Sydney Identity Unconference Introduction and Highlights

© 2016 ForgeRock. All rights reserved. 1

Network:MCA_VenuesAccessCode:mcaeve


Welcome

Daniel Raskin, SVP Product Management, ForgeRock

Sydney Identity Unconference


DISCLAIMER The roadmap represents ForgeRock´s current view of its product development cycle and future directions. It is intended for information purposes only, and should not be interpreted as a commitment on the part of ForgeRock. ForgeRock makes no warranties, expressed or implied, on future functionality and timeline.

PROPRIETARY AND CONFIDENTIAL


Unified Platform

UMA Provider Mobile OTP App Synchronization Auditing

LDAPv3 REST/JSON

Replication Access Control

Schema Management

Caching

Auditing

Monitoring

Groups

Password Policy

Active Directory Pass-thru

Reporting

Authentication Authorization Provisioning User Self-Service Authentication OIDC / OAuth2

Federation / SSO User Self-Service Workflow Engine Reconciliation Password Replay SAML2

Adaptive Risk Stateless/Stateful Registration Role Provisioning Message Transformation

API Security Scripting

Built from Open Source Projects:

UMA Resource

Access Management Identity Management Identity Gateway

Directory Services

Com

mon

RES

T AP

I

Com

mon

Use

r Int

erfa

ce

Com

mon

Aud

it/Lo

ggin

g

Com

mon

Scr

iptin

g


CIAM IoT

Cloud

CIAM Top-line revenue

through marketing enablement, contextual

security and enrichment

IoT Identity relationship management across users, devices and

things.

Cloud Identity context that’s portable

across ALL clouds.

Platform Development: Strategic Focus


CIAM IoT

Cloud

Platform Development: Strategic Focus

CIAM Contextual identity (2016)

Advanced self-service (2016) Social registration (2016)

Global social plugins (2016) Marketing connector 1.0 (2016) User

User Managed Access 2.0 (2017) Regional social plugins (2017)

Mobile intelligence (2017) Advanced Context (2017)

Consent Management (2017)

Cloud Cloud Platform Autonomous Servers (2016)

Containerized image manifests (2016) Devops administration (2016)

Configuration as an Artifact (2017) Cloud Elastic (2017)

IoT Stateless sessions (2016) Proof of possession (2016) Siemens Device Reg (2016)

Distributed Cloud Arch (2016) IDM Performance Boost (2016)

IoT Connectors (2017) Stateless AuthN (2017) Stateless AuthZ (2017) Graph Plugins (2017)

In-memory DB Plugin (2017) Advanced Device Reg (2017)


CIAM

IoT

Cloud

Platform Development: Strategic Focus Unified Platform Drives Economies of Scale

REST API (2016) Audit Framework (2016) Audit Handlers (2016) API Descriptor (2016)

Common configuration (2017) Common Repository (2017) Common Keystore (2017)


Highlights: Advanced Authentication Comprehensive authentication across end-to-end enterprise is a hard problem to solve. Our ability to plug-in everywhere and create complex avenues of authentication is our differentiation.

Push Notifications

Social Sign-on

Mobile Authenticator

Identity Context

Adaptive Risk

AuthN Chains Pass Fail


Highlights: Advanced Self-Service

Basics Advanced

Social Registration & Consent

Admin Configs

Auto Login

Email/SMS Notifications

Push Notifications

Scriptable Stages

Customer identity vendors are emphasizing marketing enablement only with self service. Our opportunity lies in our ability to blend marketing and security in a single solution.


Highlights: Push Authentication Passwordless or Step-up for iPhone and Android



Highlights: Social Registration & Enablement

… Pluggable IDP… Connector Framework …


Highlights: Common REST API Descriptor


Highlights: ForgeRock Contextual Identity


Highlights: ForgeRock Continuous Authorization


Highlights: ForgeRock Common Audit Framework

Available Audit Handlers

Handlers Publishesto

CSV CSVfiles

Syslog Thesyslogdaemon

JDBC Arela=onaldatabase

Elas=csearch AnElas=csearchstore

JMS JMStopics


Highlights: ForgeRock Object Model Visualization


Highlights: ForgeRock Identity Gateway

19


Highlights: Massive Scale w/ Stateless Arch

•  Flexible deployment option to address cloud elasticity and massive horizontal scalability

•  Configuration can be on a per-realm basis •  Stateless = state information is encoded in

JWT token •  Stateful = tokens persisted in the Core Token

Service

OpenAM Server

OpenAM Server

OpenAM Server

AWS1 AWS2 AWS3

Microservices Client App

Distributed Cloud Environment


Highlights: Portability Across Clouds

Elastic Scale Rapid Deployment Microservices Architecture

Run Anywhere Run Anywhere

Containerized Images Auto Scale Stateless Identity Across Clouds


Highlights: Autonomous Servers

•  Servers operate autonomously

•  No cross-talk or knowledge of peers required

•  Horizontally scalable •  Parallel instantiations •  Seamless shrinkage

22

Elastic Load Balancer

OpenAM Server1

OpenAM Server14

OpenAM Server8

OpenAM Server19

…

Internet



Highlights: Next Gen DevOps

Product Configuration

Product Manifests

ForgeRockImages

JavaImage

TomcatImage

… OtherImages

DOCKER REPOSITORY

Moving beyond ad-hoc automation to take advantage of patterns that deliver predictable capabilities. ("The cloud-native future," Casey West)


Highlights: Cloud Foundry Service Broker

Router

Service4Service3Service1 Service2

APIClient

CloudController

ForgeRockServiceBroker


Thank You!

Sydney Identity Unconference Introduction and Highlights

Software

Transcript of Sydney Identity Unconference Introduction and Highlights