© 2016 ForgeRock. All rights reserved.

Identity Gateway with the ForgeRock Identity Platform - So What’s New?

• Ludovic Poitou – Product Manager• Rob MacDonald, Product Marketing Director

© 2016 ForgeRock. All rights reserved.

ForgeRock: At a Glance

• Fastest-growing open source identity security software company in the world

• Founded: 2010• Headquartered in San Francisco with offices in

6 countries• Employees: 350+• Customers: 400+ Enterprises in 30+ countries• Global Reach: ~50% international revenue• Funding to Date (thru Series C): $52M• Investors: Accel Partners, Foundation Capital

and Meritech Capital Partners

Key Facts Mission Statement

The forgerock identity platform currently powers

more than 500 million identities. It is our goal to become the market leader

in digital transformation and security for enterprise

identity worldwide.

© 2016 ForgeRock. All rights reserved.

Perimeter-Based Security Identity-Centric Security

Enables Digital Business

Untrusted

Trusted

Inhibits Digital Business

Old Security Model is Broken. Security Must Now Be Identity-Based.

Enables Digital BusinessInhibits Digital Business

© 2016 ForgeRock. All rights reserved.

Changes are adding Complexity

Employees

Employees &Partners

PerimeterPerimeter Federation

Things

Perimeter-lessFederation

CloudSaaS

Mobility

Consumers

Perimeter-lessFederation

Cloud / SaaS

Com

plex

ity o

f Sca

le

Complexity of Experience

© 2016 ForgeRock. All rights reserved.

Identity Access ManagementCustomers(millions)

On-premises

People

Applicationsand data

PCsEndpoints

Workforce(thousands)

Partners andSuppliers

Customers(millions)

On-premises PublicCloud

PrivateCloud

People

Things(Tens of millions)

Applicationsand data

PCs PhonesTabletsSmart

WatchesEndpoints

Forrester Report Nov 2015: Market Overview: Customer Identity And Access Management (CIAM) Solutions

Identity Relationship Management

Business Has Changed: Enterprises Now Require Identity Relationship Management (IRM)

Business Has Changed: Enterprises Now Require Identity Relationship Management (IRM)

© 2016 ForgeRock. All rights reserved.

Enterprise AppsMobile Apps Things Cloud

Single Architecture | Next Generation | Open | Chip-to-Cloud Deployments | IRM

Identity ManagementAccess Management Directory Services Identity Gateway

Platform Strategy

© 2016 ForgeRock. All rights reserved.

Shared Services : User Interface, Self-Service, REST API, HTTP, Scripting, Audit and Logging

Federation Synchronization

Authentication & Strong Authentication

Identity Provisioning Application & Service Gateway

Authorization & UMA Provider

Workflow Engine IoT Identity Gateway

Adaptive Risk Self-Service Password Capture & Replay

UMA Protector

Access Management Identity Management Identity Gateway

Data Store

High Availability

Data Segmentation

LDAP / REST

Directory Services

Open Standards, High Availability, On-Premises, Cloud, Hybrid

The ForgeRock Identity Platform is built from the open source projects OpenAM, OpenIDM, OpenIG and OpenDJ

The ForgeRock Identity Platform

© 2016 ForgeRock. All rights reserved.

Throttling

Message Transformation Monitoring

Session Management Token Exchange

SSO

Scripting

Relying Party Authentication Authorization Federation (SAML /

OIDC)

Password Capture & Replay

Protected Resources

Identity Providers Data Stores

Web Applications

APIs

Services Layer

Access Layer HTTP / HTTPS OAuth2.0 | OpenID Connect | SAMLv2

External LayerDatabases

Directories

Files

Audit

ForgeRock Identity Platform: Identity Gateway

© 2016 ForgeRock. All rights reserved. 9

Accelerate your Digital Transformation

• APIs are the secret sauce to becoming digital

• Enable the level of business agility and interconnectedness.

• Identity is core to business and security

© 2016 ForgeRock. All rights reserved. 10

Why a Gateway?

• Mobile First Strategy• Protect APIs• From Mobile to Enterprise Federation

• Micro-Services Architecture• Route to and Protect APIs

• Bridging to IoT• Security• Extend to Legacy

© 2016 ForgeRock. All rights reserved.

ForgeRock Identity Gateway

• A Gateway with many facets:• Identity• API• Mobile• Security• …

© 2016 ForgeRock. All rights reserved.

Identity Gateway

• Improved support for OpenID Connect• Discovery• Registration

• Centralized Authorization Policywith OpenAM

• Simplified Password Replay

© 2016 ForgeRock. All rights reserved.

ForgeRock identity Gateway as API Gateway• Throttling

• Global• Per protected API or Application

• Monitoring• Status• Throughput and Response Times statistics

• Auditing

© 2016 ForgeRock. All rights reserved.

Other Improvements

• Security• Control of TLS protocols and

cipher suites• Mobile Gateway

• Token exchange from OAuth2 to SAMLv2

• Better scalability and performances• Improved ease of configuration

© 2016 ForgeRock. All rights reserved. 15

Demo

© 2016 ForgeRock. All rights reserved.

Discovery and Client Registration…

Identity Gateway

Application

ForgeRockAccess Management

?

© 2016 ForgeRock. All rights reserved.

API Protection

Identity Gateway

APIs

ForgeRockAccess Management

Throttling

Authorization

© 2016 ForgeRock. All rights reserved. 18

Q&A

© 2016 ForgeRock. All rights reserved. 19

Thank You!