IBM's identity management becomes user-centric: HP's identity management exit strategy
Courtesy of InternetNews on Tuesday I learned that IBM has added support for OpenID, Windows CardSpace and Eclipse's Higgins Identity Framework to its Tivoli Federated Identity Manager (FIM) offering. As one of the enterprise identity management heavyweights, IBM's announcement is an important endorsement of user-centric identity approaches. Such approaches are still in the formative phase of the adoption curve, particularly in the enterprise, so I see this is an investment for the future for IBM. IBM's significant installed base should help to increase awareness, particularly for organisations supporting external user communities. IBM's press release provides more details on the user-centric credentials ( no pun intended!) of FIM. It also discusses the product's SOA Identity Service, which is designed to address some of the challenges associated with identity lifecycle management and audit where service-oriented approaches are applied to siloed applications with siloed security. These challenges are something I highlighted back in February 2006 and are a barrier to the realisation of the value of SOA as it moves out of project-level deployments. I see the SOA Identity Service as the more important aspect of this announcement, with SOA being a more pressing IT (and hopefully business) concern than user-centric identity. As an aside, the InternetNews article mentions that the enterprise identity management market is becoming increasingly competitive with offerings from HP, CA and Oracle.
Can't fault the journalist on CA and Oracle ... but HP! Earlier in the year the company announced that it was no longer going to be selling its Identity Center products to new customers: hardly a competitive force. As part of this (hopefully for its customers) graceful retreat from the market, HP announced that it has established an exclusive agreement with Novell whereby the two companies will jointly offer migration services, HP will resell Novell identity and security management solutions and Novell will license HP Identity Center technology
When HP originally announced that it was exiting the market, it stated that it would continue to support and develop Identity Center for its existing customers so I was somewhat surprised to see it offering a migration programme. I wonder whether those customers didn't see this as an effective way forward for what is critical infrastructure. Whilst the programme was a surprise, the partner wasn't. Where else could HP have gone? BMC, CA or IBM: hardly, given the competition in the IT service/systems management markets (and numerous others in the case of IBM). Sun: difficult given competition in the hardware space. Oracle: would have made things difficult for HP's SAP alliance team. Microsoft: lacks the heterogeneous environment support and breadth of functionality that HP's customers need. So, whilst I am sure the sentiments behind Ben Horowitz's (VP and GM, Business Technology Optimization, Software, HP) statement that HP chose Novell because of its outstanding set of technologies, recognized market leadership and tremendous commitment to working with HP customers
are real, the company didn't have too many others to chose from! Labels: BMC, CA, CardSpace, Eclipse, Higgins, HP, ibm, identity, Microsoft, Novell, Oracle
Roles play a prominent role in identity management this week
Back in September Oracle announced that it had acquired privately-held Enterprise Role Management (ERM) player Bridgestream continuing its "identity management-through-acquisition" strategy. With many eyes focused on the company's Oracle Open World shindig this week, Sun also entered the fray with its plans to acquire another leader ERM independent: Vaau. Role-based access control (RBAC) is hardly new: the US' National Institute of Standards and Technology (NIST) initiated standardisation efforts back in 2000 and an ANSI/INCITS standard (359-2004 if you're that way inclined) was published in 2004. So why all this acquisition activity? As with many things identity management, it's primarily driven by compliance, with a small helping of increased operational efficiency and cost reduction. As well as promising to streamline the provisioning and de-provisioning of entitlements, roles can help organisations to define, enforce and demonstrate those entitlements to address regulatory compliance demands. The realisation of that potential, however, has proved elusive. Organisations have struggled to identify (!) the roles that they need, and inconsistent management approaches have often resulted in an explosion of roles to the point where there are as many roles as users. The likes of Bridgestream, Eurekify and Vaau, whose offerings provide role discovery, analysis, allocation and provisioning, emerged specifically to address these challenges, creating the identity management sub-market of ERM along the way. With compliance top-of-mind for many of their customers and prospects, the major identity management suite vendors who were unable to respond as rapidly as the nimble ERM start-ups quickly established partnerships and, in some cases, moved beyond the press release to actually provide pre-built integration. Sun, for example, provides bi-directional data integration with Vaau (which should help to speed up the integration process). With two of the leading ERM players now with competitors, this leaves the likes of CA and IBM in an interesting position. Their partnership teams no doubt have their eyes (and potentially their wallets) pointing in the direction of Israel, where Eurekify is based. Some of you may wonder why I didn't include Novell in this list. Had I been writing this post straight after the Sun announcement it would have been. But not long after the announcement I came across this post from an identity management group blog at Novell, which discusses how the company has been building its own role management capabilities, focused on role provisioning, exploiting its directory heritage (discussed in more detail in our assessment here) and partnership with Eurekify for role discovery and analysis. The post's author claims no knowledge of acquisition talks. Then lo and behold, and far be it from me to suggest that Sun's announcement had anything to do with the timing, the next day Novell announced its new Roles Based Provisioning Module. Of course, a Eurekify acquisition by Novell could still be on the cards, despite the blogger's ignorance of any such discussions, but it seems to me based on Novell's stated strategy that the Israeli company is more likely to end up in the arms of CA or IBM. The implications for customers are varied. Bridgestream and Vaau customers, who have plumped for a vendor other than Oracle or Sun, should be a little nervous and seeking concrete assurances regarding ongoing support. Customers of the likes of CA, IBM and Novell who are considering ERM will have to think very carefully before plumping for Bridgestream or Vaau for similar reasons. Labels: Bridgestream, Eurekify, identity, Novell, Oracle, RBAC, Sun, Vaau
Market activities this week
There have been two notable events this week in the collaboration software market - firstly the acquisition of Zimbra by Yahoo! on Tuesday, followed by Novell's reach into the broader collaboration market through the release of two new products, Novell Teaming and Novell Teaming and Conferencing. Yahoo's purchase of Zimbra, a small, California-based start-up which provides Web 2.0-based online and offline email and calendaring as well as document and spreadsheet capabilities, is notable as much for its price tag of $350 million as for its impact on the market. Founded in 2003, Zimbra's three rounds of funding amounted to $30.5m, making the company an excellent investment. In this market where there is such an unusual mixture of broad suite vendors and numerous start-ups and small, independent players, this demonstrates a key concern for enterprises - whether they can really afford the risk of best-of-breed tools in a consolidating market. Novell's announcement is another illustration of the draw of collaboration for vendors; a long-time player in the email and groupware market with GroupWise, Novell is finally building on this experience and client base to deliver team-based collaboration. With core technology gained through an OEM agreement with SiteScape, Novell's solution leverages its heritage in identity management and email/calendaring to provide a solid, competitive first release product. It also puts Novell in an interesting position - while it is a familiar vendor in IT departments within enterprises, Novell will now need to shift its focus to the business, which will mean a different set of partners and a different marketing focus. It will also have to be careful not to over-emphasise the Linux angle with business users - something it is prone to doing. Many vendors find it hard to make the IT-to-business transition; time will tell whether Novell can do it. Labels: collaboration, Novell, Zimbra
Our first identity management assessment
Excuse the use of the blog to highlight our own research but I wanted to let any of you out there who are interested in identity management know that the first of our identity management infrastructure assessments - Novell - has just been published. Here's the summary to whet your appetites: Novell has exploited its heritage in identity management, based around its proven directory product, to provide a comprehensive portfolio of identity management offerings which address a broad range of identity management requirements, although it is lacking in some important areas. The company, to its credit, has recognised that it has reached this position without a strong architectural foundation and has articulated a clear vision to address this. Novell?s heritage has also enabled it to develop a portfolio of services coupled with best practice advice and guidance that address a broad range of requirements focussed on the deployment of its products, with partners addressing the non-technology aspects of identity management initiatives. Its offerings are a sensible choice for organisations with an existing investment in eDirectory or who are focussing on identity lifecycle management or user-mediated single sign-on. Labels: identity, MWD, Novell
|
