The fate of IBM’s identity management acquisitions

A number of people have asked me lately about the status of IBM’s acquisitions in the identity management space last summer. You’ll hopefully remember that Big Blue acquired Access360, a provisioning and directory-enabled applications provider and MetaMerge, the Norwegian virtual directory vendor (see editorial links below).

When plans for the Access360 acquisition were announced, I noted that IBM has never been quick to exploit acquisitions (some say that Tivoli itself is still not fully integrated into the IBM corporate world). So it was interesting that when I went to check on the progress of these acquisitions by visiting https://www.tivoli.com/ I found that all of its content was finally being moved to https://www.ibm.com/software/tivoli/ (http://www.lotus.com is still around, but who knows for how long?).

I managed recently to grab a few moments with Eric McNeil, the product manager for IBM’s directory server products to catch up on the fate of Access360 and MetaMerge. When I spoke to McNeil at last year’s Catalyst Conference (right after the MetaMerge acquisition, but before the purchase of Access360) he said that IBM would be building solutions using existing products (the directory, WebSphere, DB2, etc.) integrated with the newly acquired technologies. Those products would be used as a way to foster growth in the “Web services” space, he said.

Turns out, he was right. While I quibble with the product placement (under “Security Services”), all of IBM’s directory-enabled identity management tools, apps and services are being brought together under the branding “IBM Tivoli” manager products. Thus we have:

* IBM Tivoli Access Manager for Business Integration – Provides access control end-to-end, application level data protection, and centralized security policy management for the IBM WebSphere MQ environment.

* IBM Tivoli Access Manager for e-business – Provides end-to-end security for e-business, including Web single sign-on, distributed Web-based administration, and policy-based security.

* IBM Tivoli Access Manager for Operating Systems – Protects individual application and operating system resources by addressing system vulnerabilities surrounding Unix/Linux super user or root accounts.

* IBM Tivoli Identity Manager – Centrally coordinates the creation of user accounts, the workflow for automating the approval process and the provisioning of resources.

* IBM Tivoli Privacy Manager for e-business – Protects consumer trust and brand integrity by implementing privacy policies which guard consumers’ personally identifiable information.

* IBM Tivoli Risk Manager – Simplifies into a single console the events and alerts generated by numerous point products to manage security incidents and vulnerabilities.

Still not fully integrated into the “IBM/Tivoli” namespace are:

* Tivoli Global Sign-On.

* Tivoli Intrusion Manager.

* Tivoli User Administration.

These are mostly for older customers who’ve used these Tivoli-branded technologies for a number of years. The technologies themselves have actually been incorporated into the IBM/Tivoli brand.

The acquired technologies have been fully integrated into the identity products in a way that enhances IBM’s previous offerings. It was a big task, one many people felt was beyond IBM’s capabilities, but it seems to be progressing nicely. Don’t overlook IBM if you’re planning a large-scale identity management project.