High-end LDAP/X.500 Directory Server

Directory server benefits

• Standards-based LDAPv3 and X.500 directory server with X.509 support„
• Excellent robustness, scalability and high availability
• „Outstanding read and write performance
• „100+ million entries in one single server
• „Support of very large groups and attributes with very many values
• Easy-to-use graphical and scriptable administration tools
• „Comprehensive auditing and monitoring – integrated with Nagios
• „No downtime for administration and backup

Standards and compatibility

• Implements LDAPv3 and X.500 directory standards
• Permits third-party LDAP-enabled applications to manage the directory schema over LDAP
• Runs on the most popular operating systems and supports applications via LDAP and HTTP.

High performance

• Based on the innovative Directory Basic Access Method (DBAM) database kernel
• Optimized for directory access, allowing sub-second response times and high throughput rates for parallel queries
• Optimized for managing very large user groups and data sets
• Provides state-of-the-art multi-threaded process architecture.

High availability and reliability

• Supports floating master replication for high availability configurations and failover (a software solution instead of adding hardware clusters)
• Supports full and differential saving in parallel with directory update operations for backup and recovery
• Transaction processing in the database provides guaranteed recovery after crashes without data loss.

Identity management

• Manages user and subscriber profiles, digital certificates for public key infrastructures (PKIs), authorization and authentication information, and access permissions
• Manages other relevant attributes for users and subscribers that control access to information, network resources, or distributed services.

Security

• Supports SSL/TLS for LDAP server and client authentication, X.500 DAP authentication, authorized user access control, encrypted communication, and server-side policies for local security management
• Permits the creation and enforcement of password policies to control how passwords are used and administered in an enterprise network
• Supports policies for password complexity, aging, and reuse after expiration.

Scalability

• DBAM database kernel is designed to permit linear scalability in a single directory server
• So Evidian Directory accommodates future growth on existing hardware configurations, and can scale rapidly to store huge numbers of users in an extranet or cloud deployment, and can scale from workgroup to enterprise to e-business directory roles.

Administration

• Offers powerful graphical and command-based scriptable tools for centralized administration of a distributed directory system, including monitoring and logging functions
• Easy-to-use administration tools and excellent high performance audit capabilities for traffic analysis and accounting.

The challenge

Directory services are critical components in today’s interconnected business environment. They provide the foundation for identity and access management across ever-widening organizational boundaries, and can drive competitive advantage for the enterprise.
Within an intranet environment for example, a directory service can provide a global repository for shared information about employees, organizations and resources such as applications and network devices. In an extranet environment, a directory service might maintain profile information about customers, trading partners, and suppliers. Such a service might hold data from thousands up to millions of identities.
In both environments, the directory server plays a critical role. It must manage the identities, and control access to the information and services provided. It must make sure that access is fast, always available, authenticated and authorized; and it must ensure that the directory service is provided for a potentially very high number of users.

Our solution

Evidian Directory is a standards-compliant, high-performance, highly available, reliable and secure LDAP (Lightweight Directory Access Protocol) and X.500 directory server. It offers unlimited scalability with outstanding read and write performance.
Enterprise and carrier ready, Evidian Directory acts as the identity store for employees, customers, trading partners, subscribers, and other e-business entities.
Serving as a provisioning, access management and metadirectory repository, it provides a single point of access to information available in an enterprise network or cloud environment, within disparate and heterogeneous directories.

Evidian Directory V8.5 is now available.

Evidian Directory V8.5 offers advanced support of applications, enhances resilience of the directory service, and improves deployment and operational support.

With V8.5, customers benefit from the following new features:

• Advanced support of applications
  • Support of nested groups
• Enhanced resilience of directory service
  • Multiple Contact DSAs per LDAP server
• Improved deployment and operational support
  • Dynamic reconfiguration of LDAP server
  • Configuration wizard for setup and deployment for Evidian WAM
• Enhanced auditing
  • Additional options to limit size of audit files
• Additional option for external authentication
  • Support of non-anonymous, dynamic mapping in RACF Bind Forwarding
  • Support of multiple RACF authentication backends
• LDAP Extended Operation for DBAM Attribute Value Index Access Counter management
• Group support in LDAP server configuration attributes controlling access to extended operations
• Group support for configuration of LDAP server access control
• Additional options to control limits in LDAP search requests
• TLS 1.1 and TLS 1.2 support in dirxcp
• Additional operating system platform
  • Windows 10 for DirX Manager