apply to multiple Resource Types
© 2016 ForgeRock. All rights reserved.
Smarter SecurityCommon Audit Framework
• Common Audit Framework• Complete view of activity
across all products• Extensible architecture
delivering CSV, JDBC, Syslog• Realm-specific Auditing• Fine-grained control of logging
ForgeRock Identity Platform
Common System & Activity
Logs
Access Management
Identity Management
Identity Gateway
Directory Services
© 2016 ForgeRock. All rights reserved.
Privacy and ConsentUser Managed Access
• Putting users in control of access to their data
• Fully compliant UMA Authorization Server
• REST APIs and User Resource Pages
• Supporting:• Resource Set Registration• Resource Sharing• Resource Labeling• Pending Requests• Audit history
© 2016 ForgeRock. All rights reserved.
Internet of ThingsOAuth2 Device Flow
• De-facto standard for pairing devices with user identities
• Ideal for devices with no input and limited output capabilities
• Revocation controlled by user
© 2016 ForgeRock. All rights reserved.
Scalability and ElasticityStateless Sessions
• New deployment option• Per-Realm attribute• JWT-based sessions• Ideal for Elastic Cloud-based
deployments• Massive horizontal scalability
12:00
:00 A
M
1:00:0
0 AM
2:00:0
0 AM
3:00:0
0 AM
4:00:0
0 AM
5:00:0
0 AM
6:00:0
0 AM
7:00:0
0 AM
8:00:0
0 AM
9:00:0
0 AM
10:00
:00 A
M
11:00
:00 A
M
11:59
:59 A
M
Demand
Clus
ter S
ize
Elastic Load Balancer
© 2016 ForgeRock. All rights reserved.
Ease of UseNew Administrator and End-User Interfaces
User• Rich user experience with latest XUI • Contextual tools to streamline UX• Extended self-service capabilities
Administrator• Powerful improvements to Administration
Console• Easier configuration using XUI• Realm-centric administration• Common task wizards e.g. OAuth2
Providers
© 2016 ForgeRock. All rights reserved.
Developer-friendlyForgeRock Platform Services
• More REST endpoints to extend developer flexibility
• More Scriptable extension points• Consistent and Responsive User
Interfaces• New SOAP-STS • Standards conformance
• OpenID Certified
© 2016 ForgeRock. All rights reserved.
ForgeRock Access ManagementSummary
• Smarter Security• Privacy and Consent• Internet of Things• Scalability and Performance• Ease of Use• Developer-friendly
© 2016 ForgeRock. All rights reserved.
Thank You!
Questions?
Related Documents
