Upload
forgerock
View
732
Download
2
Embed Size (px)
Citation preview
© 2016 ForgeRock. All rights reserved.
Identity Gateway with the ForgeRock Identity Platform - So What’s New?
• Ludovic Poitou – Product Manager• Rob MacDonald, Product Marketing Director
© 2016 ForgeRock. All rights reserved.
ForgeRock: At a Glance
• Fastest-growing open source identity security software company in the world
• Founded: 2010• Headquartered in San Francisco with offices in
6 countries• Employees: 350+• Customers: 400+ Enterprises in 30+ countries• Global Reach: ~50% international revenue• Funding to Date (thru Series C): $52M• Investors: Accel Partners, Foundation Capital
and Meritech Capital Partners
Key Facts Mission Statement
The forgerock identity platform currently powers
more than 500 million identities. It is our goal to become the market leader
in digital transformation and security for enterprise
identity worldwide.
© 2016 ForgeRock. All rights reserved.
Perimeter-Based Security Identity-Centric Security
Enables Digital Business
Untrusted
Trusted
Inhibits Digital Business
Old Security Model is Broken. Security Must Now Be Identity-Based.
Enables Digital BusinessInhibits Digital Business
© 2016 ForgeRock. All rights reserved.
Changes are adding Complexity
Employees
Employees &Partners
PerimeterPerimeter Federation
Things
Perimeter-lessFederation
CloudSaaS
Mobility
Consumers
Perimeter-lessFederation
Cloud / SaaS
Com
plex
ity o
f Sca
le
Complexity of Experience
© 2016 ForgeRock. All rights reserved.
Identity Access ManagementCustomers(millions)
On-premises
People
Applicationsand data
PCsEndpoints
Workforce(thousands)
Partners andSuppliers
Customers(millions)
On-premises PublicCloud
PrivateCloud
People
Things(Tens of millions)
Applicationsand data
PCs PhonesTabletsSmart
WatchesEndpoints
Forrester Report Nov 2015: Market Overview: Customer Identity And Access Management (CIAM) Solutions
Identity Relationship Management
Business Has Changed: Enterprises Now Require Identity Relationship Management (IRM)
Business Has Changed: Enterprises Now Require Identity Relationship Management (IRM)
© 2016 ForgeRock. All rights reserved.
Enterprise AppsMobile Apps Things Cloud
Single Architecture | Next Generation | Open | Chip-to-Cloud Deployments | IRM
Identity ManagementAccess Management Directory Services Identity Gateway
Platform Strategy
© 2016 ForgeRock. All rights reserved.
Shared Services : User Interface, Self-Service, REST API, HTTP, Scripting, Audit and Logging
Federation Synchronization
Authentication & Strong Authentication
Identity Provisioning Application & Service Gateway
Authorization & UMA Provider
Workflow Engine IoT Identity Gateway
Adaptive Risk Self-Service Password Capture & Replay
UMA Protector
Access Management Identity Management Identity Gateway
Data Store
High Availability
Data Segmentation
LDAP / REST
Directory Services
Open Standards, High Availability, On-Premises, Cloud, Hybrid
The ForgeRock Identity Platform is built from the open source projects OpenAM, OpenIDM, OpenIG and OpenDJ
The ForgeRock Identity Platform
© 2016 ForgeRock. All rights reserved.
Throttling
Message Transformation Monitoring
Session Management Token Exchange
SSO
Scripting
Relying Party Authentication Authorization Federation (SAML /
OIDC)
Password Capture & Replay
Protected Resources
Identity Providers Data Stores
Web Applications
APIs
Services Layer
Access Layer HTTP / HTTPS OAuth2.0 | OpenID Connect | SAMLv2
External LayerDatabases
Directories
Files
Audit
ForgeRock Identity Platform: Identity Gateway
© 2016 ForgeRock. All rights reserved. 9
Accelerate your Digital Transformation
• APIs are the secret sauce to becoming digital
• Enable the level of business agility and interconnectedness.
• Identity is core to business and security
© 2016 ForgeRock. All rights reserved. 10
Why a Gateway?
• Mobile First Strategy• Protect APIs• From Mobile to Enterprise Federation
• Micro-Services Architecture• Route to and Protect APIs
• Bridging to IoT• Security• Extend to Legacy
© 2016 ForgeRock. All rights reserved.
ForgeRock Identity Gateway
• A Gateway with many facets:• Identity• API• Mobile• Security• …
© 2016 ForgeRock. All rights reserved.
Identity Gateway
• Improved support for OpenID Connect• Discovery• Registration
• Centralized Authorization Policywith OpenAM
• Simplified Password Replay
© 2016 ForgeRock. All rights reserved.
ForgeRock identity Gateway as API Gateway• Throttling
• Global• Per protected API or Application
• Monitoring• Status• Throughput and Response Times statistics
• Auditing
© 2016 ForgeRock. All rights reserved.
Other Improvements
• Security• Control of TLS protocols and
cipher suites• Mobile Gateway
• Token exchange from OAuth2 to SAMLv2
• Better scalability and performances• Improved ease of configuration
© 2016 ForgeRock. All rights reserved. 15
Demo
© 2016 ForgeRock. All rights reserved.
Discovery and Client Registration…
Identity Gateway
Application
ForgeRockAccess Management
?
© 2016 ForgeRock. All rights reserved.
API Protection
Identity Gateway
APIs
ForgeRockAccess Management
Throttling
Authorization
© 2016 ForgeRock. All rights reserved. 18
Q&A
© 2016 ForgeRock. All rights reserved. 19
Thank You!