Sun Microsystems has launched three identity
management applications that combine its existing product line with technology it acquired
from WaveSet in November 2003.
The new lines are part of a major product and service announcement that Sun launched Tuesday, which also shines a spotlight on its ID Management systems that have been gaining traction around the globe.
Java-based System Identity Manager, System Access Manager and System
Directory Server Enterprise Edition will be generally available on July 1st for
enterprises looking to incorporate ID management.
The technology is used to allow employees, partners and customers access to
the company intranet using any number of methods (wireless phone, PC, etc.),
securely and allowing access only to pre-determined areas. So, for example,
an employee might have rights to several back-end databases and applications
for processing orders but a customer or partner would only have access to,
say, the front-end order processing application or portal.
Officials at the Santa Clara, Calif., software and hardware company are looking to gain market traction with its three products, which
are the combination of eight separate Sun and WaveSet applications. They include:
- Identity Manager provisions and manages individual user accounts,
whether the end user is accessing the network by email, phone, device or PC.
It also synchronizes user accounts. - System Access Manager provides the support for entering the network
using the federated ID standards of the Liberty Alliance and Security
Assertion Markup Language 1.1specifications. - System Directory Server – the database repository for all the identity
policies and information, featuring load-balancing, security and integration
with the Microsoft Active Directory.
Pricing, which depends primarily on the scope of the network and the number
of people using the software, is varied, and runs between $50,000 and
$150,000. In the case of the Directory Server, pricing is dependent on the
number of entries contained in the database.
If it seems odd that Sun — which helped create the Liberty Alliance to foil
the federated ID strategy of Microsoft’s .NET and
Passport — would include Active Directory support, it’s a concession by the
long-time rival of the Redmond, Wash., giant of the software’s dominance in
the industry.
Sara Gates, Sun director of product management for ID management, said they
do plan on expanding support to other directory services but are first
concentrating on customer demands for Microsoft support.
“Most customers have both Active Directory and the Sun Directory and we’re
providing the ability to keep passwords in synch between those two
directories,” she said. “I do think that we expand that over time, but
right now those are the most frequently requested.”
Sun and other software vendors are rushing to provide a consolidated ID
management offering as more companies come on board the technology movement.
As the desktop becomes one of several tools to access the network, as well
as the integration capabilities of Web services
service-oriented architectures, keeping track of user identification and
permissions across multiple applications and even other networks is becoming
ever more important.
In addition to Microsoft’s Passport option, Hewlett-Packard
jumped into the fray a couple weeks ago with its announcement to acquire TruLogica,
an ID management firm. The merger is seen as a key addition to HP’s utility computing
strategy, called the “Adaptive Enterprise.”
While officials concede HP’s entrance into the ID management space as
potential competitors, Kevin Cunningham, Sun’s director of ID management
marketing, said the company’s purchase of TruLogica doesn’t put them on the
same playing field as Sun.
“HP is missing a couple key components, I believe,” he said. “They don’t
have anything at the repository level; they just acquired something at the
management level, unproven technology, a relatively new player in the
marketplace [with] very few customers. They are also missing something in
the synchronization area.”
The real aim at Sun, he said, is to knock off IBM, which wraps the
technology in its Tivoli software, though Cunningham believes they are
behind the curve as well.
“If I wanted to pick a competitor who I think most closely represents our
strategy, it would be IBM, because they’ve got all the piece parts —
they’ve got the directory, they’ve got provisioning, synchronization,
they’ve got the access and authentication,” he said. “They haven’t
coalesced them like the way we’re aggressively doing so. Will they do so?
I think so.
“Our goal is to create a two-horse race between IBM and Sun,” Cunningham
added.
Earl Perkins, a vice president in research firm META Group’s technology
research services division, said companies like IBM and Computer Associates
should take Sun’s identity management push seriously.
Unlike previous acquisitions, where Sun would buy up the technology and gut
the development team with its own engineers, this time around 100 employees
are staying. More importantly, they’re making all the decision-making
within the ID management group.
“To be honest, there’s still some merger inertia to overcome,” Perkins said.
“But I’ll grant you this, the inertia seems to be dispelling at a quicker
pace than the analyst community expected; we didn’t expect Sun to
incorporate and move this quickly.
“One of the reasons we think it’s moving quickly is [Sun’s] decision to
allow the WaveSet team to make the decisions,” he added. “We feel
that IBM, Tivoli, Novell, CA, BMC and the others should be a bit more
concerned than they were in January, when they thought the WaveSet
acquisition would go the way of Sun acquisitions of the past.”
The end goal for Sun is to wrap all three products into their Java
Enterprise System (JES), Sun’s $100 per employee, per year software and
services package. Designed, obviously, for the enterprise, it wraps up the
infrastructure needs on the network: network identity, Web and application,
communication and collaboration, portal, availability and security services.
However, Sun is not quite as integrated with network identity and JES as
they would like. While System Directory Server and Access Manager — the
repository and security software — are both fully integrated into the JES,
the Identity Manager that handles identity permissions and profiles, as well
as synchronization, will not be integrated in the foreseeable future.
Cunningham expects it to be completed early next year, though a lot of work
remains to be done it seems. He mentioned the need to work with the
Identity Manager’s installer, as well as synching the common component usage
between the two before the JES and application are fully integrated.
“Just from a technical perspective, there’s some work to be done before we
can say, ‘yeah, this is integrated at the JES level,’ ” he said.
