RealTime IT News

IBM's 'Automated' Identity Management Upgrade

IBM Monday unveiled new Tivoli software that automates personal identity information for logging onto networks and computers, an upgrade that keeps pace with the company's other product lines.

The Armonk, N.Y.-based IBM said it expects the new integrated identity management portfolio, which a Forrester Research analyst said was unsurpassed in terms of breadth, to help organizations reduce costs, meet compliance requirements, improve service levels and bolster security.

Identity management became a serious concern in the aftermath of the terrorist attacks two years ago. Fearing a holistic shutdown of the Internet, enterprise software companies were called upon to create more security computing environments. Companies such as Sun Microsystems, Microsoft and IBM have since stepped up to improve and federate network security and identity management.

For the past year or so, Big Blue has been a leading champion of software automation, which falls under its company-wide on-demand computing strategy to guide business processes more with product than with personnel.

The Austin-based Tivoli unit has been automating much of its software for the past year, tailoring it for storage and database infrastructure.

Many of these automated management and provisioning technology upgrades came courtesy of IBM's acquisition of Think Dynamics, whose assets the company has been integrating into its Tivoli line.

To wit, IBM has bolstered integration and automation in its IBM Tivoli portfolio, including its Access Manager family, Tivoli Identity Manager, IBM Tivoli Privacy Manager, IBM Tivoli Directory Integrator and IBM Tivoli Directory Server in the hopes of fostering a safer computing environment for partners, suppliers, customers and employees.

Tivoli Access Manager version 5.1 has two new functions to make applications run smarter and more efficient. Joe Anthony, director of integrated identity management at IBM Tivoli, said the new Dynamic Rules Engine automatically pulls user information from any source, such as finance or supply chain applications, in order to grant users access. This new approach will help eliminate redundant access control lists.

In one scenario of how the engine works, Anthony told internetnews.com a bank may need to confirm that a user is over 21 years old and meets a minimum credit rating before it okays a transaction. The new tool could more quickly survey the student's data and determine if the deal can go through. This new function is performed outside individual applications.

In the second new Access Manager feature, Anthony said Dynamic Group Support helps companies to apply access control decisions for employees, partners or suppliers based on organization membership, job codes, divisions or reseller categories.

"Companies spend millions of dollars each year on manual processes," Anthony said, noting that hard-coding and waiting for applications to update can be quite time consuming.

Tivoli Identity Manager version 4.5, which feeds digital identities to computer systems, now comes with an automated customer workflow engine that swiftly handles requests such as revoking an employee's security badge based on preset policies.

A new automated lifecycle management feature also lets businesses create custom processes, or modify out-of-the-box processes, and execute them on the fly. A company can set automated triggers to send re-certification requests every few months or so. IBM Tivoli Identity Manager updates the contractor's access rights.

Because of the breadth of IBM's management software offerings, Anthony said the company often finds itself competing with point product vendors such as Netegrity for access management, or WaveSet for ID management. Even Sun only bumps up against Tivoli with its directory server and Microsoft ID management is endemic to Windows.

Forrester Research Director Jonathan Penn recently issued a report in which he detailed the identity management space and cited IBM as a market leader.

"IBM has become the big gorilla in identity management jungle and is the competitor against which all vendors must compete," Penn wrote. "Several other major vendors also have multiple identity management products, most notably Novell, Computer Associates and Sun. Each sells well into their existing customer base, which is substantial and not to be dismissed, but they have not been as visible as IBM in competitive situations."

In other updates: IBM Tivoli Directory Integrator version 5.2, which integrates with the line's Identity Manager will be enhanced to provide real-time synchronization among more identity data sources. Benefiting from the technology of IBM's MetaMerge purchase, it also provides password synchronization capabilities with IBM Tivoli Directory Server, Microsoft Active Directory and Sun ONE Directory Server.

This tight integration links IBM's user provisioning software to custom applications to facilitate identity management projects by leveraging disparate data sources - such as multiple directories and databases.

Additionally, IBM Tivoli Privacy Manager version 1.2 now provides real-time compliance checks of up to 100 transactions per second and new monitors for packaged and custom applications.

To accommodate the portfolio refresh, IBM said that more than 30 new partners and resellers have agreed to endorse identity management software. Tivoli Identity Manager 4.5 and Tivoli Privacy Manager 1.2 are available now. Tivoli Access Manager 5.1 family, IBM Tivoli Directory Integrator 5.2 and IBM Tivoli Directory Server 5.2 will be available before the end of the year.