OverviewEvidian SOA Access Manager
Features
Evidian SOA Access Manager provides:
- Multiple user authentication options
- Single Sign-On
- Centralized audit
- High availability and scalability
- Centralized administration
- Standards-compliant directory-based solution
Multiple user authentication options
Evidian SOA Access Manager supports multiple authentication types. End users can be authenticated using:
- Username and password
- A one-time password supported by hardware tokens
- One-time password (OTP) devices. In this case, the login module installed on a workstation obtains the OTP from the SDM and uses it to authenticate the user and provide SSO
Secure Socket Layer (SSL) is used to ensure the confidentiality of any exchange between the JAAS Login Module and the authentication server.
Single Sign-On
Evidian SOA Access Manager provides Single Sign-On thanks to the end-user's SAML token. The SAML token is presented to trusted applications, thus preventing these applications from asking the end-users to log in again.
Centralized audit
Evidian SOA Access Manager enables you to audit user authentication. Audit messages are stored in log files that can be consulted at any time.
High availability and scalability
The ability to provide very high availability is a very important aspect of a security solution. Evidian SOA Access Manager provides scalability, with load balancing and high availability, by adding authentication servers on other machines and the Evidian SafeKit software. In addition SafeKit offers automatic fail-over of any component in the event of a failure.
In order to achieve high availability, Evidian SOA Access Manager supports full replication of LDAP directories.
Scalability enables the product to support automatic load balancing so as to maintain consistently high and predictable performance. With SafeKit, Evidian SOA Access Manager provides a scalable authentication service, supporting load balancing.
Centralized administration
Evidian SOA Access Manager provides access to all features needing administration through a single console—authentication, Public Key Infrastructure, and access control rules for each application. The administration console is a Java application running on web browsers that support the Java Run-time Environment plug-in.
In addition, Evidian SOA Access Manager provides customizable administration with a set of Java APIs. All the functions available in the administration console can be used by programmers to develop a customized administration application.
Standards-compliant directory-based solution
Evidian SOA Access Manager supports native, fully compliant LDAP directory standards. It uses two directory instances:
- The Evidian Access Management Directory describes security objects and the configuration
- The Users Directory (an LDAP-compliant enterprise directory) contains user and group information. Such a directory exists already in most enterprise, so this instance can be separated from the Access Management directory. As a result, you do not need to incur the expense of installing and managing separate and redundant user directories.
Want to know more?
