Chris Louloudakis Solution Specialist Identity & Access Management Microsoft Corporation SVR302
SVR319 - Identity Lifecycle Manager 2007: An overview of user and certificate provisioning Demonstrations at the TechEd Showcase Demonstrations at the Security stand
Identity at the centre of business The IT burden Identity Lifecycle Management Roadmap ILM 2007 ILM “2” Demo Questions
Information Workers Call help desk for password and access requests Wait up to weeks for access Define business policies Developers Business rule development Custom application development Systems integration Wrong People Wrong Contexts Greater Complexity Higher Cost IT Professionals Respond to the business Respond to users Architecture & deployment System admin Governance & security Managing permissions Creating & deleting user accounts Policy implementation & enforcement
Business rules & policy Permissions Group & role membership Distribution lists Passwords & PINs Architecture Deployment System administration Governance Security System & application integration & development Users AccessCredentials Policy IT Professionals Information Workers Developers Add Update Revoke Audit
Identity life cycle management has the potential to save $50 per PC annually due to automated user provisioning $120 per PC annually due to directory sync & password management Identity and Access Management Spending Less spending on specialized infrastructure Higher end-user productivity IT staff focused more on business enablement Lower spending on services IT Staff 45% S/W 10% System Integration 45% TCO ROI 2007
Solutions Self-help, Help-desk, IT Pro Policy Management Synchronization, Rules, Connectivity Logging, Query, Auditing Approvals, Notifications, Delegation APIs, Protocols, Interop Dir DB File LOB User Management Access Management Credential Management Meta-directory Reporting Workflow Extensibility Experiences IdM Hierarchy of Needs
User Management Access Management Credential Management Policy Management MIIS 2003 CLM Beta Last Year Now Single Product for Identity Synchronization Certificate & Smart Card Management User Provisioning Microsoft Identity Lifecycle Manager 2007 ILM “2“ 2H 2008 Builds on the ’07 Release Empowers information workers Provides IT with control with less effort Improves operational efficiency
Solutions Self-help, Help-desk, IT Pro Policy Management Synchronization, Rules, Connectivity Logging, Query, Auditing Approvals, Notifications, Delegation APIs, Protocols, Interop Dir DB File LO B User Management Access Management Credential Management Meta-directory Reporting Workflow Extensibility Experiences Microsoft Identity Integration Server 2003 SP2 IdM Hierarchy of Needs
Identity Synchronization Provides single view of a user across enterprise systems Automatically keeps identity information consistent across systems Brings together metadirectory, certificate management, and user provisioning across Windows and enterprise systems into a single packaged offering. User Provisioning Automates the process of on-boarding and off-boarding users Simplifies compliance through automated IDA enforcement Enforces consistent credentials across systems Certificate and Smart Card Management Reduces cost of managing certificate-based credentials Automates workflow-driven certificate issuance and revocation Vastly simplifies deployment of smart cards
Solutions Self-help, Help-desk, IT Pro Policy Management Synchronization, Rules, Connectivity Logging, Query, Auditing Approvals, Notifications, Delegation APIs, Protocols, Interop Dir DB File LO B User Management Access Management Credential Management Meta-directory Reporting Workflow Extensibility Experiences Identity Lifecycle Manager 2007 IdM Hierarchy of Needs
Solutions Self-help, Help-desk, IT Pro Policy Management Synchronization, Rules, Connectivity Logging, Query, Auditing Approvals, Notifications, Delegation APIs, Protocols, Interop Dir DB File LO B User Management Access Management Credential Management Meta-directory Reporting Workflow Extensibility Experiences Identity Lifecycle Manager “2” IdM Hierarchy of Needs
Workflow SolutionAreas DelegationApprovals Control framework Delegation IT Professionals Self-service Business policy management Information Workers Access Management CredentialManagementNotificationsExceptions Extensibility Workflow Foundation Windows Communication Foundation User Management Policy Management Metadirectory Synchronization Consistency Heterogeneous Connectors
Automated, codeless user provisioning Self-service and admin profile management Enables integration of user, device, and service management Delegated & self-service group and distribution list management Information worker self-service experiences through Office and SharePoint Dynamic groups/roles & distribution lists Access Management Manage multiple credential types (passwords, certificates, smart cards) Integrated with Windows logon (registration & reset) Support for multiple reset gates (q/a, smart card, cell, speech, custom) CredentialManagement User Management Visual, natural language process authoring, editing, and reporting Extensible workflows through Windows Workflow Foundation Integrates with System Center for monitoring and control Policy Management
Improves Operational Efficiency Empowers People Puts IT in Control with Less Effort Reduces help desk calls through integrated self service Automates IDA processes that are manual today Facilitates system auditing and compliance reporting Provides self-service tools that work within a familiar context Gives business owners the tools to manage their resources Greater productivity through faster time to resolution Provides tools to define & enforce processes & policies Enables delegation of decisions to users & business owners Spans user, credential, access & policy management
Identity is core to the people-driven business Today the identity life cycle management burden is on IT Microsoft’s approach: Align experiences with the right people Lowers cost Empowers people Provides IT with control with less effort How we get there ILM 2007: Brings together metadirectory, certificate management, and provisioning across Windows and enterprise systems ILM “2”: Extends ILM 2007 with new solutions to manage users, credentials, access, and policy using the tools that IT, users, and developers are most familiar with
SVR319 - Identity Lifecycle Manager 2007: An overview of user and certificate provisioning
Technical Communities, Webcasts, Blogs, Chats & User Groups Trial Software and Virtual Labs Microsoft Learning and Certification Speaker’s Microsoft Identity Lifecycle Manager Web Page ILM Beta Information:
Learn More About Identity Lifecycle Management ILM 2007 Home Page www.microsoft.com/ILM 2007 Identity Lifecycle Solutions ILM 2007 Evaluation Edition www.microsoft.com/ILM 2007 Learn About Microsoft Identity and Access (IDA) IDA Solutions Home Page Work with Microsoft IDA Partners IDA Partners
© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.