Novell IM 4 aimed at enterprise data center, cloud security providers

* Identity Manager 4 includes tools for data cleansing, policy framework design and the ability to define roles and entitlements using a simple drag and drop functionality.

Last issue I briefly mentioned Novell's release of Identity Manager 4, announced at BrainShare in Amsterdam. While I was there I had the opportunity to sit down with Jim Ebzery (senior vice president and general manager for the Security, Management and Operating Platforms) and Nick Nichols (Identity Manager product manager) to talk about the new release. Ebzery, by the way, was formerly responsible for leading the Identity and Security Management business unit so he does know what he's talking about.

What they wanted to emphasize is that IM 4 is targeted at both the enterprise data center and the cloud's security providers.

Six misconceptions about cloud apps

For the enterprise it provides all of the traditional IdM: enterprise-grade user provisioning through an integration of more sophisticated roles management, advanced workflow capabilities and intelligent reporting capabilities; it is also designed to support the identity and compliance needs for the most advanced enterprise and includes tools for data cleansing, policy framework design and the ability to define roles and entitlements using a simple drag and drop functionality.

At the same time, according to Ebzery, Novell is targeting the large service provider (such as major telecoms) where they intend to provide identity services for the service provider's end-user clients as well as what amounts to "pass through" services for third-party solution providers using the service provider's platform (similar to what Symplified announced a couple of weeks ago -- see "A shift in cloud solutions ".) Novell's long experience with directory partitioning, for example, gives them a long lead over their rivals to provide identity services on cloud platforms. As Nichols emphasized, silos are still with us and will be for the foreseeable future. Novell has learned to work between and among the silos, connecting the data where needed separating it where necessary.

I recently wrote about the security problems we're still seeing with provisioning and (most especially) de-profession (see "Revealing the 'cracks' in provisioning". Ebzery was very upfront about the problem, emphasizing that "Novell Identity Manager continues to be the only solution uniquely architected for real-time response across multiple environments, which practically eliminates security holes due to delayed de-provisioning." Both Ebzery and Nichols declared that IM 4 was the most secure IdM suite for both the enterprise and the cloud. They may well be right.

Along these lines, Novell was one of the founding members of the new OASIS Identity in the Cloud (IDCloud) Technical Committee, just announced last week. According to the announcement, the group hopes to identify gaps in existing identity management standards and investigate the need for profiles to achieve interoperability within current standards. Committee members intend to perform risk and threat analyses on collected use cases and produce guidelines for mitigating vulnerabilities. We'll be keeping an eye on their progress.

Learn more about this topic

Cloud-based identity management gets a boost

Verizon and Novell team up on cloud security

Novell Pulse enterprise 2.0 suite goes beta next week
Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT