Sun has unveiled the next version of its provisioning software, which features integrated auditing tools to help users meet compliance needs.
The company announced the move at the recent Digital-ID World conference.
Sun has taken its Identity Manager provisioning software and married it with its Identity Auditor, which was released in 2005. The result is Identity Manager 7.0, which is scheduled to ship by the end of the year. Identity Auditor will no longer be a separate product.
Sun’s intention with Identity Manager 7.0 is to not only automate the process of assigning a user access to various systems, but also the follow-up process of routinely checking what that user actually has access to.
The new features include compliance reporting, certification reviews, audit scanning and automated remediation. The plan is to bring auditors and IT together in the process of setting up and evaluating access permissions and network activity.
“One thing that’s quite interesting here is the way that Sun is moving into the policy area,” says Jonathan Penn, an analyst with Forrester Research.
“They are building a way to represent [business] policy at a high level and translate that into security policies that these identity management systems can understand.”
Penn says Sun still has a long way to go, but he believes that identity management needs to evolve into policy management and enforcement. “Despite all the connectors and integration efforts, we still don’t have enough control over who’s doing what,” he says.
Sun isn’t alone; vendors such as BMC, CA, HP and Novell have developed or are developing similar products.
Sun’s auditing software can identify policy violations, send notifications to compliance officers and help administrators deal with exceptions to policy rules.
“The idea is to encapsulate business policy and business controls and add that to the provisioning process,” says Andy Land, product-line manager for identity at Sun. “Compliance is driving people to go beyond the general provisioning lifecycle.”
The new features in Identity Manager automate the auditing and review processes that are repeated regularly for a company to help it stay within compliance parameters of federal or industry regulations.
With Identity Manager, companies can present a unified view of users’ identity and system access activities. The software includes a policy audit engine that scans for set policies and ensures they are being enforced on systems and applications.
The software also features audit scanning, a compliance dashboard, automated reconciliation of roles and audit policies, provisioning with integrated audit policy and audit policy certification review.
Identity Manager 7.0 runs on the Solaris 10 operating system, as well as Windows, Red Hat Linux, Novell SUSE and Unix.
Adapters to systems such as Oracle, SAP, and Microsoft’s Active Directory will be available.