Web Access Management in the Cloud Problem Solved

Web Access Management in the Cloud: Problem Solved! Single Sign On, Session Management and how to use Site. Minder to protect applications in the Cloud

Outcome… Seamless and Secure Integration Fortune 50 retail company makes an acquisition, and has seamlessly and securely integrated the new web apps with its e. Commerce portal, without having to bring the apps in-house or creating a VPN to the new company Successfully Moving. Net applications to Microsoft Azure Fortune 50 finance company successfully moves its. Net applications to Microsoft Azure while preserving all of its SSO integrations, authentication and access policies, and audit capabilities HTML 5 js CSS 3 XML Cloud PHP Acquired Company Existing Web Apps ASP. NET C# . NET IIS . Net Applications www. idfconnect. com e. Commerce Portal Microsoft Azure 2

A Common Quandary! Key Question How do we leverage our existing WAM infrastructure to handle platforms & applications in the public cloud? The Situation Constraints 50+ applications protected by Site. Minder NO new firewall ports Multiple user directories NO cloud-to-datacenter VPNs Multiple Password policies NO syncing/pushing employee credentials to the cloud Multiple authentication mechanisms incl 2 FA www. idfconnect. com 3

A Complete Web Access Management Solution 01 06 Centralized Audit 05 Session Maximum Time-to-Live 04 Authentication Management Web Access Management Idle Session Timeout Single Sign On www. idfconnect. com 02 Access Control Enforcement 03 4

WAM Gaps in the Cloud 01 06 Centralized Audit 05 Session Maximum Time-to-Live 04 Authentication Management Web Access Management (Gaps in the Cloud) Idle Session Timeout Single Sign On www. idfconnect. com 02 Access Control Enforcement 03 5

WAM Gaps in the Cloud All Solved by SSO/Rest 01 06 Centralized Audit 05 Session Maximum Time-to-Live 04 Authentication Management Web Access Management (Gaps in the Cloud) Idle Session Timeout Single Sign On www. idfconnect. com 02 Access Control Enforcement 03 6

Remember: Federation is NOT the Same as Web Access Management Federation Web Access Management (WAM) future business www. yourwebsite. com SAM Policy Enforcement Point (PEP) L OAu th Open ID Authentication Policy Decision Point (PDP) One-time handoff from partner IDP Perimeter Defense Access control Audit Session lifecycle management Limited logout capability www. idfconnect. com 7

The SSO/Rest Solution SSO/Rest combines existing and emerging technologies to extend the perimeter of your IAM solution safely and securely into your public Cloud platforms A Rest based- lightweight B Engineered to solve this problem C Easy to use, handles latency, transparent…. D No firewall holes - secure SSO/Rest! www. idfconnect. com 8

SSO/Rest Solution Architecture Cloud Corporate Network Browser call to cloud application Browser SSO/Rest session validation request SSO/Rest Plugin CA SSO Agent traffic SSO/Rest Gateway CA SSO (Site. Minder) Policy Server Cloud Apps Legend Response (with updated SMSESSION cookie) JSON reply from SSO/Rest Browser HTTP traffic SSO/Rest HTTP traffic www. idfconnect. com Policy Server Response Site. Minder Agent tunnel 9

Your App Runs in the Cloud But Site. Minder Thinks its in your Own Data Center www. idfconnect. com 10

SSO/Rest Web Services Endpoints “Look Mom! No VPN!” Login Update Session Gateway SSO/Rest Engine Enable / Disable Change Password Validate Session is. Protected is. Authorized www. idfconnect. com 11

SSO/Rest Solves Many Challenges Applications in the Cloud "Agent-less" Infrastructure AJAX / Mobile / Thick Client Application Integration Server-side Application Integration 5 SSO/Rest Use Cases www. idfconnect. com WAM-as-a-Service 12

Also check out our other products: www. idfconnect. com/products Turn CA SSO into your Enterprise 2 -Factor Auth Solution with SSO/Mobile. Key. For more details visit www. idfconnect. com/products/ssomobilekey/ THANK YOU! For More Information, Please Visit IDF Connect, Inc. 2207 Concord Pike #359 Wilmington, DE 19803 Phone: (888) 765 -1611 Fax: (888) 765 -7284 www. idfconnect. com @IDFConnect @rsand 2 www. linkedin. com/in/rsand www. facebook. com/IDFConnect