As organizations shift from an internal to external focus, the traditional view of identity and access management (IAM) is changing. IAM is at the forefront of securing access to web resources by controlling and managing access rights to sensitive information for authorized users.
Symplified delivers the most comprehensive integrated offering for managing IAM across and beyond your enterprise. The Symplified IAM solution includes key technologies that help you centralize, manage and provide access consistency to web applications in private, public and hybrid clouds, including single sign-on, access control, user management/provisioning and auditing. With Symplified, you can securely deploy IAM, confident that you have control over users accessing your apps and with the granular auditing that is necessary to meet your compliance needs.
Symplified IAM enables companies to seamlessly operate anytime and anywhere by providing end-to-end security to web apps, ensuring that every user has secure, convenient access to the information and resources they require. Further, it facilitates business with customers, strengthens partner relationships and improves employee productivity while, at the same time, reducing administrative burdens and lowering costs.
Today's cloud-based world requires a new IAM architecture and approach. Traditional IAM architecture does not support the new cloud model and you need an identity infrastructure that can overcome the limitations of your pre-cloud identity architectures.
Symplified's cloud-native architecture was engineered to provide a secure link between the enterprise and the cloud. Delivered via infrastructure-as-a-service, Symplified provides IAM in the same manner as the cloud computing platforms it supports, giving you all the benefits of the cloud: on-demand delivery, seamless integration, scalability, reliable availability and low cost, subscription pricing.
Unlike software-based alternatives, Symplified requires neither the installation of plug-ins nor alteration of the cloud application(s) being accessed. Instead, through intelligent HTTP traffic control and a proxy-based approach, Symplified enforces all access control at the network level without any desktop clients. This is particularly critical for today's growing base of mobile devices that don't support client software.
Symplified can be deployed alongside your current IT infrastructure and integrate with your existing user stores and network architecture without impacting what you already have in place.
With Symplified's built-in virtual directory, complicated directory consolidation is eliminated since you can source user credentials from multiple directories and databases without altering or replicating them.
Encompassing a breadth of security access options, Symplified can be deployed in a manner that allows your users to be authenticated using existing security factors including username/passwords, Windows logins, SAML, OpenID and multi-factor authentication.
Symplified offers complete scalabilityand grows with your infrastructure requirements. The product has been proven – in live-customer environments – to meet the scalability and raw throughput requirements of user populations numbering into the millions. It’s also designed to enable delegated administration and automated policy updates, alleviating the bottlenecks that plague growing infrastructures.
Multiple deployment options also enhance your ability to deploy, integrate and administer Symplified over time. Both the Symplified on-premises and Trust Cloud deployments can manage cloud-scale identities with the security and convenience required by your organization.
For deployment in the cloud, the Symplified Identity Router is hosted in AmazonEC2 and allows for multiple instances to support the needs of large, distributed organizations. Being multi-tenant means that Symplified can separate the identity routers of different companies so that they don't scale at others’ expense.For on-premises deployments, the Identity Router is available on a CentOS virtual hardware appliance that is proven to scale to more than 100,000,000 transactions per day, per Identity Router.
Recognizing the varied network implementations at the enterprise level, Symplified is built its solution in a flexible manner, supporting multiple types of implementations. For example, the Identity Router can be deployed inside the firewall so that you have complete control over its interactions with your user stores. You can also choose to deploy in the cloud via the Symplified Trust Cloud, which does not require any infrastructure provisioning on your part.
As a growing company, you will use more cloud applications over time. We are continually increasing the number of 'out-of-the-box' web applications supported in our Trust Fabric™ app store and also provide Trust Connector, a simple tool that allows you to quickly build your own connectors.
With Symplified you aren't limited to only Active Directory but have the freedom to choose where and how to host your identity data. Our built-in virtual directory unifies existing directories, databases and apps located inside or outside the perimeter. With Symplified you can use a mix of Active Directory, LDAP, SQL and web service directories – all without migration or being forced to replicate your sensitive data outside your firewall.
The Symplified IAM solution includes key technologies that help our customers address their full spectrum of identity and access related business challenges. These key technology components are:
Symplified Studio is the centralized administrative interface where your administrators set up the end-user authorizations for your web applications , upload the security certificates for that access, capture the auditing data about user access, and create the live connection with your user stores.
Studio is built with multiple roles containing different permissions so that you can tightly control the access you want your administrators to have to the console.
As the administrative interface into the Identity Router, Studio can be considered the workhorse that manages access control from your user store to your applications. Symplified uses the XACML standard to enforce access based on role, group, attributes and other data. Policies can be set to control access to the application and data level as well as control resources to the URL level. Once a user authenticates, permissions are checked and a list of accessible apps is dynamically generated for that individual user.
The "brains" of the Symplified solution, the Symplified Identity Router is a low-latency, high throughput, unified IAM stack that enables flexible policy control over data, users, federations, SSO and applications.
The Identity Router accesses user store information within your network (e.g., Active Directory, LDAP, RDBMS, etc.) and/or user stores hosted by third parties (e.g., Salesforce.com, Google, etc.). It also supports "directory hunting" – where the solution searches through multiple user stores to locate and authenticate a user. Symplified doesn't try to replicate your user store because that would create another version of your critical user credentials, requiring further management overhead. Rather, Symplified requests credential validation from the user store when a user attempts to log in to one of the protected web applications. It can be configured in a cluster for both high availability and scalability using standard load balancing technology.
Identity routers manage complex networks and ease the integration of the cloud for any size organization. By combining the multiple layers of identity and access-management technology in a high-performance reverse proxy, this solution delivers powerful and flexible IAM with enterprise performance.
The IDR can be deployed in two ways:
Delivered as a virtual hardware appliance, it has a hardened OS and performance-optimized software that delivers IAM in a single device. It is complemented with cloud-delivered updates and policy management. The onsite appliance is typically deployed in your DMZ so that it can accept connections from users both inside and outside the firewall. This self-contained appliance requires minimal modification to your IT infrastructure and can be centrally managed from a single administrative console. Symplified offers a simple migration path from the on-premises appliance to the Trust Cloud.
Delivered as a hosted proxy gateway in Amazon EC2 (SAS 70 Type II data center), the Trust Cloud integrates with your behind-the-firewall directories and provides the same IAM capabilities as the appliance. Trust Cloud offers global deployment choices, elastic scale up and scale out and cross-firewall SSL secure networking. The advantages to this deployment model include faster time to realize value, lower startup and management costs, and a pricing structure that scales as needed. These deployment models do not require any software, web agents, additional data stores, authentication server, or policy decision or enforcement server. All functionality is contained in the Identity Router itself or in the cloud. The Identity Router acts as both a policy decision point and policy enforcement point, and does not require a connection to Symplified's cloud servers to perform its functionality.
These deployment models do not require any software, web agents, additional data stores, authentication server, or policy decision or enforcement server. All functionality is contained in the Identity Router itself or in the cloud. The Identity Router acts as both a policy decision point and policy enforcement point, and does not require a connection to Symplified's cloud servers to perform its functionality.
Secure single sign-on to key web applications is not complete without the application delivery step. With Symplified you can bring together your portfolio of applications and deliver them to your end users through a dynamic personalized portal that’s optimized for today’s popular mobile devices. You can use your existing portal or use Symplified's "out-of-the cloud" portal. End users simply access the applications for which they have been authorized through a "ribbon" within the portal. Developers can use Symplified's portal APIs to build identity-driven personalized experiences.
