• United States

Blockade adds mainframe connectivity to Microsoft identity server

Jun 07, 20043 mins
Enterprise ApplicationsMicrosoft

* Blockade's ManageID Enterprise Suite for Microsoft Identity Integration Server

There’s a new leader in the race for the longest product name of the year: Toronto’s Blockade Systems, which late last month at Microsoft’s Tech Ed conference released ManageID Enterprise Suite for Microsoft Identity Integration Server 2003, Enterprise Edition. We’ll call it MES4MIIS (which is now in the running for longest abbreviation of a product name).

What MES4MIIS does, basically, is extend the number of connectors available for Microsoft Identity Integration Server by adding mainframe connectivity to IBM environments supporting RACF, ACF/2 and Top Secret. If you’ve got a mainframe that uses RACF, ACF/2 or Top Secret then you know what they are. For the rest of you, RACF (Resource Access Control Facility), ACF/2 (Access Control Facility 2) and Top Secret are security systems that provide authentication services to IBM mainframes. Think of them as similar to Active Directory (I know, that’s simplified, but the analogy does work).

If your environment includes mainframes and you want to provide electronic provisioning services, identity synchronization services or even just a unified global address list (GAL), then you’ll need to tie in mainframe accounts to your users’ desktops and (as I’ve mentioned once or twice) Identity Integration Server is a good way to do that.

MES4MIIS provides seamless, bi-directional integration of account provisioning, deprovisioning and management events between your Windows network and the IBM mainframe world. Events within the mainframe environment can be monitored but they can also trigger responses from your Active Directory installation. Likewise, accounts provisioned through Identity Integration Server can now include those on the mainframe. If there’s one environment that Blockade knows well, it’s the mainframe.

Blockade has been providing identity management and user lifecycle products for 15 years, before anyone had heard of “identity management” or “user lifecycle.” You may not know the company because of its mainframe roots, but little by little, Blockade has extended its coverage into Windows and Unix networks beginning with Windows NT and Solaris.

With the opportunity presented by Identity Integration Server and the new focus on e-provisioning of enterprise resources, it seemed a perfect time for Blockade to come forward as the bridge between the two often very detached worlds of Windows networks and mainframes and tie them together in the exciting (because it can save lots of money) field of provisioning.

The RACF Management Agent (MA) for MIIS 2003 is available now, while MAs for ACF/2 and Top Secret will be available by September. All the details can be found at but highlights of the features include:

* Automatic real-time propagation of passwords and identity attributes with the ability to detect local changes.

* Store-and-forward processing and failover capabilities for guaranteed transaction delivery.

* Bi-directional password and attribute synchronization between mainframe platforms and MIIS 2003 Connected Data stores.

* Account association – multiple userIDs with one password.

* Passwords protected using either DES or Triple-DES encryption.

* Multi-level integrated logging.

Many of you won’t need this product (especially those without mainframes in their environment) but the rest of you can’t afford not to at least take a look.