Simplifying SharePoint Security Is Easier Than You Think · Simplifying SharePoint Security Is...
Transcript of Simplifying SharePoint Security Is Easier Than You Think · Simplifying SharePoint Security Is...
Build Trust, Deliver Value
Simplifying SharePoint SecurityIs Easier Than You ThinkIs Easier Than You Think
March 17, 2010
Novell and CrescentBuild Trust, Deliver Value
Enterprise Technology Consulting
Identity and Security Management Consulting
Information ManagementFocus on Solving Customer
ManagementEnterprise-wide LinuxSystems Management g
Business IssuesStrategic InitiativesTactical Project Execution
Systems Management
Tactical Project Execution
Managing Access to SharePointBuild Trust, Deliver Value
• Small / Medium Enterprise
– Active Directory – SharePoint Identity / Policy Store
– Administrator manages users and policies in the common store
• Large Enterprise / Multiple Communitiesg p p
– Active Directory – SharePoint Identity / Policy Store
– LDAP and legacy policy stores
– Extranets, customers and partners, Open Source users, multiple BUs
– International regulations, privacy laws
– Heavy administrative load managing users, policies
Without Novell Access ManagerManaging Access to SharePointBuild Trust, Deliver Value
• SharePoint user management for multiple communities– Options:p
> Manual registration / management
> User name/password databases
– Issues> Management overhead
> Security holes, orphaned accounts, shared passwords
> Difficult to audit, limited accountability
Microsoft Active Active
eDirectory “Employees”
SharePoint Directory “SharePoint”
Active Directory
Sun One “Customers”
Federated IdentityBuild Trust, Deliver Value
Claims-based authenticationauthentication
WS-Federation
Security Token ServiceSecurity Token Service
Similar to AD Trust relationshipse a o s ps
Heterogeneous environments
More control over 3rd
party access
Without Novell Access ManagerSharePoint and Novell® Access Manager™
Build Trust, Deliver Value
eDirectory Novell Access
Easy access to SharePointUsers authenticate to Access
Active Directory
y“Employees”
Novell Access ManagerManager
Users access SharePointDirectory
Sun One “Customers”
Access Managertransforms LDAP
and FederatedIdentity into ADFS
claims
Single Sign-on
Improved user experience
Si lifi d d i i t tiSimplified administration
Map claims to existing SharePoint or Active Directory groups
MicrosoftSharePoint
Active Directory
“SharePoint”
y g p
Single place to administer security
No dead or orphan accounts
Novell® Access Manager™ 3.1Build Trust, Deliver Value
Single solutions protects Web and Enterprise applications
SAML WS Federation Liberty AllianceSAML, WS-Federation, Liberty Alliance
No modification to web servers/infrastructure
P id ll t bilitiProvides all access management capabilities
Authentication, Authorization, web single sign-on, personalizationpersonalization
SSL VPN out of the boxMulti-platform supportMulti-platform support
Client integrity checking
“Shredded after use” folders
Identity and Access ManagementBuild Trust, Deliver Value
Identity and Access ManagementBuild Trust, Deliver Value
IdentityManagement Roles
Management
SimplifiedSecureAccessAccess
PasswordManagement
AccessCertification
Build Trust, Deliver Value
N ll A M 3 1Novell Access Manager 3.1
Demonstration
• Secure Extranets and PortalsSecure Extranets and Portals• Microsoft/Novell engineered
for SharePoint• User management tools• Web single sign-onWeb single sign on• Policy-based governance• No orphan accountsNo orphan accounts
Build Trust, Deliver Value
Stuart Proffitt, PrincipalId tit d A M tIdentity and Access Management
J Steven Fritzinger Vice President
530-878-1873
J. Steven Fritzinger, Vice PresidentInformation Management & Business Productivity
[email protected]@crescententerprise.net703-349-4226