Friday Feb 29, 2008

Identity Management, FAM 8, Policy Agent 3.0, and Glory

In the following blog entry, Policy Agent 2.2 With Access Manager 7.1, I compared Policy Agent 2.2 to marathon runner Derek Clayton because they both exemplify high endurance. Well, I have another similar comparison to make. This comparison has to do with Sun's Identity Management suite and Sun's attitude toward identity management in general.

First, let me give you a little Sun identity management background:

Sun Java Identity Manager continues to be the absolute power house in user provisioning: http://blogs.sun.com/ontherecord/entry/sun_positioned_in_leaders_quadrant

Moreover, Gartner has also just placed Sun in the Magic Quadrant for the web access management (WAM) market: Magic Quadrant for Web Access Management

That puts Sun in the leader's pack. However, with Federated Access Manager 8.0 coming out, including Policy Agent 3.0, Sun's is getting ready to break from the pack.

Okay, so given that background, if Sun's identity management suite were a runner, it would be this runner:

Paula Radcliffe, New York Marathon 2007

I'm talking about the leader in this photo. She's Paula Radcliffe, the British long distance runner. Her personal best in the marathon is the world record of 2 hours 15 minutes and 25 seconds. There are very few men in the U.S. today that could run that fast. The second fastest time by a women is more than three minutes slower than that.

Some years back, amongst the most elite, Paula was a middle of the pack runner. Her running form has even been criticized. She kind of bobbles her head when she runs. But she persevered. She analyzed everything about her diet and training and tried new things. Icing down her legs after a training run, weight training, physical therapy, shoes, clothing, you name it. She even looked at the bobble of her head before deciding not to tweak that particular aspect of her running form. Her improvement was slow and steady and she kept tweaking things here and there until she became best of the best. Still, she's had disappointments. She doesn't win every single race she enters. She was struggling during the 2004 Olympics and dropped out at around the 23 mile mark. Recently, she had a baby and tried to come back real quick but found that she had to take her time. She seems to be back in form, though, winning the New York Marathon in 2007. She'll be competing in the 2008 Olympics in Beijing. Her future is looking bright. So, yeah, Sun's identity management suite is a bit like that.

Sun's commitment to identity management has been clear to me in a visceral sense for years. However, I never could articulate that importance until about a year back. I was reading the white paper Positioning Federated Identity For The UK Government by Sun's very own Robin Wilton, when suddenly there it was:

Sun's vision and the role of identity

Sun is known for its original corporate vision that “the network is the computer”, a vision since supplemented with the idea of “everything of value connected to the network”. There is a strong
technological dimension to Sun's vision statements - but they are also important for what they imply about identity, authentication, authorisation, access control, trust and privacy. The more we assume that everything of value is connected to the network, the more vital it is that identity, appropriate access and online trust form the foundations of online service provision.

I couldn't have said it better myself. And trust me, I tried. That's it. That's why Sun must succeed in the identity management space. I would say the importance of identity management to Sun is something along these lines:

By hook or by crook, through hell and high water, Sun absolutely, positively must ensure that the identity management available for Sun systems is top notch, best of breed, as good as it gets. Sun's very survival depends on it.

It's an attitude. I imagine that Paula Radcliffe feels driven in a similar fashion. Her very survival isn't at risk, and yet her status as the greatest female runner in the world is. So, in such a situation, you search for what works and you do it. For Sun, it means embracing open source and embracing non-Sun platforms, R&D, acquisitions, blood, sweat, and tears: experiment, tweak, pay attention, analyze, repeat. You don't win them all, but you always keep a can-win attitude, and you learn. Then you go back to the drawing board: experiment, tweak, pay attention, analyze, repeat.

When it comes to web access management, Sun has been very attentive to the market and is incorporating big changes in Federated Access Manager 8.0 and Policy Agent 3.0.

Daniel Raskin explained a great deal of this in two blog entries about the FAM 8 roadmap back in September:

Especially since Access Manager and Federation Manager are being combined in FAM 8, there's a huge emphasis on simplifying the customer experience. I write Policy Agent documentation, and Policy Agent 3.0 is the new version of Policy Agent that coincides with FAM 8. The big, big thing here is that FAM 8 provides centralized agent management with Policy Agent 3.0. This is huge. Customers have had to manage agents one at a time in the deployment container. Still Sun has had a very competitive product. With centralized agent management, Sun is really charging forward. Just saying "centralized agent management" is not enough to explain all the effort going into the agents to make them simpler to manage in so many ways. In time, you will see many things about Policy Agent 3.0 to be happy about. For now, here are a couple links to help you monitor what's going on with Policy Agent 3.0:

That first link above provides a lot of info, including some installation information.

In the Paula Radcliffe analogy, at this time, Sun is running amongst the front runners of the elite pack and is starting to focus on key factors that will launch it out to the very front with room to spare. Therefore, I'd say that in the identity management space, Sun hasn't yet run it's 2 hour 15 minute and 25 second marathon, but it's coming up real soon. Just as I wouldn't bet against Paula Radcliffe in Beijing in 2008, I wouldn't bet against Sun in the identity management space, in fact all indications are that Sun's the endurance athlete to beat in this race.

Monday May 14, 2007

Access Manager Policy Agent 2.2 minor version support

In the most recent update to Sun Java System Access Manager Policy Agent 2.2 Release Notes, I added an explanation about the support of the agents in the Policy Agent 2.2 software set when it comes to the minor versions of the operating system and of the deployment containers.

I, more or less, just took the information from the document and pasted it below. I'm guessing from queries in the past that there's a pretty high interest in this info. Not a high interest compared to the Super Bowl, say, but high interest compared to other Access Manager Policy Agent 2.2 topics. Anyway, to make it easy to find, here it is as follows.



Understanding Server and Operating System Support for Policy Agent 2.2

Generally, information provided about Policy Agent 2.2 support for servers (deployment containers) and operating systems indicates only versions tested. However, each agent provides support beyond the specific versions tested.

Sun Java System Access Manager Policy Agent 2.2 supports all minor versions of both the server and of the operating systems with the assumption that the minor versions do not introduce any interface changes on which the agent relies. The term minor can include terms such as update, service pack, and patch.


Web Agents and Minor Version Support of Servers and Operating Systems

This section provides examples of minor version support that applies to web agents in the Policy Agent 2.2 software set. Be aware that terms such as service pack or update do not always apply when referring to minor versions. For example, in reference to the deployment container Apache HTTP Server 2.0.54, the term “minor” refers to the part of the version number after “2.0.” Therefore, 2.1 is not considered a minor version. All versions that exist in the 2.0 series (2.0.x) are considered minor.

The following examples illustrate the type of minor version support provided. For these examples, the agent is Agent for Sun Java System Web Server 6.1. One of the platforms for which this agent was originally tested was Sun Java System Web Server 6.1 on SolarisTM version 10.

Example Deployment Container 

Examples of Supported Minor Versions 

Web Server 6.1 

  • Web Server 6.1 Service Pack 4

  • Web Server 6.1 Service Pack 7

  • Web Server 6.1 Service Pack 11

  • And so on, as service packs become available

Example Operating System 

Examples of Supported Minor Versions 

Solaris 10 

  • Solaris 10 1/06 release

  • Solaris 10 6/06 release

  • Solaris 10 11/06 release

  • And so on, as updates become available

 

For example, you could use Agent for Sun Java System Web Server 6.1 with Sun Java System Web Server 6.1 Service Pack 7 on Solaris 10 6/06 release.


J2EE Agents and Minor Version Support of Servers and Operating Systems

This section provides examples of minor version support that applies to J2EE agents in the Policy Agent 2.2 software set. Be aware that terms such as service pack or update do not always apply when referring to minor versions. For example, in reference to the deployment container IBM WebSphere Application Server 5.1.1, the term “minor” refers to the part of the version number after “5.1.” Therefore, 5.2 is not considered a minor version. All versions that exist in the 5.1.0 series (5.1.x) are considered minor.

The following examples illustrate the type of minor version support provided. For these examples, the agent is Agent for BEA WebLogic Server/Portal 8.1 SP4. One of the platforms for which this agent was originally tested was BEA WebLogic Server/Portal 8.1 SP4 on Windows 2003, Enterprise Edition.

Example Deployment Container 

Examples of Supported Minor Versions 

BEA WebLogic Server/Portal 8.1 SP4 

  • BEA WebLogic Server/Portal 8.1 SP3

  • BEA WebLogic Server/Portal 8.1 SP5

  • BEA WebLogic Server/Portal 8.1 SP6

  • And so on, as service packs become available

Example Operating System 

Examples of Supported Minor Versions 

Windows 2003, Enterprise Edition 

  • Windows 2003, Enterprise Edition, SP1

  • Windows 2003, Enterprise Edition, SP2

  • Windows 2003, Enterprise Edition, SP3

  • And so on, as updates become available

 

For example, you could use Agent for BEA WebLogic Server/Portal 8.1 SP4 with BEA WebLogic Server/Portal 8.1 SP5 on Windows 2003, Enterprise Edition, SP2.



Any questions, queries, or comments? Not that I have answers, but it seems proper to ask.



About

What does this box do?

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today