Monday Oct 22, 2012

Free SANS Mobility Policy Survey Webcast - October 23rd @10:00 am PST

Join us for a free webcast tomorrow, October 23 @ 10:00 am PST as SANS presents the findings from their mobility policy survey.

-- Register here for Part 1:

This is a great opportunity to see where companies are with respect to mobile access policies and overall mobile application management.

This first part is entitled: BYOD Wish Lists and Policies.  Part 2 will be run on October 25th and is entitled: BYOD security practices.

-- Register here for Part 2:

Friday Oct 19, 2012

Oracle presentations at the CIPS ICE Conference, November 5 - 7, Edmonton, Alberta, Canada

Oracle will be presenting at the CIPS ICE conference the last week of October in Calgary and the first week of November in Edmonton.

Here is a list of the presentations for Edmonton: SHAW Conference Centre

• Session Title: Identity and Access Management Integrated; Analyzing the Platform vs Point Solution Approach
• Speaker: Darin Pendergraft
• Monday, November 5th @ 10:45 AM - 12:00 PM

• Session Title: Is Your IT Security Strategy Putting Your Institution at Risk?
• Speaker: Spiros Angelopoulos
• Monday, November 5th @ 1:45 PM - 3:00 PM

Three sessions under the TRAIN: Practical Knowledge Track

• Monday, November 5th @ 10:45 AM, 1:45 PM, 3:30 PM
• Title: What's new in the Java Platform
   Presenter: Donald Smith
• Title: Java Enterprise Edition 6
   Presenter: Shaun Smith
• Title: The Road Ahead for Java SE, JavaFX and Java EE
   Presenters: Donald Smith and Shaun Smith

To learn more about the conference, and to see the other sessions go to the conference website.

Wednesday Oct 17, 2012

Oracle on Oracle: How Oracle IT uses Oracle IDM

Sometimes, the toughest customers are your own employees.  Chirag Andani runs the Product Development Security IT Group - which means that his group is responsible for internal Identity Management and Security inside Oracle.

Like a lot of large, global companies, Oracle has a complicated and dynamic IT infrastructure which continues to change as the company grows and acquires companies.

I caught up with Chirag and asked him what kinds of problems his team faces, and asked him what he thinks about Oracle IDM, and 11gR2 in particular.

Listen to the podcast interview here: podcast link and check out his presentation below.


Tuesday Oct 16, 2012

ICAM Webcast Replay and slides

On October 10, 2012 Derrick Harcey and I co-presented on how Oracle IDM helps customers address the guidelines of Identity Credential Access Management, from a Federal (FICAM) and a State (SICAM) perspective.

If you missed the webcast, here is a link to the replay:  webcast replay link.

Derrick did a nice job reviewing the various ICAM components and architectures, and then invited me to provide additional detail on the Oracle technology stack.  He then closed by mapping the ICAM architectures to various components of the Oracle IDM platform.

The next webcast in the Secure Government Training Series, Safeguarding Government Cyberspace will be held Wednesday, November 28th.

Thursday Oct 11, 2012

Guest Blog: Secure your applications based on your business model, not your application architecture, by Yaldah Hakim

Today’s businesses are looking for new ways to engage their customers, embrace mobile applications, while staying in compliance, improving security and driving down costs.  For many, the solution to that problem is to host their applications with a Cloud Services provider, but concerns that a hosted application will be less secure continue to cause doubt.

Oracle is recognized by Gartner as a leader in the User Provisioning and Identity and Access Governance magic quadrants, and has helped thousands of companies worldwide to secure their enterprise applications and identities.  Now those same world class IDM capabilities are available as a managed service, both for enterprise applications, as well has Oracle hosted applications.

--- Listen to our IDM in the cloud podcast to hear Yvonne Wilson, Director of the IDM Practice in Cloud Service, explain how Oracle Managed Services provides IDM as a service ---

Selecting OracleManaged Cloud Services to deploy and manage Oracle Identity Management Services is a smart business decision for a variety of reasons.

Oracle hosted Identity Management infrastructure is deployed securely, resilient to failures, and supported by Oracle experts. In addition, Oracle  Managed Cloud Services monitors customer solutions from several perspectives to ensure they continue to work smoothly over time. Customers gain the benefit of Oracle Identity Management expertise to achieve predictable and effective results for their organization.

Customers can select Oracle to host and manage any number of Oracle IDM products as a service as well as other Oracle’s security products, providing a flexible, cost effective alternative to onsite hardware and software costs.

Security is a major concern for all organizations- making it increasingly important to partner with a company like Oracle to ensure consistency and a layered approach to security and compliance when selecting a cloud provider.  Oracle Cloud Service makes this possible for our customers by taking away the headache and complexity of managing Identity management infrastructure and other security solutions.

For more information:


Facebook -

Friday Oct 05, 2012

This Week in Pictures: Oracle OpenWorld 2012

Here's a snapshot of the week that pictures!

Oracle OpenWorld 2012 was bigger and better than ever.

Security and Identity Management had quite a presence at the conference.

Both inside the sessions and outside, there were plenty of networking opportunities.

Captured some shots yourself? Do share your pictures from the conference...

Thursday Oct 04, 2012

Thursday at OpenWorld: Identity Management

Before you know it, we are at the last day at Oracle OpenWorld. But just the same, Thursday is packed with informational, educational and networking opportunities.

Here’s what is in store for you today:

Thursday, October 4, 2012

CON5749: Solutions for Migration of Oracle Waveset to Oracle Identity Manager
11:15 a.m. – 12:15 p.m., Moscone West 3008

Many customers of Oracle Waveset (formerly Sun Identity Manager) are planning a migration to the strategic provisioning product Oracle Identity Manager. There are several approaches to migrating to Oracle Identity Manager. Presented by Hub City Media and Oracle, this session covers these various approaches to help you select the optimum choice for your implementation.

CON9640: Evolving Identity Management
12:45 p.m. – 1:45 p.m., Moscone West 3008

Identity management requirements have evolved and are continuing to evolve as organizations seek to secure cloud and mobile access.  Customers are seeing good success reducing costs and supporting business growth with by embracing a service-oriented, platform approach to addressing identity management requirements.  This session will explore these emerging requirements and share best practices for evolving your implementation.

CON9662: Securing Oracle Applications with the Oracle Enterprise Identity Management Platform
2:15 p.m. – 3:15 p.m., Moscone West 3008

Oracle Enterprise Identity Management solutions are designed to secure access and simplify compliance to Oracle Applications.  Whether you are an EBS customer looking to upgrade from Oracle Single Sign-on or a Fusion Application customer seeking to leverage the Identity instance as an enterprise security platform, this session with Qualcomm and Oracle will help you understand how to get the most out of your investment.

HOL10479: Integrated Identity Governance
12:45 p.m. – 1:45 p.m., Marriott Marquis – Salon 1/2

This hands-on lab demonstrates Oracle’s integrated and self-service-oriented identity governance solution, which includes simple access request, business-user-friendly access certification, closed-loop remediation, and both standard and privileged accounts.

For a complete listing, refer to the Focus on Identity Management document. And as always, you can find us on @oracleidm on twitter and FaceBook. Use #oow and #idm to join in the conversation.

Wednesday Oct 03, 2012

Wednesday at OpenWorld: Identity Management

Divide and conquer! Yes, divide and conquer today at Oracle OpenWorld with your colleagues to make the most of all things Identity Management since there’s a lot going on.

Here’ the line-up for today:

Wednesday, October 3, 2012

CON9458: End End-User-Managed Passwords and Increase Security with Oracle Enterprise Single Sign-On Plus
10:15 a.m. – 11:15 a.m., Moscone West 3008

Most customers have a broad variety of applications (internal, external, web, client server, host etc) and single sign-on systems that extend to some, but not all systems. This session will focus on how customers are using enterprise single sign-on can help extend single sign-on to virtually any application, without costly application modification while laying a foundation that will enable integration with a broader identity management platform.

CON9494: Sun2Oracle: Identity Management Platform Transformation
11:45 a.m. – 12:45 p.m., Moscone West 3008

Sun customers are actively defining strategies for how they will modernize their identity deployments. Learn how customers like Avea and SuperValu are leveraging their Sun investment, evaluating areas of expansion/improvement and building momentum.

CON9631: Entitlement-centric Access to SOA and Cloud Services
11:45 a.m. – 12:45 p.m., Marriott Marquis, Salon 7

How do you enforce that a junior trader can submit 10 trades/day, with a total value of $5M, if market volatility is low? How can hide sensitive patient information from clerical workers but make it visible to specialists as long as consent has been given or there is an emergency? In this session, Uberether and HerbaLife take the stage with Oracle to demonstrate how you can enforce such entitlements on a service not just within your intranet but also right at the perimeter.

CON3957 - Delivering Secure Wi-Fi on the Tube as an Olympics Legacy from London 2012
11:45 a.m. – 12:45 p.m., Moscone West 3003

In this session, Virgin Media, the U.K.’s first combined provider of broadband, TV, mobile, and home phone services, shares how it is providing free secure Wi-Fi services to the London Underground, using Oracle Virtual Directory and Oracle Entitlements Server, leveraging back-end legacy systems that were never designed to be externalized. As an Olympics 2012 legacy, the Oracle architecture will form a platform to be consumed by other Virgin Media services such as video on demand.

CON9493: Identity Management and the Cloud
1:15 p.m. – 2:15 p.m., Moscone West 3008

Security is the number one barrier to cloud service adoption.  Not so for industry leading companies like SaskTel, ConAgra foods and UPMC. This session will explore how these organizations are using Oracle Identity with cloud services and how some are offering identity management as a cloud service.

CON9624: Real-Time External Authorization for Middleware, Applications, and Databases
3:30 p.m. – 4:30 p.m., Moscone West 3008

As organizations seek to grant access to broader and more diverse user populations, the importance of centrally defined and applied authorization policies become critical; both to identify who has access to what and to improve the end user experience.  This session will explore how customers are using attribute and role-based access to achieve these goals.

CON9625: Taking Control of WebCenter Security
5:00 p.m. – 6:00 p.m., Moscone West 3008

Many organizations are extending WebCenter in a business to business scenario requiring secure identification and authorization of business partners and their users. Leveraging LADWP’s use case, this session will focus on how customers are leveraging, securing and providing access control to Oracle WebCenter portal and mobile solutions.


Identity Management Customer Advisory Board
2:30 p.m. – 3:30 p.m., Four Seasons – Yerba Buena Room

This invitation-only event is designed exclusively for Customer Advisory Board (CAB) members to provide product strategy and roadmap updates.

Identity Management Meet & Greet Networking Event
3:30 p.m. – 4:30 p.m., Meeting Session
4:30 p.m. – 5:30 p.m., Cocktail Reception
Yerba Buena Room, Four Seasons Hotel, 757 Market Street, San Francisco

The CAB meeting will be immediately followed by an open Meet & Greet event hosted by Oracle Identity Management executives and product management team. Do take this opportunity to network with your peers and connect with the Identity Management customers.

For a complete listing, refer to the Focus on Identity Management document. And as always, you can find us on @oracleidm on twitter and FaceBook. Use #oow and #idm to join in the conversation.

Friday Sep 28, 2012

Identity Globe Trotters (Sep Edition): The Social Customer

Welcome to the inaugural edition of our monthly series - Identity Globe Trotters. Starting today, the last Friday of every month, we will explore regional commentary on Identity Management. We will invite guest contributors from around the world to share their opinions and experiences around Identity Management and highlight regional nuances, specific drivers, solutions and more.

Today's feature is contributed by Michael Krebs, Head of Business Development at esentri consulting GmbH, a (SOA) specialized Oracle Gold Partner based in Ettlingen, Germany. In his current role, Krebs is dealing with the latest developments in Enterprise Social Networking and the Integration of Social Media within business processes. 

By Michael Krebs

The relevance of "easy sign-on" in the age of the "Social Customer"

With the growth of Social Networks, the time people spend within those closed "eco-systems" is growing year by year. With social networks looking to integrate search engines, like Facebook announced some weeks ago, their relevance will continue to grow in contrast to the more conventional search engines. This is one of the reasons why social network accounts of the users are getting more and more like a virtual fingerprint.

With the growing relevance of social networks the importance of a simple way for customers to get in touch with say, customer care or contract departments, will be crucial for sales processes in critical markets. Customers want to have one single point of contact and also an easy "login-method" with no dedicated usernames, passwords or proprietary accounts. The golden rule in the future social media driven markets will be: The lower the complexity of the initial contact, the better a company can profit from social networks. If you, for example, can generate a smart way of how an existing customer can use self-service portals, the cost in providing phone support can be lowered significantly.

Recruiting and Hiring of "Digital Natives"

Another particular example is "social" recruiting processes. The so called "digital natives" don´t want to type in their profile facts and CV´s in proprietary systems. Why not use the actual LinkedIn profile? In German speaking region, the market in the area of professional social networks is dominated by XING, the equivalent to LinkedIn. A few weeks back, this network also opened up their interfaces for integrating social sign-ons or the usage of profile data for recruiting-purposes.

In the European (and especially the German) employment market, where the number of young candidates is shrinking because of the low birth rate in the region, it will become essential to use social-media supported hiring processes to find and on-board the rare talents. In fact, you will see traditional recruiting websites integrated with social hiring to attract the best talents in the market, where the pool of potential candidates has decreased dramatically over the years.

Identity Management as a key factor in the Customer Experience process

To create the biggest value for customers and also future employees, companies need to connect their HCM or CRM-systems with powerful Identity management solutions. With the highly efficient Oracle (social & mobile enabling) Identity Management solution, enterprises can combine easy sign on with secure connections to the backend infrastructure. This combination enables a "one-stop" service with personalized content for customers and talents. In addition, companies can collect valuable data for the enrichment of their CRM-data. The goal is to enrich the so called "Customer Experience" via all available customer channels and contact points. Those systems have already gained importance in the B2C-markets and will gradually spread out to B2B-channels in the near future.

Conclusion: Central and "Social" Identity management is key to Customer Experience Management and Talent Management

For a seamless delivery of "Customer Experience Management" and a modern way of recruiting the best talent, companies need to integrate Social Sign-on capabilities with modern CX - and Talent management infrastructure. This lowers the barrier for existing and future customers or employees to get in touch with sales, support or human resources. Identity management is the technology enabler and backbone for a modern Customer Experience Infrastructure. Oracle Identity management solutions provide the opportunity to secure Social Applications and connect them with modern CX-solutions. At the end, companies benefit from "best of breed" processes and solutions for enriching customer experience without compromising security.

About esentri:

esentri is a provider of enterprise social networking and brings the benefits of social network communication into business environments. As one key strength, esentri uses Oracle Identity Management solutions for delivering Social and Mobile access for Oracle’s CRM- and HCM-solutions.

…..End Guest Post….

With new and enhanced features optimized to secure the new digital experience, the recently announced Oracle Identity Management 11g Release 2 enables organizations to securely embrace cloud, mobile and social infrastructures and reach new user communities to help further expand and develop their businesses.

Additional Resources:

Oracle Identity Management 11gR2 release

Oracle Identity Management website

Datasheet: Mobile and Social Access (pdf)

IDM at OOW: Focus on Identity Management

Facebook: OracleIDM

Twitter: OracleIDM

We look forward to your feedback on this post and welcome your suggestions for topics to cover in Identity Globe Trotters. Last Friday, every month!

Wednesday Sep 26, 2012

11gR2: BETA Customer perspective with special guest, Ravi Meduri from Kaiser Permanente

Before Oracle IDM 11gR2 launched, we had a very successful BETA program. Kaiser was one of many great companies that participated, and I caught up with Ravi Meduri, IAM Systems Engineering Manager to ask him what he thought of the new release.

Listen to our podcast interview here: podcast interview  to hear Ravi talk about scalability and high availability features in 11gR2.

Thursday Sep 20, 2012

Sun2Oracle: Upgrading from DSEE to the next generation Oracle Unified Directory - webcast follow up

Thanks to all of the guest speakers on our Sun2Oracle webcast: Steve from Hub City Media, Albert from UCLA and our own Scott Bonell.

If you missed the webcast here is a link: Webcast Replay

During the webcast, we tried to answer as many questions as we could, but there were a few that we needed a bit more time to answer.  Albert from UCLA sent me the following information:

Alternate Directory Evaluation

We were happy with Sun DSEE. OUD, based on the research we had done, was a logical continuation of DSEE.  If we moved away, it was to to go open source.

UCLA evaluated OpenLDAP, OpenDS, Red Hat's 389 Directory. We also briefly entertained Active Directory.

Ultimately, we decided to stay with OUD for the Enterprise Directory, and adopt OpenLDAP for the non-critical edge directories.


For Enterprise Directory, UCLA runs 3 Dell PowerEdge R710 servers. Each server has 12GB RAM and 2 2.4GHz Intel Xeon E5 645 processors. We run 2 of those servers at UCLA's Data Center in a semi active-passive configuration. The 3rd server is located at UCLA Berkeley. All three are multi master replicated. At run time, the bulk of LDAP query requests go to 1 server. Essentially, all of our authn/authz traffic is being handled by 1 server, with the other 2 acting as redundant back ups.

You mentioned federation, was that an important requirement for UCLA?

Yes. UCLA collaborates heavily with other higher education institutions around the country/world. We often have researchers wanting to sign into services provided by fellow higher ed institutions. We also have plenty of visiting scholars or collaborating researchers from other institutions accessing UCLA services. Higher education communities around the world have deployed Shibboleth/SAML-based federated IDM solutions to facilitate these collaborations:

And a more comprehensive listing of federations around the world:

What was the net change in hardware footprint?

Not much actually. We kept the same server/network topology: 

  • two servers at our local data center, one at our remote DR data center. 
  • the servers replicate in real time via multi-master replication. 
  • 1 of the servers at our local data center serves as the primary access server serving all query traffic. The other servers serve as hot standby.
  • On our old Sun DSEE servers - we ran Red Hat Enterprise Linux AS release 4 (Nahant Update 8) - 32bit.  On the new OUD servers - Red Hat Enterprise Linux Server release 5.7 (Tikanga) - 64bit

The only changes we made during the upgrade were that we upgraded the software from DSEE 6.3, upgraded Linux, and that we bought new servers. The old servers were Dell PowerEdge 2850's. The new ones are Dell PowerEdge R710's.

What is your hardware specification for one OUD 11g server…

Can you explain the HA/DR architecture a bit more?

RAM size, CPU type, and number?

We runs 3 Dell PowerEdge R710 servers. Each server has 12GB RAM and 2 2.4GHz Intel Xeon E5 645 processors. 2 of those servers run at UCLA's Data Center in a semi active-passive configuration. The 3rd server is located at UCLA Berkeley. All three are multi master replicated. At run time, the bulk of LDAP query requests go to 1 server. Essentially, all of our authn/authz traffic is being handled by 1 server, with the other 2 acting as redundant back ups. 

Our IDM architecture is highly modular. All external access to the enterprise directory run through a service layer. This layer is consists of Shibboleth, a set of data update web services and loading programs, and a number of edge directories. All service layer components can be easily configured (some automatically) to seek out the secondary directory servers when the primary goes down. We take advantage of this capability during maintenance to keep the services available.  

FYI, our servers are hosted in a tier 2.5 data center (We have tier 3-like capability for critical servers such as OUD, but we don't have that for all servers in the data center).

What was the cost of the migration?

 Because of the labor and equipment cost differences, I don't think my numbers will be all that accurate. I can say the following:

  • We engaged Hub City Media for just about 1.5 months worth of work.
  • We had one system engineer working full time on the project throughout the 4 month period. He also managed the project.
  • We had fractional support/transition coordination from our Infrastructure Services team (sys admin, operations, networking), probably about 80 hours
  • We purchased 3 of the servers described above.
  • We purchased the OUD software.

How much testing did you do? Did you do load testing?

Yes. We conducted several passes of data loading/validation tests. In addition, we ran security vulnerability scans and ran multi stress tests ranging from peak stress tests to sustained, multi-day simulations. Sorry. We can't release test result data, but I can say that OUD passed with flying colors.

We only had one engineer working on the project. Between test prep, run, and analysis, testing did take about a month.

Was the OUD Proxy used at UCLA?

No. We considered it, and might still consider it as we revise our architecture. But for the migration, we did not introduce the Proxy.

Can OUD Server and DSEE replicate each other?

Yes, but with caveats. There is no direct replication between OUD 11g and Sun DSEE 6.3. You need to place Oracle DSEE in between. In addition, there is an undisclosed cap on the replication rate. All of this may have changed since we worked on the project though. :-)

Wednesday Sep 19, 2012

Security Newsletter – September Edition is Out Now


The September issue of Security Inside Out Newsletter is out now. This month’s edition offers a preview of Identity Management and Security events and activities scheduled for Oracle OpenWorld. Oracle OpenWorld (OOW) 2012 will be held in San Francisco from September 30-October 4. Identity Management will have a significant presence at Oracle OpenWorld this year, complete with sessions featuring technology experts, customer panels, implementation specialists, product demonstrations and more. In addition, latest technologies will be on display at OOW demogrounds. Hands-on-Labs sessions will allow attendees to do a technology deep dive and train with technology experts.

Executive Edge @ OpenWorld also features the very successful Oracle Chief Security Officer (CSO) Summit. This year’s summit promises to be a great educational and networking forum complete with a contextual agenda and attendance from well known security executives from organizations around the globe.

This month’s edition also does a deep dive on the recently announced Oracle Privileged Account Manager (OPAM). Learn more about the product’s key capabilities, business issues the solution addresses and information on key resources. OPAM is part of Oracle’s complete and integrated Oracle Identity Governance solution set.

And if you haven’t done so yet, we recommend you subscribe to the Security Newsletter to keep up to date on Security news, events and resources.

As always, we look forward to receiving your feedback on the newsletter and what you’d like us to cover in the upcoming editions.

Tuesday Sep 18, 2012

Webcast Reminder: Implementing IDM in Healthcare, September 19th @10:00 am PST

Join me and Rex Thexton from PwC tomorrow (September 19th) as we review an IDM project that Rex and his team completed for a large healthcare organization.  Rex will talk through the IT environment and business drivers that lead to the project, and then we will go through planning, design and implementation of the Oracle Identity Management products that PwC and the customer chose to complete the project.

This will be a great opportunity to hear about the trends that are driving IT Healthcare, and to get your Identity Management questions answered.

If you haven't already registered - Register Here!

Monday Sep 17, 2012

New in 11gR2: Oracle Optimized System for Oracle Unified Directory (OOS4OUD) Podcast

There have been a lot of cool new features in the IDM 11gR2 related to new functionality: social log-in capability, mobile application security, and self service access requests, just to name a few.  But what about performance?

In the 11gR2 release we announced the availability of an Optimized System configuration for Unified Directory.  Oracle is very focused on software with matching hardware that is configured and tuned to get the best performance possible.  I caught up with Nick Kloski, Infrastructure Solutions Manager and asked him to talk me through the new Optimized System for OUD.

Listen to the podcast interview here. Podcast Interview

Thursday Sep 13, 2012

Usability enhancements for Users and Administrators in 11gR2 with Rex Thexton from PwC

In addition to the inviting customers to participate in the 11gR2 BETA program, a select number of partners were invited as well.  Rex Thexton, Managing Director of PwC's Advisory/Technology practice and his team were part of the BETA program.  I caught up with Rex recently to ask him about the new features that he liked most in the latest release.

 Listen to our interview here:  podcast link

Tuesday Sep 11, 2012

Sun2Oracle: Hub City Media Webcast Reminder - Thursday, September 13, 2012

Our Sun2Oracle webcast featuring Steve Giovanetti from Hub City Media is this Thursday, September 13th at 10:00 am PST. 

If you haven't registered yet, there is still time: Register Here.

Scott Bonell, Sr. Director of Product Management will be talking to Steve about their recent project to upgrade a large University from Sun DSEE Directory to Oracle Unified Directory.  Scott and Steve will talk through details of the project, from planning through implementation.

In addition to this webcast, Steve Giovanetti will also be participating in two sessions at Oracle OpenWorld 2012:

CON9465 - Next-Generation Directory: Oracle Unified Directory
 Etienne Remillon, Principal Product Manager, Oracle
 Steve Giovanetti, CTO Hub City Media
 Warren Leung, Sr. Architect, UCLA
 Tuesday, Oct 2, 5:00 PM – 6:00 PM
 Moscone West – 3008

CON5749 - Solutions for Migration of Oracle Waveset to Oracle Identity Manager
Steve Giovanetti, CTO Hub City Media
Kevin Moulton, Senior Sales Consulting  Manager, Oracle
Thursday, Oct 4, 11:15 AM - 12:15 PM
Moscone West - 3008

Wednesday Aug 29, 2012

Sun2Oracle: Upgrading from DSEE to the next generation Oracle Unified Directory

OUD is part of Directory Services

Mark your calendars and register to join this webcast featuring Steve Giovanetti from Hub City Media, Albert Wu from UCLA and our own Scott Bonnell as they discuss a directory upgrade project from Sun DSEE to Oracle Unified Directory.

Date: Thursday, September 13, 2012
Time: 10:00 AM Pacific

Join us for this webcast and you will:

  • Learn from one customer that has successfully upgraded to the new platform
  • See what technology and business drivers influenced the upgrade
  • Hear about the benefits of OUD’s elastic scalability and unparalleled performance
  • Get additional information and resources for planning an upgrade

Register Now!

Friday Aug 24, 2012

Oracle Magazine Sept/Oct 2012 - Security on the Move

Oracle Magazine

This month's Oracle Magazine cover story is Security on the Move.  In it, two Oracle IDM customers discuss their impressions of the latest IDM release.  Kurt Lieber from Kaiser Permanente and Peter Boyle from BT discuss how they are using Oracle IDM to enable their business.

Click this link to see the latest issue:

In addition to the cover article, the Analyst’s Corner features an interview with Sally Hudson from IDC focusing on IDM issues :

And the Partner Perspectives contains information from our IDM partners Hub City Media, aurionPro SENA, and ICSynergy

Friday Aug 17, 2012

Enabling your business with IDM 11gR2

As part of the 11gR2 launch, I caught up with Scott Bonnell, Sr. Director of Product Management and I asked him what he likes most about the 11gR2 release.  Scott is very focused on customer success and so he has a very customer focused view of the new features.

In this interview, Scott and I discuss how IDM can enable the business by providing self service features, personalization and mobile access to corporate resources.

Listen to our interview recorded as a short podcast.

Tuesday Aug 07, 2012

User Interface Changes in Oracle Identity Manager 11gR2

As part of the Oracle Identity Management 11gR2 launch, we were able to talk to some of the key people on the team that are really driving innovation.  Recently, I was able to catch up with Marc Boroditsky, VP of Product Management, and I asked him about the changes that the product team made to the access request user interfaces in the R2 release.

Our interview was captured as a short podcast.  Click here to listen.

Friday Jul 27, 2012

Identity Management Presentations Scheduled for OpenWorld 2012

The IDM team has been very busy with the IDM 11gR2 launch and now a series of launch events has kicked off worldwide. If you missed our launch webcast, you can view the replay by clicking here.

But even with all that activity, we are already starting to prepare for OpenWorld 2012 in San Francisco.  Here are some of the 18 presentations that we have planned:

  • Trends in Identity Management
  • Mobile Access Management
  • Simplifying your Identity Management Implementation
  • Modernized and Complete Access Management
  • Enhancing End User Experience with Oracle Identity Governance
  • Enabling Access for Hundreds of Millions of Users
  • Next Generation Directory - Oracle Unified Directory
  • Eliminate end-user managed passwords while increasing security with Oracle ESSO
  • Sun2Oracle: Identity Management Platform Transformation
  • Identity Management in the Cloud

There is a lot planned, and more to come.  Don't forget to register for OpenWorld 2012 and to get more details about the IDM presentations above or any of the other planned presentations, use this OpenWorld searchable content link.  There are two steps:

1. Choose the Oracle OpenWorld radio button of the left

2. Choose Identity Management (under Middleware) from the Oracle OpenWorld Tracks drop-down on the left (see below)

That will set the content filters to show all of the IDM presentations.

Wednesday Jul 25, 2012

A Platform Approach to Privileged Account Managmenet

Studies have shown that buying point products to solve IDM problems is a short term solution that brings higher cost and complexity later on. A better approach is to buy an integrated, standards based IDM platform that can be expanded as requirements expand.

The recently announced Oracle Privileged Account Manager (OPAM) is an example of how Oracle is taking this integrated platform approach to IDM. OPAM is a password management system for your most privileged Database, Application and Operating System accounts. OPAM provides a self service method for requesting and checking out high level passwords, then automatically changing the passwords after check-in.

The OPAM system is fully integrated with Oracle Identity Manager’s role based provisioning and workflows, and Oracle Identity Analytics for full certification and attestation reporting. OPAM is also fully integrated with Oracle Access Manager and Oracle Adaptive Access Manager for single-sign on, and risk based step up authentication. OPAM has a REST API for mobile application or custom application access.

For more information about Oracle Privilege Account Manager and related Identity Governance products, visit our website at

or download the OPAM data sheet:

Monday Jul 23, 2012

Introducing the Optimized Solution for Oracle Unified Directory

The announcement of Oracle 11g R2 brings with it some really interesting new features. One of those new features focused on optimizing performance is the Oracle Optimized Solution for Oracle Unified Directory (OOS4OUD). OOS4OUD is a pairing of SPARC T4-1 hardware with dedicated storage and Oracle Unified Directory software in a redundant and highly scalable configuration.

Oracle engineers conducted a series of load tests to determine the optimum configuration for LDAP directory performance on this hardware and documented the configuration in an Implementation Guide.

The hardware consists of 3 x T4-1 SPARC servers, each with dedicated Sun Storage 2500 FC array, linked with 10GbE networking. All servers are running Solaris 11, and one server is configured to use the integrated load balancer. The Java Keystore and the Solaris Cryptographic Framework were installed and configured. Oracle Unified Directory software was then installed on all 3 machines.

The performance of the Optimized Solution was impressive. During testing the system was able to scale up to 180,000 simultaneous directory searches/second using a 15M record LDAP directory.

Because the OOS4OUD implementation guide takes most of the guesswork out of configuration and tuning, customers can expect a 1 – 2 week implementation and testing cycle, rather than a traditional 5 - 6 week project.

For more information about the Oracle Optimized Solution for Oracle Unified Directory go to our website at

Thursday Jul 19, 2012

Announcing Oracle Identity Management 11gR2: New features for mobile, social & cloud, and new Privileged Account Management.

Today Oracle announces a major new release of its Identity Management offering, and with it comes some very cool new features.

A lot of features in this release are focused on extending Oracle’s expertise in security and IDM to mobile applications, social identities, and cloud applications. New features support native mobile security and single sign-on, social sign-on: to allow customers to log into a website with their social identities, and improved security and integration for cloud applications.

Big improvements have also been made to the self service access request UI to make it more business user friendly, including plain English searching to request application access and roles, and shopping cart style check-out. Automated confirmations and workflows allow business users to get updates and check the status of their requests. In addition, extensive customization is now possible to allow companies to completely control the look and feel of these pages.

More details on the new release here:

Also introduced in this release: Oracle Privileged Account Manager (OPAM) is a whole new set of functionality focused on managing administrative passwords for applications, databases and operating systems. Although it can operate as a stand-alone application, the real value comes from its integration with other IDM components: such as self service password request UI and automated workflow approvals via Oracle Identity Manager, and detailed historical reporting via Oracle’s BI tools.

More details on OPAM here:

Listen to the launch webcast and hear Amit Jasuja and Hassan Rizvi talk about the new features and business value here:

Tuesday Jun 12, 2012

Identity Management as a Controls Infrastructure

Identity systems are indispensable to managing online resources, and are becoming increasingly more complex as businesses adapt their current infrastructures to support a broad user population across a wide range of devices. Adding point products to solve problems addresses the short term need, but complicates the longer term management outlook.

Download the latest whitepaper HERE to see how Oracle is taking a platform approach to building a scalable and secure controls infrastructure that enables businesses to engage customers and gives employees secure access to corporate resources from anywhere.


Oracle Identity Management is a complete and integrated next-generation identity management platform that provides breakthrough scalability; enables organizations to achieve rapid compliance with regulatory mandates; secures sensitive applications and data regardless of whether they are hosted on-premise or in a cloud; and reduces operational costs. Oracle Identity Management enables secure user access to resources anytime on any device.


« April 2014