Identity meets compliance


With a pair of product updates unveiled at its user conference last month in Salt Lake City, Novell emphasized the tighter integration of its security offerings and new capabilities around workflow and compliance monitoring.

Novell used its annual BrainShare event to launch version 3.5 of its flagship security offering, Novell Identity Manager. The vendor also previewed version 6.0 of Sentinel, the security information and event management tool it acquired with the purchase of e-Security Inc. in April 2006. The first update since the acquisition, Sentinel 6.0 is due for release in May.

Kent Erickson, vice-president and general manager, identity and security management with Novell, said along with Access Manager these offerings allow Novell to offer a tightly integrated set of tools providing identity, access management and compliance capabilities.

The updated Identity Manager has been integrated with Sentinel to provide identity context to system monitoring and evaluation. Provisioning of credentials for single sign-on has also been simplified.

Deployment tools have also been improved, allowing greater customization so IT administrators can model workflows and adapt the system to meet organization-specific needs, Erickson said.

Novell’s Sentinel offering is designed to gather system and event information, identify security or compliance issues, and track remediation activities. Depending on the event, administrators can have the program trigger a specific action, from automatic remediation to informing the appropriate contact.

“The people responsible want to know their policies are being enforced all the way down,” said Erickson.

Darren Fankhanel, senior manager of IT operations with Grant MacEwan College in Edmonton, said they’re using Identity Manager to connect Novell eDirectory with a Microsoft Active Directory implementation. The college is also about to implement the suite’s password self-service capability, Fankhanel said. “It allows us to continue along our path of single identity, a single source of data that gets propagated-out,” said Fankhanel. “We don’t want to have to manually re-enter data all over the place, it’s prone to errors and delays.”

The Welfare Division of the State of Nevada’s Department of Human Resources implemented Identity Manager and Access Manager in 2005. Glen Meyer, chief of information services for the division, said chaos had ensued as the department tried to modernize its unsupported, heavily-used legacy mainframe application. Components were replaced with Web-based services but with no overarching plan. That led to a dozen systems each having unique authentication models requiring separate usernames and passwords.

In addition to solving the division’s identity woes, Meyer said the suite also allowed them to redirect IT resources to higher priority areas. Previously, security was controlled by the developer for each application, which meant credentialing a new user involved a paper request to be generated and sent to each developer for action. A process that took days now takes just hours and is done centrally by a security administrator.

Quicklink 077565


Related Download
Virtualization: For Victory Over IT Complexity Sponsor: HPE
Virtualization: For Victory Over IT Complexity
Download this white paper to learn how to effectively deploy virtualization and create your own high-performance infrastructures
Register Now