ClearTrust's administrative interface is Web-based and runs on BEA WebLogic or Tomcat. The interface, which consists mainly of resources, administrators, users and entitlements, is intuitive and well-organized, letting us select users and easily grant them access to resources. We also used RSA "smart rules," which let us provide access dynamically based on user attributes rather than on only assigned roles. Although our attempt to create a custom extension module that would grant access based on information in our MS SQL repository fell prey to the limited time we had to tinker with the products, with the right consultants or programmers ClearTrust is quite customizable, boasting nearly 300 APIs for Java, C, DCOM, JAAS, XML, SOAP and others. This will not be a selling point for organizations that use only a single identity store or are willing to consolidate their information; however, companies that use several identity stores may need to keep programmers on staff to handle some access-control issues.
Other notable ClearTrust features are delegated administration and federated identity management. For delegation, we created roles to be applied to distributed administrators. We could use the roles to define whether an administrator had the authority to add, edit or delete other administrators, users, groups, applications, servers, passwords, roles and properties. Although we didn't do any testing using ClearTrust's federated identity management component, the product does support the latest SAML standard. Finally, we were less than ecstatic about ClearTrust's reporting, which consisted of permitting the export of a CSV file; ClearTrust needs more detailed report options.
RSA ClearTrust 5.5.2. RSA Security, (877) 772-4900, (781) 515-5000. www.rsasecurity.com
|
|
SiteMinder and IdentityMinder together provide a complete IAM package. SiteMinder is Netegrity's access-control product, while IdentityMinder is used for identity management. Like most of the products we tested, SiteMinder protects Web resources through the use of agents installed on the protected Web servers. For unsupported Web servers, SiteMinder offers a reverse proxy server.
Discover the benefits of scalable backbone and network services for application and cloud providers.
Network automation is gaining momentum. Here's how you can drive this powerful technology to its full potential.
Subsea cable alternatives can provide a level of comfort for those concerned about disruptions. Realistically, they will continue to play a small, but critical role in the short term.
