Extending Active Directory to Box for Seamless IT Management
-
Upload
okta-inc -
Category
Technology
-
view
1.000 -
download
1
description
Transcript of Extending Active Directory to Box for Seamless IT Management
![Page 1: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/1.jpg)
Box à Active Directory with Okta
![Page 2: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/2.jpg)
Agenda
- Introduction to Okta and Box - AD Integration with Okta - New Offer from Box and Okta
okta confidential 2
![Page 3: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/3.jpg)
IT is Going Through a Radical Transformation…
okta confidential 3
App
licat
ions
Employees, One Desktop
Use
rs
On Premises Increasingly In The Cloud
Consumerization of IT & Post-PC devices
Cross- company collaboration
![Page 4: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/4.jpg)
…That Transformation Causes New Problems
okta confidential 4
App
licat
ions
U
sers
User store
![Page 5: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/5.jpg)
okta confidential 5
![Page 6: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/6.jpg)
okta confidential 6
![Page 7: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/7.jpg)
okta confidential 7
![Page 8: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/8.jpg)
okta confidential 8
![Page 9: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/9.jpg)
okta confidential 9
![Page 10: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/10.jpg)
Modern Identity & Access Management
okta confidential 10
• First true Cloud IAM service • Full suite of IAM features (SSO, provisioning, analytics) • Bridges existing user stores (AD / LDAP) to the cloud
Modern Identity Management
Veteran Team
Strong Customer Success
![Page 11: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/11.jpg)
![Page 12: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/12.jpg)
A simple vision.
Share, manage, and access your content from anywhere.
![Page 13: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/13.jpg)
The Market is Transforming IT Moves to the Cloud
Consumeriza@on of IT
Everyone is Sharing and Collabora@ng
![Page 14: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/14.jpg)
What We Expect From our Apps Now
100% cloud-‐based for low cost and easy maintenance
✔ ✔
✔ ✔ Works on any mobile device
Fully flexible, but compliant with your IT policies
Secure, trusted, scalable, and always available
The New Enterprise Apps Checklist:
![Page 15: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/15.jpg)
MANUFACTURING & INDUSTRIAL
INTERNET & HIGH TECH
ENTERTAINMENT & MEDIA
SERVICES EDUCATION & NON-‐PROFIT
RETAIL
Customers Love Using Box
![Page 16: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/16.jpg)
Our PlaWorm
![Page 17: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/17.jpg)
A Vibrant Ecosystem
300M Monthly API Calls
220+ Applica@ons
8,000+ App Developers
Box Partners
![Page 18: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/18.jpg)
Users IT
Superior Solu@on for Users and IT
ü Easy to use ü Accessible anywhere ü Streamlines sharing
ü Enterprise grade security ü Simple to deploy and maintain ü Lower TCO
![Page 19: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/19.jpg)
Agenda
- Introduction to Okta and Box - AD Integration with Okta - New Offer from Box and Okta
okta confidential 19
![Page 20: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/20.jpg)
Active Directory Integration - Overview
Remote users authenticate with AD username and password
1 Local users transparently authenticate using Integrated Windows Authentication
2
Access policies driven by AD security groups
3
Remote/Mobile Employees
Active Directory
Employees
Okta Agent(s)
Group Sales
Firewall
okta confidential 20
![Page 21: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/21.jpg)
Active Directory Integration - Benefits
Remote/Mobile Employees
Active Directory
Employees
Okta Agents
Group Sales
• Simple agent install, no network configuration required • Multiple agents supported for HA authentication
Easy to Use, Just Works
• Scheduled or Manual Import of Users • Automatic De-Activation in Okta of Disabled/Deleted Users • Delegate Authentication for Okta to AD
Broad Functionality
• Integration into Windows Desktop Login Tight Windows Integration
Remote users authenticate with AD username and password
1 Local users transparently authenticate using Integrated Windows Authentication
2
Access policies driven by AD security groups
3
okta confidential 21
![Page 22: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/22.jpg)
Integrating Active Directory
Download AD Agent, Install on Windows Machine
1 Configure Agent:
Directory Location, Credentials, Sync Interval
3 Configure
import rules
4
Internet Firewall Your Network
AD Domain Controller
Okta Agent (On Windows Server)
https://yourcompany.okta.com
2 • Enter Okta URL and credentials • HTTPS from company to Okta • No firewall configuration necessary
okta confidential 22
![Page 23: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/23.jpg)
Import Options
• Confirm and Activate on Login
okta confidential 23
![Page 24: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/24.jpg)
Ongoing AD User Synchronization
Internet Firewall Your Network
AD Domain Controller
Okta Agent (On Windows Server)
https://yourcompany.okta.com
3 Users provisioned, de-provisioned; application assignments based on security group membership
AD Agent Scans AD for changes and makes HTTPS request to upload to Okta
1
Okta receives update, processes user and group changes
2
okta confidential 24
![Page 25: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/25.jpg)
Delegated Authentication to AD
Internet Firewall Your Network
AD Domain Controller
Okta Agent (On Windows Server)
https://yourcompany.okta.com
User logs into https://yourcompany.okta.com using Okta username & AD password 1 Okta communicates to AD Agent via persistent
connection to validate password 2
Agent responds with success or failure
3 Okta returns Box homepage (success) or failure message
4
Inside/Outside Network
okta confidential 25
![Page 26: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/26.jpg)
Desktop SSO
Firewall
2
1
AD Domain Controller
Get To Box with NO Login Page • User logs on to domain • Can then access Box with no additional login
Secure: Uses Integrated Windows Authentication (Kerberos)
Easy to deploy: Leverages light weight agent running under IIS
Okta IWA Agent
okta confidential 26
![Page 27: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/27.jpg)
Integrated Multifactor Authentication
• Security question • Smart phone Soft Token • Can integrate with 3rd party MFA products
• Flexible policy • Self service configuration • Fully integrated as part of the Okta service
• Phishing • Guessed passwords • Key loggers
okta confidential 27
![Page 28: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/28.jpg)
Case Study
okta confidential 28
![Page 29: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/29.jpg)
Enterasys - Key Challenges
- Security - BYOD, BYOA, Consumerization - “Cloud First” IT strategy - Increasing number of cloud apps, rapid move to
the cloud - No existing SAML infrastructure for single sign-on - Application Adoption Metrics
29
![Page 30: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/30.jpg)
Okta @ Enterasys
30
![Page 31: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/31.jpg)
Enterasys - Key Benefits Realized
- User Benefits - My Applications page - Desktop SSO using Integrated Windows Authentication (IWA) - One password through AD integration - Consistent Access from any device (BYOD)
- IT Benefits - Security - Ability to monitor application adoption - User deprovisioning - AD integration, Groups
31
![Page 32: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/32.jpg)
Agenda
- Introduction to Okta and Box - AD Integration with Okta - New Offer from Box and Okta
okta confidential 32
![Page 33: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/33.jpg)
New Offering from Okta and Box
- Use Okta to Connect Box to Active Directory - Secure Access to Box - Reduce Administration Costs for Box
- Do all of this for FREE okta.com/box
okta confidential 33
![Page 34: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/34.jpg)
Many customers use Okta + Box together today
okta confidential 34
Enterprise SaaS Technology Life
Sciences Online
Services Mfg, Legal,
Finance
![Page 35: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/35.jpg)
Why this new offering?
- Solves a common requirement for Box users (integrate Box with Active Directory) - But now lets you do so for Free
- Introduces Okta to more enterprises. All of you will use more cloud apps in the future, and we want to be the partner you turn to.
- It’s very easy to expand Okta to cover the rest of your applications.
okta confidential 35
![Page 36: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/36.jpg)
Call To Action
Get a free Okta account for Box here: www.okta.com/box Questions? Ryan Carlson, Okta [email protected] Brian Dirking, Box [email protected] okta confidential 36
![Page 37: Extending Active Directory to Box for Seamless IT Management](https://reader031.fdocuments.in/reader031/viewer/2022020207/5492db87ac7959132e8b470c/html5/thumbnails/37.jpg)
okta confidential 37