IntroductionEvidian Policy Manager
Policy Manager is the heart of Evidian's identity and access management solution. From a single console, you can define and enforce an access security policy in your entire enterprise.
The console
The Policy Manager console uses Web 2.0 technologies (AJAX) to provide an easy-to-use environment for administrators. As a result, administration tasks can be delegated to the level where they make the most sense.
Reconciliation and update of application accounts
Policy Manager gives you an efficient, two-step approach to reconcile and update application accounts. A central access rights database contains an image of the accounts in the information system:
- In a first step, you reconcile the security policy with this central database. This helps you to tune the policy and manage exceptions
- In a second step, you synchronize the accounts on the target systems and applications with the central database
Don’t have a complete security policy yet? Evidian tools and services can help you “collect” live accounts and deduce a best-fit access policy, which can be improved later on.
Policy Manager can update accounts if necessary, either transparently or through automated requests to application administrators – you don’t have to modify the target systems or applications. Policy Manager can also work with third-party provisioning tools
Workspaces
Policy Manager provides ‘sandbox’ workspaces to define and analyze various policy scenarios. You can study in detail the consequences of a policy change without disturbing the active model and applications.
Extended RBAC model
Policy Manager uses an extension of the popular RBAC model. In addition to a user’s role, the Evidian model can also take into account a user's place in the organization. Of course, all the RBAC functions (such as roles, inheritance and segregation of duties) remain available. But the addition of the “organization” concept makes your model simpler to define, implement, and maintain.
