RSA Federated Identity Manager
Extending Trust to the Cloud
A Federation Scenario
Sorry, this product is no longer available, please contact us for a replacement.
Click here to jump to more pricing!
Overview:
In today’s global market, effective business models rely heavily on an ecosystem shared by employees, partners, and customers. The need to securely access applications and collaborate across enterprise boundaries is critical as this partner ecosystem expands, and information grows. RSA Federated Identity Manager enables organizations to cost-effectively federate identities and extend trust between multiple organizations. With RSA Federated Identity Manager, organizations can extend the management of digital identities beyond their domain and corporate boundaries to externally hosted or managed applications and resources.
RSA Federated Identity Manager installs on-premise and provides federated single sign- on for both identity provider and service provider models. Federated single sign-on provides a standards-based method to leverage trusted identities between organizations, collaborating with business and service partners. RSA Federated Identity Manager provides access to other cloud service providers, which is a significant benefit with the aggressive adoption of cloud-based applications.
RSA Federated Identity Manager has a highly flexible, open and extensible underlying architecture. This enhances user productivity, enforces internal identity security policies to make stronger security decisions, and allows for more efficient identity integration with partners. Essentially, RSA Federated Identity Manager provides organizations with the ability to address new business problems and use cases, and also scales with customer growth.
Essentials:
Secure Access to SaaS Applications
- Federated single sign-on (FSSO) for identity provider (IdP) and service provider (SP) models
- Simple and secure on-premise installation and deployment
- Enables businesses to quickly and seamlessly federate with partners, customers, and employees across enterprise boundaries
Robust Authentication to the Cloud
- Out-of-the-box integration with RSA SecurID two-factor authentication
Increase Business Productivity
- Flexible and extensible architecture
- Leverages industry standard federation protocols for easy integration with existing cloud- based applications.
- Enhances security, reduces administrative expenses, and increases collaboration across enterprise boundaries
Features:
Seamless Collaboration Across Enterprise Boundaries
RSA Federated Identity Manager enables seamless collaboration and productivity across enterprise boundaries and to/from the cloud. It installs on-premise, and delivers a light- weight solution enabling businesses to quickly and easily federate with partners who do not have the requirements of deploying a complete identity and access management solution.
RSA Federated Identity Manager packages the following features and capabilities into an easy-to-deploy, effective solution for enterprises to access cloud-based applications.
- Quick setup tools, a wizard-based approach, UI configurable security policies, bulk federation, policy cloning and other automated capabilities to speed deployment time.
- Fully-functional, out-of-the-box federation sample application for prototyping, a proof- of-concept and interoperability testing between partner locations
- Digital signing and local / remote digital certification validation capabilities
- Flexible plug-in architecture for integration with LDAP and SQL data stores, or with existing identity infrastructures
- Flexible and secure deployment models that accommodate virtually any architecture and partner trust model
Multi-factor Authentication For Secure Access
Since federation is based on trust across enterprise boundaries, it is significantly more challenging to determine the identity of users. By integrating with strong two-factor authentication, enterprises can be confident that the identity is being used by the person it belongs to. RSA Federated Identity Manager supports RSA SecurID two-factor authentication out-of-the-box to ensure the authenticity of federated identities. In addition, RSA Federated Identity Manager also supports the risk-based authentication (RBA) feature set introduced in RSA Authentication Manager 8.0 – this feature set triggers additional step-up authentication methods types based on the risk-score of the transaction.
Standards-based Federation Support For Optimal Flexibility
The OASIS Security Assertion Markup Language (SAML) is the industry standard for the extensible markup language (XML). It enables XML-based applications to securely exchange authentication, attribute, and authorization information between two or more SAML-compliant applications. This removes the need for costly, cumbersome proprietary and one-off solutions.
RSA Federated Identity Manager supports the SAML and WS-FED identity provider/service provider trust relationship. It is designed to be flexible and readily customizable, making it easy to add additional trust relationships, and integrate with a customer’s existing user and attribute repositories. Furthermore, RSA Federated Identity Manager is designed to support the most popular federation use cases. With RSA Federated Identity Manager, organizations have the ability to implement the
- Web single sign-on. Authenticated web users can easily move between applications within their environment or among business partners – without re-authenticating – using consistent and secure mechanisms for the exchange of identity information.
- Attribute service. As users move from one web site or service to another, RSA Federated Identity Manager allow applications or web services to capture additional attributes about that user – such as role, employee ID number or account balance. RSA Federated Identity Manager puts you in control of which attributes are shared between business partners and how that information is securely exchanged.
- Account linking. Account linking enables end-users to choose which accounts they would like to federate to, and allows end-users to create the linkages between accounts. This capability empowers end-users by enabling easy access to various sites, especially as business transactions continue to build across organizational boundaries.
- X.509 Attribute Sharing Profile. The SAML XASP profile enables service provider applications that have successfully authenticated the user with a digital certificate to send a SAML request to the issuing organization, and retrieve sensitive user attributes that not included in the underlying certificate. By supporting this profile, RSA federated Identity Manager enables dynamic retrieval of user attributes and facilitates access control decisions in real time.
Specifications:
| Product Specifications | |
|---|---|
| Currently shipping version | RSA Federated Identity Manager 4 |
| Supported operating systems | VMware ESX 5.1 hosting:
Native:
|
| Supported application servers | Non-clustered:
Clustered:
|
| Supported data stores |
|
| Supported browsers |
|
| Supported federation protocols |
|
| Supported plug-ins |
Others
|
| Minimum system requirements |
|
Documentation:
Download the RSA Federated Identity Manager Data Sheet (PDF).
Pricing Notes:
- Pricing and product availability subject to change without notice.