Analytics
9/12/2012
02:42 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

RSA Unifies Identity and Access Management Across Enterprise And Cloud Infrastructures

IAM suite provides a dynamic situational perimeter that is both contextual and adaptive

RSA, The Security Division of EMC (NYSE: EMC), today announced new solutions within its Identity and Access Management ("IAM") suite designed to address evolving security challenges that require new ways to manage and protect the growing number of users and device identities, the exponential growth in identity information and the need to help ensure consistent security across enterprise, cloud and mobile infrastructures.

To address the increased mobility of end users, authentication and authorization itself must be delivered from the cloud regardless of user location. As identity information is no longer confined to the enterprise but extends outward to the cloud, RSA has introduced a series of IAM solutions engineered to enable enterprises to confidently extend identity information and access more extensively to partners, consumers and cloud applications with risk-driven controls.

These solutions are engineered to help enable organizations to:

· Create a dynamic perimeter around online user sessions that leverage contextual information to calculate risk and enforces adaptive authentication according to enterprise policy

· Correlate and aggregate identity information and selectively and securely expose it to cloud applications and partners

· Minimize time taken to establish identity federation with cloud applications by using an identity and access broker

· RSA Access Manager – is built to help organizations cost-effectively provide secure access to web applications through web single sign-on (Web SSO), consolidate access controls for enhanced security, benefit from an improved user experience and accelerate application deployment. In addition, RSA Access Manager is designed to support a broad range of authentication methods, including tight integration with RSA Adaptive Authentication for out-of-band phone and the new support for out-of-band email risk-based authentication.

· RSA Adaptive Directory – is engineered to correlate and aggregate identity information across variety of enterprise sources and delivers a global view of identity using a flexible, scalable identity virtualization layer. This is a vital building block for organizations as they prepare to share identity information more widely and add many more identities.

· RSA Adaptive Federation –is designed to provide secure identity federation as a service to assure that the right users have the right access at the right time, to business-critical resources and sensitive data in SaaS applications. Powered by VMware® Horizon Application Manager, RSA Adaptive Federation is engineered to enable secure and convenient access to and from the cloud while lowering deployment and operating expenses associated with products hosted and maintained internally by organizations. With the RSA Adaptive Federation solution, the need for employees to remember sign-on credentials for each cloud application is eliminated and they can securely use any browser-enabled device for access to cloud applications. RSA Adaptive Federation is designed to interoperate with Microsoft Windows® operating systems and RSA SecurID® authentication already deployed at organizations.

Industry Analyst Quote:

Sally Hudson, Research Director, IDC

"Identity and access management in a highly mobile, consumerized IT world changes significantly from traditional enterprise access. Security teams have to support high numbers of short, unpredictable access requests to a wider range of resources, from a wider range of devices and physical locations. Ensuring trust in the identities, the user session and the appropriate access to sensitive resources across mobile, cloud and enterprise infrastructures is a huge challenge for security teams. As a market leader, RSA is well positioned to deliver solutions that dynamically combine risk-based authentication, authorization and federation while simplifying identity infrastructure."

RSA Executive Quote:

Dan Schiappa, Senior Vice President Identity and Data Protection Group

"In today's increasingly mobile, distributed and cloud-based world, security teams need to enable trusted access to critical resources no matter where the user or resource is located, even if large parts of the infrastructure involved are outside of IT's direct control. Today's announcements go a long way towards achieving that goal and deliver on the RSA Cloud Trust Authority vision. Think of it as enabling the security infrastructure to deploy a dynamic perimeter around user access, with the level of authentication determined based on the unique risk of that session. It marries user convenience with far greater security and control for security practitioners."

Availability:

The new solutions are available immediately. RSA Access Manager and RSA Adaptive Directory are available both through RSA direct sales and authorized RSA SecurWorld partners. RSA Adaptive Federation is available through RSA direct sales.

Featured Resources:

· RSA Speaking of Security Blog

o Advent of Adaptive IAM: Security in Motion

o Laying the Foundation for Tomorrow's IAM

Additional Resources:

· Learn more about RSA's Identity and Access Management solutions

· Learn more about Trusted IT from EMC

· Connect with RSA via Twitter, Facebook, YouTube, LinkedIn and the RSA Speaking of Security Blog and Podcast.

About RSA

RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.EMC.com/RSA.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-1421
Published: 2014-04-22
Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar before 1.2.5, 1.2.6, and other versions before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the Category Name field to category.php.

CVE-2013-2105
Published: 2014-04-22
The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html.

CVE-2013-2187
Published: 2014-04-22
Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to the home page.

CVE-2013-4116
Published: 2014-04-22
lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking archives.

CVE-2013-4472
Published: 2014-04-22
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.

Best of the Web