Entegrity's AssureAccess has been around as long as most of its rivals but has fallen behind in terms of overall functionality and value. For example, AssureAccess was the only product we tested that didn't support IIS 6.0 or Windows 2003 in any capacity and the only one that didn't perform identity management out of the box.
Entegrity refers to its agents as "adapters." Adapters are available for most well-known Web and application servers, plus the truly ambitious can create custom adapters using the available APIs. The three components required for AssureAccess are an audit service, an authentication service and a management-console service. The management console connects to the identity store for product configuration.
Unlike its rivals, which had Web-based management consoles, Entegrity's Management Console is a locally installed Java application, so we had to log in remotely, via terminal services, to manage the product from an outside location. In the process of installing it on our Windows 2000 Server, we were surprised to find that though AssureAccess supports most LDAP directory servers, the installation program configures only iPlanet automatically. We followed the documentation and without much aggravation manually configured Active Directory to add the classes and attributes required by AssureAccess.
The user interface is designed with a domain tree on the left. Selecting an object in the tree displays the appropriate configuration options on the right, with a useful context-based help panel below. The security model consists of a root domain, which can contain one or more subdomains. Subdomains inherit their default properties from their parents, a scheme that's helpful for configuring complex environments.
Within the domain tree are folders that contain several options, including protected resources, authentication profiles, policies, configurations and user repository connectors. AssureAccess has four types of policies: authorization, audit, authentication and administration. Once we created our policies, we could apply them to the appropriate resources and domains. One example: For a particular resource, we wanted to dynamically grant access to all users with the title of "manager." To do this, we had to first create an authentication policy that added the user's "title" to the attribute certificate generated when a user logs in. Then an authorization policy was created to grant access based only on that attribute.
Discover the benefits of scalable backbone and network services for application and cloud providers.
Network automation is gaining momentum. Here's how you can drive this powerful technology to its full potential.
Subsea cable alternatives can provide a level of comfort for those concerned about disruptions. Realistically, they will continue to play a small, but critical role in the short term.
