Wednesday Nov 04, 2009

Identity Learning Labs at Gartner IAM, Nov. 9-11

Next week, Nov. 9-11, the Identity Management Team travels down to Gartner Identity Access Management conference to showcase two of our latest releases DSEE 7 and Role Manager 5.  Gartner IAM is a great event because it not only gather's together experienced practitioners in the identity management space but has a number of events that are small enough that you can have quality conversations about real problems.  Last year, Verizon presented at this conference on the Directory and OpenSSO implementation that serves 50M users.  The presentation is a great example of the proven expertise that Sun brings to Identity Management and the proven extranet scale our products can support---not a marketing benchmark.

publisherID=1460825906">

Our team has taken a different approach to this even this year and we are participating in Gartner's Learning Lab's.  Vendors, customer's and identity specialists are encouraged to come-by in a classroom style and learn about specific problem's Sun's product, partner's and customer's are doing to solve their identity business problems.  This is crucial today as the cost of failure or doing nothing rises exponentially.  The best way to ensure success is to learn from real-world implementations not marketing based slideware presentations.  This is why we have assembled not just the product teams but partners and real customer's to share their experience in these "learning labs".

The other great thing about Gartner IAM is that there are usually a few different ways to combine great industry expertise and a little fun.  On Tuesday, Nov. 10 at 9:00pm you can meet the Sun Identity team at the Hard Rock Rooftop bar for drinks and conversation.  The first 50 people get a wristband for free drinks.  Identity management isn't hard so come to the Hard Rock to find out how to make it easy! 

Gartner IAM Sun Schedule

Monday, Nov 9th

Learning Lab:

12:40 - 1:05pm “Increase Speed & Performance while reducing TCO with Sun Directory Server Enterprise Edition” Speaker: Nick Wooler, Sr Product Manager – Sun Microsystems

1:05 - 1:30pm “Changing the Rules of the game; Raising the bar with Rule Life-cycle Management and closed-loop remediation” Speaker: Neil Gandhi, Sr Product Manager – Sun Microsystems

1:35 - 2:00pm "IAM Governance, Risk and Compliance -- the future of IAM", Speaker: Sachin Nayyar, President - BrinQa

2:05 - 2:30pm "Enterprise Single Sign On for Sun Identity Management", Speaker: Stephane Fymat, VP of Strategy and Product Management - Passlogix

Sun Booth:

12:30 - 2:30pm Daniel Raskin showcasing OpenSSO

12:30 - 2:30pm Mat Hamlin showcasing Identity Manager

Tuesday, Nov 10th

Learning Lab:

12:10 - 12:35pm “Role based user provisioning; using business roles for identity life-cycle management and identity auditing”, Speaker: Mat Hamlin, Sr Product Manager, Sun Microsystems

12:35 - 1:00pm “Three tough challenges, one powerful solution: OpenSSO for web access management, federation and Web services security”, Speaker: Daniel Raskin, Chief Identity Strategist – Sun Microsystems

1:05 - 1:30pm "Privileged Identity Risk Management: Mitigating the Insider Threat", Speaker: Richard Weeks, VP of Channels and Business Development, Cyber-Ark

1:35 - 2:00pm "The WHO behind the WHAT: Arcot Authentication and Sun OpenSSO Enterprise "  Speaker: R 'Doc' Vaidhyanathan, Chief Product Officer - Arcot

Sun Booth:

12:00 - 2:00pm Nick Wooler, showcasing DSEE

12:00 - 2:00pm Neil Ghandi, showcasing Role Manager

Friday Oct 16, 2009

Register for Webinar: What's New in DSEE 7 and Role Manager 5

Sun's Identity Team have been busy over the summer!  On Oct. 9, 2009 the Identity Management Team announced the release of Directory Server Enterprise Edition 7 and Role Manager 5.  Next Wednesday, Oct. 21 at 8:00am PT, Neil Ghandi (Role Manager Technical Product Manager) and Nick Wooler (Product Line Manager, Directory Services) will be giving an overview of some of the great features that exist in the new releases.  Here are a couple of highlights:

What's New with Directory Server EE 7.0

Boosts speed and performance: DSEE 7.0 has been optimized to improve performance of some operations by more than 3x the current version. In addition, this release provides hardware optimization with up to 60% improvement in authentications and modifications. 
Reduces Total Cost of Ownership– Reduce cost by using the only solution in the market that provides customers with a directory server, virtual directory, proxy server, web console and Active Directory synchronization tool-kit under a single license.
Hassle Free Upgrade – DSEE 7.0 provides a simple upgrade path and provides 5x performance improvement in data import times, thereby reducing migration costs.
What's New with Role Manager 5.0
360 Degree View of Assigned Access – A unified view of data related to user access that empowers reviewers to make more         intelligent decisions concerning users access.
Closed-loop Remediation – A complete end-to-end solution for reviewing user access and removing inappropriately assigned access.
Rule Life-cycle Management – The first solution for managing the complete life-cycle of role assignment and SoD audit rules.

Interested in hearing more? Interested in hearing more about the release and what business problems it solves for your enterprise?  Register here for the Webinar here:

Topic: Improve Compliance, Access Controls, and Performance with Sun's Latest Releases of Role Manager and DSEE
Date: Wednesday, October 21, 2009
Time: 10:00 am PDT / 1:00 pm EDT / 19.00 CET (check my timezone)
Duration: 1 hour
Speaker:

 Sun Product Managers: Neil Gandhi and Nick Wooler

Registration::

 Register Here


Wednesday Sep 02, 2009

LDAPCon2009

Our very own, Ludo Poitou will be presenting with other luminaries in the identity industry at The 2nd.International conference on LDAP, LDAPCon 2009 will be held on September 20th and 21st at Waterfront Marriot Hotel , Portland OR, USA.

LDAP is gaining renewed attention as the identity repository for enterprise, telco's, global partner networks, healthcare and education institutions.  The LDAP repositories have been faced with massive growth over the last five years and the performance and availability they have come to rely upon is being tested. New requirements driven by the growth of users, the explosion of security requirements imposing more "writes" and the access to web services security and policies are forcing LDAP experts to look at new innovations.

You should attend, if you want to be apart of hearing how LDAP experts are innovating and addressing these business and technical challenges.  If you haven't registered yet, please register NOW here!

The registration fee includes access to the LinuxCon 2009 (Sep 21 - 23), and if you still need to be convinced that it's worth attending, you can check the agenda here.

Friday Jul 24, 2009

Sun OpenDS Standard Edition 2.0 Released

Sun OpenDS TM Standard Edition (SE) 2.0 is the newest member of the Sun Directory Server family of products. This directory server includes an LDAP core that is designed for easy installation, embedding, and configuration.

Sun OpenDS SE 2.0 is a high-performance, highly-extensible, pure Java directory server that delivers a fully compliant LDAPv3 server that passes all of the compliance, interoperability and security tests suites. Furthermore, Sun OpenDS SE 2.0 implements most of the standard and experimental LDAP extensions defined in the IETF as RFCs or Internet-Drafts, ensuring maximum interoperability with LDAP client applications.

With a limited footprint allowing the server to be embedded in other Java applications, OpenDS has a very rich set of APIs making it easy to extend and increase usage scope.

Sun OpenDS SE 2.0 also supports a multi-master replication model with optional assured replication that guarantees the high availability of the data for all operations, searches or updates. While theoretically unlimited with regards to the number of masters, the Sun OpenDS SE 2.0 server has been stressed under heavy and durable load with 8 Masters.

This 2.0 version significantly increases performance both in read and write, making it one of the most efficient commercial directory servers available.

Sun OpenDS SE 2.0 is based on the open source community project OpenDS that is constructing next generation directory service software. The initial effort is led by Sun and the primary contributions are by Sun employees, but the goal is to attract developers and other interested parties from around the world. Sun OpenDS SE is the Sun commercial offering based on this project.  

You can find out more information about Sun OpenDS SE 2.0 commercial release at:

http://wikis.sun.com/display/sunopends

Wednesday Jul 08, 2009

Webinar: Government Identity Management (Register Today)

Identity management in government is a very important topic as it crosses a number of domains.  There are a number of issues as government's across the world pursue e-Government initiatives.  Norway is a great example as they have launched a portal to allow citizens to opt into services that they wish to consume from the government (e.g. postal, doctor, etc.).  The government portal in Norway uses OpenSSO.  This is only one of the ways in which Sun is helping governments further information sharing and reduce the cost of providing citizens and organizations the services they need to be successful.

If you are interested in hearing more about the different way's Sun can help governments help solve Identity Management issues such as the following, please attend the following webinar.

  • Secure control over information access by dynamic and diverse user populations
  • Single sign-on and identity federation for seamless operations across multiple IT environments
  • Automated provisioning and deprovisioning to reduce costs
  • Delegrated and self-service account management to improve the user experience
  • Auditing and reporting to meet internal security and compliance requirements

Event:  Identity Management for Government
Date:   Wednesday, July 15, 2009
Time:   10:00 am PDT / 1:00 pm EDT / 19.00 CET
Reserve Your Seat Today!


Thursday May 14, 2009

Our Vote for iPhone App of Year: LDAP App Could Save You 1.43 FTE in Productivity

At this very moment, every company on the planet is trying to find ways to reduce cost.  A creative and innovative member of the Directory Server team at Sun has come up with a way to do just that using the iPhone and LDAP.  Ludo's blog post located here, provides a great overview of the technical detail (what tools, platform, etc.) so please read it for more detail on how Anton put this solution together.  Let's focus on the business angle of this important innovation using LDAP.  Again, we hope David Kearns is reading because this is really what "Pimping Your Directory" is all about.

More and more companies are having to support mobile workforces or employees that work a portion of their time at home.  Sun has been one of the leaders in this space.  Not only does it improve productivity but it gives knowledgeworkers more empowerment thus improving their quality of work and life and thus loyalty to the company that employs them.  However, the tools that support these workers have been slow to catch-up.  Company Directories are a good example.  How many times do employees call the 1-800 number to get an employee number to make a phone call on the road?  As a consultant, I used to do this all the time.  As a Sun employee, I have used this feature more than once while traveling to different trade shows, between offices, etc.  This ties up valuable resources who could be routing real customer calls! I have realized this paradox but when you have to get something done you go through the path of least resistance.  And, let's face it voice portals have not replaced human beings in either efficiency or effectiveness.

Here is where the innovator at Sun, Anton Bobrov, filled the gap. The Sun IT and Directory Teams recognized this gap a long time ago and placed a limited version of the employee directory outside the firewall.  It is a great tool if you have a web browser and don't want to VPN into the network.  However, Anton realized there was a better solution via the iPhone.  He has developed an iPhone App that is an LDAP browser that allows employees to connect to this Directory outside the firewall and quickly search, find an employee and make the phone call from one device.  My vote for iPhone App of the Year would be for the LDAP app by Zen and our very own Anton Bobrov. 

The Business Case

So hypothetically, using Company A with 33,000 employees as an example, imagine 5% of employees have an iPhone.  Imagine that same 5% make one phone call a week or 52 calls per year to the 1-800 number to get a phone call.  Imagine each call takes 2 min of productivity away from the call center employee then this simple application could save approximately 2,860 hours.  Put another way this is 1.43 FTE per year worth of productivity.

Number of Employees

 33,000 Employees 

Percent that have iPhone

 5% Employees 

Number of Employees with iPhone

 1,650 Employees 

Number of calls made per year to 1-800 per week by one employee
 52 calls per year per employee
Total number of calls made in a year
 85,800 calls per year
Total number of hours taken (avg time per search 2 min)  2,860 hours
 Number of Employees Needed to Cover this Task (50 weeks \* 40 hours)  1.43 FTE's

Please see Ludo's blog for more detail on how the app works and what Anton did to build it.  His bog is located here.

ZEN Directory App for iPhoneZEN Directory App for iPhone and iTouch

How do you get it?

Go to the App Store and seach "LDAP".  You want to download the Zen version for $3.99.  Refer to the cost savings table above if you balk at the price.  Here are the configuration details for Sun's directory, as described in Ludo's blog here.

Here's the settings that I've used (once you've installed the Directory application, there is a "Directory" section in the Settings application).

Identity: cn=John Smith (12345),ou=people,dc=sun,dc=com
[your Sun ID should be enclosed in brackets and watch the spaces]
Password: My Sun password
LDAP: book.sun.com
(Keep the remaining untouched).

How do I get one for my company?

If you are employee at a company that has a large mobile workforce you should show this blog post to an IT Director, Call Center Director, or someone who can make this project happen.  This is a quick win for most companies in improving productivity.  You can use DSEE or OpenDS with replication to create the directory instance outside the firewall.  Publish a configuration guide for employees and start improving productivity.

Tuesday May 12, 2009

450,000 LDAP Operations per Second

Benoit Chaffanjon did an interesting "Benchmarketing" (you have to read his blog to understand why he calls it that) that showed Directory Server Enterprise Edition may be able to support 450,000 + LDAP operations per second.   The benchmarketing was done on a Sun Blade 6000 using the Intel Xeon x5560 on OpenSolaris.  All the gory details can be read in Benoit's blog here.  This is mind-blowing when you consider the cost of transaction per second and also what this might look like on an SSD.  We are doing some further testing as Mark Craig mentions in his blog not only to validate these amazing results but also to confirm the performance using OpenSSO and on a SSD.

You can Try It by clicking button below:


Here is one table taken from Benoit's blog

Modify Operations Performed  

Count

Avg/Second

Avg/Interval

Std Dev

Corr Coeff

4806293

4179.383

20896.913

55.65

-0.061

Modify Time (ms)  

Total Duration

Total Count

Avg Duration

Avg Count/Interval

Std Dev

Corr Coeff

29812733

480600

6.203

20895.652

0.19

-0.068

Search Operations Performed  

Count

Avg/Second

Avg/Interval

Std Dev

Corr Coeff

38452462

33436.922

167184.609

447.43

-0.061

Initial Search Time (ms)  

Total Duration

Total Count

Avg Duration

Avg Count/Interval

Std Dev

Corr Coeff

5000859

4807211

10.403

20900.913

0.375

0.015

Subsequent Search Time (ms)  

Total Duration

Total Count

Avg Duration

Avg Count/Interval

Std Dev

Corr Coeff

146366814

33643572

4.351

146276.391

0.189

0.171

You can Try and Buy one of these machines today. 



Monday May 11, 2009

Directory Server Webinar: Reduce Identity Sprawl and Improve Enterprise Performance

The team is back from our successful trip to the European Identity ConferenceLudo and Mark Craig did a great job on the Identity Bus and Virtual Directory panels.  We will have more about this later in the week.  

We wanted to pass along a quick note about an upcomming webinar on Directory Services which will be held May 20.  The webinar will cover how to reduce cost and improve the speed and performance of your enterprise using directory services.  The conversation will go over the following:

  • How to use save cost by consolidating identity sprawl in your enterprise
  • How to meet agressive time-lines on a merger and acquisition
  • How to federate faster with virtual directories

If you are interested, please sign-up here.  Even if you are not able to attend, registering will give you access to the replay.

Oh, and that is not Craig MacDonald in the picture to the right.  We got this from a very talented photographer in the Creative Commons here.

Wednesday May 06, 2009

Directory Experts Speak at European Identity Conference

Ludo Poitou and Mark Craig from Sun Microsystems will be a part of two illustrious panels at the European Identity Conference today.  Ludo will be a part of the panel talking about the Identity Bus which is a topic that Felix Gaethens, Kim Cameron, and David Kearns talked about last year.  The discussion should be interesting becasue Sun has some of the products necessary to create the "identity bus" today through OpenDS, DSEE, Virtual Directory, OpenSSO, Identity Manager Connectors, and Netbeans,  You don't need all of these to create the bus but a standards based way of storiing and accessing identities and then leveraging them via other applications or into the cloud are all possible using the tools at Sun.

Mark Craig will be joining Oracle, Radiant Logic and Symlabs in talking about Virtual Directories and their importance to Directory Services.  Sun includes it's virtual directory features as a part of it's core product and license so all customers who use DSEE 6.3 today have a virtual directory already as a part of their license.  Mark will be explaining how customers are using Virtual Directory to do data center consolidation, simplify mergers and acquisitions, and federate faster using Sun's Virtual Directory.

Friday Apr 24, 2009

OpenDS on USTREAM?

Yesterday, Ludo did a presentation for the Glassfish Aquarium project at Sun who use USTREAM to broadcast their content to anyone interested in engaging with the team via this medium.  The content is interesting and this is a better way to make presentations more engaging as not only do they provide the video feed but also a twitter mashup for interactive feedback from the audience.  If you agree and want to see additional innovators using the internet to engage with their community members in a more engaging way then you should check out Leo Laporte on Twit.tv.  I have been following the work that Leo Laporte has been doing with FLOSS, MacBreakWeekly and SecurityNow where he is innovating how to provide video content via the web.  He has in effect created his own broadcasting company.  SecurityNow has done some recent podcasts on the conflicker worm and the recent cyberespionage that has been in the news which is interesting and informative.  

For those of you that missed Ludo's presentation on OpenDS.  Here is the video.

Tuesday Mar 31, 2009

OpenDS in One Image

What is it like working on an open source project?  A lot of people wonder how does it differ.  The nightly builds, the open nature of communication and involvement, the external contributors and the community managers like Ludo Poitou make it a very dynamic environment.  The best way to understand it is to watch this great video that Ludo put together that represents the last three years of activity.  

Thanks Ludo:


Gartner IAM and Ludo's Architect Zone Interview on OpenDS

The identity team was in London for the Gartner Identity Access Management conference last week which was a successful event.  We had the opportunity to meet and talk with some great customers and hear about the Thompson-Reuters implementation of OpenSSO and Directory Server Enterprise Edition serving 300,000 concurrent users with persistent cookies.  This implementation allows traders to get their Reuter's feed on their smartphone and their desktop without having to login twice.  This reduces transaction fees and keeps their business model in tact.  The OpenSSO team did some great engineering work to meet the performance and functional requirements for Thomson-Reuters.  We video-taped the presentation and should have that for your soon.  

Gartner IAM

Also, Ludo Poitou was recently featured in an article on OpenDS in the Architect Zone or DZone.  He describes some of the exciting things happening in the community with MySQL and discusses how to embed OpenDS in applications.  This is a great jump-off point for customers getting started with deploying OpenDS as an identity repository for their application or infrastructure serving email, calendar or network infrastructure.  You can read the whole article here.

Sunday Mar 01, 2009

Join OpenDS and OpenSSO at Community One EAST

March is going to be an exciting month with a number of events to help make it fun by joining us at one of the events listed below.  The month get's started with an Unconference in New York sponsored by the OpenSSO team.  The OpenDS team will be there as well leading a discussion on using LDAP and OpenDS as an identity repository.  The event is free and only requires you to sign-up at meet-up.com.  Here is the link and you can see how many people are attending.  As of tonight there were 54 attendees.  Sign-up here.

At the wiki page for the event you can add topics that you would like to discuss.  There is already a suggested list that includes a presentation by Ludo on OpenDS as a datastore.  You can access the wiki here.

Saturday Jan 17, 2009

Identity Security Webinar Wednesday, Jan. 21: OpenSSO and OpenDS in One Powerful Solution

There is a great webinar being offered on Wednesday, Jan. 21 which you may have missed the announcement because of all the excitement about the Inauguration and Martin Luther King Holiday in the US.  Daniel Raskin, Product Line Manager OpenSSO, and Jamie Nelson, Director of Engineering for OpenSSO, will be talking about the current release as well as the plans for the next release of OpenSSO Express.  There are already 200 registrants and there is a cap at 250 so register now so you don't get left out!

The Directory crowd should be interested as well, because OpenDS is bundled with OpenSSO and is used as OpenSSO's policy store and can be leveraged as a user store as well.  Here are the details:

Sun Software Webinar:
See how Sun's OpenSSO Enterprise provides a single solution for Web access management, federation, and Web services security.

Join Sun for a live webinar on one of today's most exciting aspects of identity management! During this session, we will discuss OpenSSO innovation and how it pushes access management, federation, and secure Web services capabilities to a new level. Learn how to solve challenges around these capabilities with a single solution.


Event:  Access Management, Federation, and Secure Web Services with OpenSSO Enterprise
Date:  Wednesday, January 21, 2009
Time:  10:00 am PST / 1:00 pm EST

» Register Now

This webinar will be presented by Sun's OpenSSO experts: Daniel Raskin, the senior product line manager, and Jamie Nelson, the director of engineering.
We hope that you can join us!

If you have any questions or feedback, please send a message to SWI_Webinar_Inquiries@sun.com.

Thank you,
Sun Microsystems, Inc.

Thursday Jan 08, 2009

OpenDS--Open Source Improves Quality in Software Development

Gary Williams, a staff engineer and the QA lead of OpenDS, published a great article with Marina Sum on the topic of how working on an open source software project has improved quality in product development.  The process is without challenges which he outlines in the article as well.  However, he also gives great detail about the test harness that is used, the amount of automation and community involvement to address the challenges and get high quality product in community hands more frequently.  The full article is available on the Sun Developer Network here

These are the types of processes that quality open source projects do as a part of the project development process.  Indira Thangasamy, produced a similar article on how they approach QA within the OpenSSO project.  As companies evaluate other open source projects, especially in these challenging economic times where cost reduction provide stronger rational's to consider starting projects using open source software.  The quality approach of communities becomes an important differntiator as companies use open source in production and customer facing systems.

Here is a quick overview of the test harness used on OpenDS:

We use open-source, Java platform-based test tools, such as the following, not only to demonstrate our support for open source but also to ensure that they are accessible to everyone:

Here are a couple of other highlights:

  • Unit Testing and Automation:  "Testing starts in the programming phase with unit tests, which verify that the code works as intended and which must exist for all features. Today, we run 30,000 automated unit tests daily on different Java virtual machines. No code can be integrated without satisfying the precommit requirements."
  • Code coverage — With open-source EMMA, we find out the number of code lines, blocks, methods, and classes that are exposed by the unit and functional tests. Part of that information pinpoints the amount of the code tested as a percentage of the total, defining if we've met the quality criteria. We also define which areas of the code are not tested, called coverage holes, and create new tests to fill them.
  • Feature coverage — OpenDS delivers features that customers want, that is, customer requirements. Each feature is recorded as an issue in the Issue Tracker, a tool that monitors defects. This data tells us the state the features are in and their status: Ready for Test or Tested.
  • Documentation coverage — To ensure that the documentation is reviewed according to the test plan, we adopt a two-phase documentation review process: a technical review of the content followed by a formal QA review. Like the product features, the documentation is divided into categories—books, chapters, and sections—that are recorded in the Issue tracker. Through this coverage, we measure the percentage of the documentation reviewed over time and identify the reviewers and review status.
  • Defect rates — This is a traditional measure. The goal is to have no high-priority bugs open at release time. Our Bug Council constantly studies the defects and assesses the risks to customers. We also plot simple graph trends to gauge how well the project is converging.

Thanks to Gary and Marina for publishing this article and allowing the community to learn from your experience. 

About

This blog provides information regarding the Oracle Directory Server Enterprise Edition and Oracle Unified Directory products. Use this blog to get the latest breaking information regarding releases and updates plus other technical and non-technical information.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today