Evidian SOA Access Manager

Features

Evidian SOA Access Manager provides:

Multiple user authentication options
Single Sign-On
Centralized audit
High availability and scalability
Centralized administration
Standards-compliant directory-based solution

Multiple user authentication options

Evidian SOA Access Manager supports multiple authentication types. End users can be authenticated using:

Username and password
A one-time password supported by hardware tokens
One-time password (OTP) devices. In this case, the login module installed on a workstation obtains the OTP from the SDM and uses it to authenticate the user and provide SSO

Secure Socket Layer (SSL) is used to ensure the confidentiality of any exchange between the JAAS Login Module and the authentication server.

Single Sign-On

Evidian SOA Access Manager provides Single Sign-On thanks to the end-user's SAML token. The SAML token is presented to trusted applications, thus preventing these applications from asking the end-users to log in again.

Centralized audit

Evidian SOA Access Manager enables you to audit user authentication. Audit messages are stored in log files that can be consulted at any time.

High availability and scalability

The ability to provide very high availability is a very important aspect of a security solution. Evidian SOA Access Manager provides scalability, with load balancing and high availability, by adding authentication servers on other machines and the Evidian SafeKit software. In addition SafeKit offers automatic fail-over of any component in the event of a failure.

In order to achieve high availability, Evidian SOA Access Manager supports full replication of LDAP directories.

Scalability enables the product to support automatic load balancing so as to maintain consistently high and predictable performance. With SafeKit, Evidian SOA Access Manager provides a scalable authentication service, supporting load balancing.

Centralized administration

Evidian SOA Access Manager provides access to all features needing administration through a single console—authentication, Public Key Infrastructure, and access control rules for each application. The administration console is a Java application running on web browsers that support the Java Run-time Environment plug-in.

In addition, Evidian SOA Access Manager provides customizable administration with a set of Java APIs. All the functions available in the administration console can be used by programmers to develop a customized administration application.

Standards-compliant directory-based solution

Evidian SOA Access Manager supports native, fully compliant LDAP directory standards. It uses two directory instances:

The Evidian Access Management Directory describes security objects and the configuration
The Users Directory (an LDAP-compliant enterprise directory) contains user and group information. Such a directory exists already in most enterprise, so this instance can be separated from the Access Management directory. As a result, you do not need to incur the expense of installing and managing separate and redundant user directories.

Want to know more?


Identity and access management for business and people Support Contact us >> Enterprise SSO: Single sign-on IAM Suite: Identity and access management OpenMaster: Service management intelligence SafeKit: Service continuity Finance Health care Manufacturing ISP/ASP Government Retail and services Telecommunications Consulting and implementation Training and certification Support Find a partner Become a partner Resources for partners Training and certification Newsdesk Press releases Calendar of events Web seminars White papers Web demos SafeKit trial Enterprise SSO trial Company Careers Offices and distributors
Evidian SOA Access Manager Overview Benefits Features White papers	... > IAM Suite > Access Management > SOA Access Manager > Features Evidian SOA Access Manager Features Evidian SOA Access Manager provides: Multiple user authentication options Single Sign-On Centralized audit High availability and scalability Centralized administration Standards-compliant directory-based solution Multiple user authentication options Evidian SOA Access Manager supports multiple authentication types. End users can be authenticated using: Username and password A one-time password supported by hardware tokens One-time password (OTP) devices. In this case, the login module installed on a workstation obtains the OTP from the SDM and uses it to authenticate the user and provide SSO Secure Socket Layer (SSL) is used to ensure the confidentiality of any exchange between the JAAS Login Module and the authentication server. Single Sign-On Evidian SOA Access Manager provides Single Sign-On thanks to the end-user's SAML token. The SAML token is presented to trusted applications, thus preventing these applications from asking the end-users to log in again. Centralized audit Evidian SOA Access Manager enables you to audit user authentication. Audit messages are stored in log files that can be consulted at any time. High availability and scalability The ability to provide very high availability is a very important aspect of a security solution. Evidian SOA Access Manager provides scalability, with load balancing and high availability, by adding authentication servers on other machines and the Evidian SafeKit software. In addition SafeKit offers automatic fail-over of any component in the event of a failure. In order to achieve high availability, Evidian SOA Access Manager supports full replication of LDAP directories. Scalability enables the product to support automatic load balancing so as to maintain consistently high and predictable performance. With SafeKit, Evidian SOA Access Manager provides a scalable authentication service, supporting load balancing. Centralized administration Evidian SOA Access Manager provides access to all features needing administration through a single console—authentication, Public Key Infrastructure, and access control rules for each application. The administration console is a Java application running on web browsers that support the Java Run-time Environment plug-in. In addition, Evidian SOA Access Manager provides customizable administration with a set of Java APIs. All the functions available in the administration console can be used by programmers to develop a customized administration application. Standards-compliant directory-based solution Evidian SOA Access Manager supports native, fully compliant LDAP directory standards. It uses two directory instances: The Evidian Access Management Directory describes security objects and the configuration The Users Directory (an LDAP-compliant enterprise directory) contains user and group information. Such a directory exists already in most enterprise, so this instance can be separated from the Access Management directory. As a result, you do not need to incur the expense of installing and managing separate and redundant user directories. Want to know more? White paper: SAML-SSO and access control for SOA and classical architectures >> Contact us and ask for a demo >>	Server platforms Red Hat Enterprise Linux 3.0 (Advanced Server) for X86 compliant machines Sun Solaris 8 and 9 JAAS Login Modules Supported on Windows NT, 2000, 2003, Sun Solaris, Red Hat User authentication via login/password, OTP login or SDM token Get and deliver SAML V1.1 assertions Process SAML signature verifications Extract and deliver user identifier and attributes from SAML assertions Used through the JAAS interface Compliant with J2EE platforms, WebLogic V 8.1, Jboss V3.2.3: Services available from Evidian and partners Auditing and consulting Prototyping, customization and integration Deployment Support Training

Identity and access management for business and people