1

ILANTUS Proprietary

Jaunary 20, 2014

Enabling complete AGS features on ISIMCompliance Express – ISIM Integration

2

Agenda

- Context

- Typical ISIM deployment Challenges

- About Compliance Express

- ISIM integration with Compliance Express

- Benefits and Demo

- ILANTUS Sales Contact details

3

Today’s focus

Access Governance using Compliance Express for ISIM customers

4

Typical ISIM deployments

• ISIM Integrated with top few applications

• This leaves lot of applications outside the purview of access governance

Identity Manager(ISIM)

AD

SAP

RACF

HR App

Lotus NotesApplications not connected with ISIM

App3

App7

App4

App8

App1

App5

App2

App6

5

Access Governance Challenges with typical deployments

• Access governance limited to applications that are connected with ISIM

- Limited recertification and role-mining flexibility with ISIM

• Single view to who has access to what application within an enterprise is not available

- Hence recertification process is limited and not across all applications

- Granular level recertification not possible on connected target applications

• CSV based integration with other applications is effort intensive

6

Overcome the Challenges

Introducing...…ISIM & Compliance Express integration

Features and benefits

7

About Compliance Express

Access Governance Capabilities

• Access Request

• Segregation of Duties (SoD)

• Access Recertification

• Reports

Features

• Flexible

• Cost Effective

Compliance Express is core Identity & Access Governance tool offered by ILANTUS.

8

ISIM-Compliance Express Integration Summary

• Integrated and complimentary to ISIM – leverages ISIM data

• Extend ISIM’s access intelligence and certification capabilities

• Adds SoD validation and Access Risks analysis

• ISIM collects and syncs data, and manages user provisioning workflows, Compliance Express delivers Access Intelligence

• Additional• Advanced fine grained access certifications – User, OU,

Application & Entitlements level.• Access Risk Management • Unique capabilities for SAP

9

How it works

• Enables Access Governance on top of your ISIM infrastructure and data;

• Deployed and configured as an ordinary ISIM Adapter;• API based integration;• Native supports the various entities and object-class and has the

ability to extend to any custom object-class.

10

Adapter @ a glance

Installation & configuration• Deployed just like any other ISIM Adapter;• Has TDI Assembly line for the full and incremental

synchronization between ISIM and CrossIdeas.

Few hours required to configure the adapter and synchronize the required objects and entities

11

How does this help our customers?

Brings the “power of two” – best of breed product in each segment brought seamlessly by Gartner recognized vendor

Address compliance issues through a comprehensive AGS offering built on top of industry leading identity management platform i.e. ISIM

Adopt flexible deployment method to cut short time to value

Entire solution seamless supported by ILANTUS

12

Customer Win – WhiteWave Foods (WWF)

• Entire solution being delivered in hosted mode

• IBM Products involved - IBM Identity and Access Assurance (IBM Security Identity Manager, IBM Security Access Manger for Enterprise Single Sign-On, IBM Security Access Manager for Web and IBM Tivoli Federated Identity Manger)

• ILANTUS Components – ILANTUS Compliance Express, ILANTUS Federation Express and ILANTUS Password Express

• Entire setup going live in stages – to help meet WWF strategic initiatives (separation from Dean Foods)

15

Use-case 1 (ISIM-Compliance Express sync)

In ISIM we’d create the following objects that sync automatically to Compliance Express• Organizational Units (OU)• Roles • Users

All the above sync into Compliance Express

ISIM Adapter for Compliance Express

16

Use-case 2 (Access Request Workflow)

Single interface for requesting access to any application (ISIM integrated or Compliance Express integrated) at the enterprise level

IBM SIM

Compliance Express Users

IT Pros

Additional

data sources

17

Use-case 3 (SoD rules for all enterprise applications)

• Define SoD rules at Enterprise level (for ISIM integrated and Compliance Express integrated apps)

• Compliance Express manages the SoD controls and ‘mitigation’ process

17

IBM SIM

Compliance Express

IT

Additional

data sources

Risk/Security

SoD Policies

18

Use-case 4 (Attestation/Re-Certification)

• Compliance Express allows Business to easily certify access rights

• Single interface to re-certify access for all applications across the enterprise (ISIM integrated and Compliance Express integrated)

IBM SIM

Compliance Express

IT

Additional

data sources

Risk/Security

19

ILANTUS Proprietary

Jeff Lumley, Director of Sales jeffrey.lumley@ilantus.com(720)233-1099