Q & A From Webcast to Asia on Platform vs. Point Solutions
By Naresh Persaud-Oracle on Dec 04, 2011
Thanks to all who joined our webcast. Here is a link to the Aberdeen paper discussed during the webcast and below we have documented answers to the Q & A from the webcast. If there are any additional questions don't hesitate to give us a call at 1-800-672-2537.
Q: Based on the Aberdeen findings, what are Oracle’s views and positioning towards the results findings?
A: Oracle has always taken a platform approach to Identity and Access Management. In every release of our solutions we continue to rationalize our architecture to provide greater inter-operability so that a customer can have the flexibility to adopt any of our individual solutions and later adopt complimentary products in the stack. The key is that the data across the suite works together. As a reference you can view our end to end solution webcast.
Q: How should a company get start using a platform approach?
A: There is no pre-defined approach to getting started. The platform approach means you can choose the component that addresses your immediate need and later choose other components as your Identity and Access roadmap needs change. If your biggest challenge is audit compliance, then start with Oracle Identity Analytics. If "on-boarding" and "off-boarding" becomes a challenge then adopt Oracle Identity Manager. Regardless of which solution you choose first, the roles, users and workflows across both products will be shared. This simplifies the deployment and solution support.
Q: Hi Can you please give me a example of Point Solution, Is it AD a Point solution?
A: By point solution we mean solutions that are not part of an over all suite. AD would be an example of a point solution. By platform approach we mean a set of point solutions from a single vendor that inter-operate.
Q: With regards to a platform approach to IAM, specifically which components / solutions are we referring to here that make up "IAM" platform e.g. Identity, web access management, role analytics / management, directory etc...?
A: Here we are referring to several components: Access Management, Administration and Governance, Directory Services, Fine Grained Entitlements and SOA security
Q: What are the realistic timelines to implement for bigger organizations ?
A: An organization does not have to deploy all of the products in a platform to gain the benefits. Deploying each product can take a few weeks depending on the number of users and the size of the organization.
Q:Is it possible to automate all the "On-board and Leaver(Purge or Account Locking capabilities) ?
A: It is possible to automate most of this activity. Typically organizations will target the most security sensitive applications first.
Q: What is the cost difference between Platform based on Point solutions
A: Based on the results of the Aberdeen survey organizations can save up to 48% when looking at the cost of deploying a combination of point solutions vs a platform based solution. The cost savings is directly related to the cost of integration between point products that are not part of a suite. On a per solution basis there is not much difference in the license cost. The real cost difference is cost of ownership.
Q: To my knowledge IAM has not matured and didn't cater to several of our requirements when we were looking for a solution, what do you think about its evolution in the last 5 years ?
A: IAM has transformed drastically in the past five years. It would be good to re-examine your requirements with a fresh look at the solutions on the market.
Q: Is single sign-on supported for non-Oracle applications ?
A: Yes Oracle's Web SSO and Enterprise SSO support single sign-on for many non-Oracle applications to read more click here.
Q: Will it support Employee ID and different roles of Oracle and non-Oracle Applications ?
A: Yes, Oracle Identity Analytics and Oracle Identity Manager both support creating roles for non-Oracle applications. In addition, it can help to active a single id per employee across the organization. To learn more click here.
Q: What kinds of reports are delivered as part of the IAM suite and how can we automate some of the Audit requirements, If some of the users or Hackers Intrude is any way we can get notifications ?
A: There are several different kinds of reports that you will need to address your audit challenges. First most audits are looking for a report of separated user and verification that these users no longer have access to critical systems. Oracle Identity Manager contains reports out of the box that provide this information. You can learn more about this by clicking here for the resource page on OIM. In addition, you will want to conduct certification reviews of entitlements for critical systems. The certification review reports can be found on Oracle Identity Analytics. You can learn more about OIA by clicking here.
Q: How do we integrate custom strong authentication devices with the Oracle IAM suite?
A: There are many integration points. It would be good to get in touch with an Oracle rep to understand all of the options. You can call us at 1-800-672-2537.
Q: Is there any way we can create seperate layers of IAM for Internet User Vs Intranet Users but End Users are only Employees, currently we have a challenege and not allowing Employees to login from outside, when i see Internet users, they will access ap via DMZ
A: This is a common challenge and the answer is yes. In most cases you should be able to utilize a single identity solution instance to manage both your external and internal users.
Thanks for all of the questions.