IAM 账号管理和应用单点登录平台简介
Tivoli Identity Manager
自动化地管理用户角色、身份和访问权的生命周期
IBM Tivoli Identity Manager 是自动化的基于策略的用户配置解决方案,能够跨 IT 基础架构管理用户角色、身份和访问权。这一安全的身份管理软件易于部署和使用,能帮助各大组织更轻松地遵守法规、管理风险,以及进行安全协作。。 Tivoli Identity Manager 可通过自动化、用户自助服务和其他创新来节省成本和提高生产力。
? ? ? ? ?
自动管理整个用户生命周期(从注册到终止)的角色、帐户和访问权。这可减少间接成本并消除人工错误。
通过预配置策略和模板加速新应用程序应用和用户注册。该软件可在数分钟而不是数天内为新用户提供所需资源。 提供自助服务界面,以便用户自行修改密码和个人信息。这可减少帮助热线成本并增加 IT 员工的效率。
建立职责分离以增强安全性与合规性。它结合各种需求,防止业务与管理用户访问权的角色和配置策略之间产生冲突。
通过定期纠正工作流程来纠正和去除不合规的访问权,或者通过基于角色的访问控制策略来自动纠正和去除不合规的访问权。这一强大的功能可提供精密的、对审计人员友好的详细信息,以展示合规性。
Easily automate lifecycle management of user roles, identities and access rights
Tivoli Identity Manager helps automate the creation, modification, and termination of user privileges throughout the entire user lifecycle Operational role management helps bridge the gap between how business users view their IT resources and the actual IT implementation of user access rights
? Role hierarchy helps to simplify and reduce the cost of user administration by enabling the use of an organizational role structure
? Separation of duties can strengthen security and compliance by creating, modifying, or deleting policies that exclude users from membership to multiple roles that may present a business conflict
?
User recertification enhancements simplify the attestation process while expanding the means to manage compliance. Recertification of a user’s roles, accounts, and groups in bulk fashion enables managers to make yes/no decisions on a user’s access rights in a single submission
? Group management helps simplify and reduce the cost of user administration with the ability to add, remove, or change the attributes of a group within Tivoli? Identity Manager
? Comprehensive request-based provisioning for requesting and
approving user access to roles, accounts or fine-grained access entitlements such as shared folders and Web portlets
? Features a user interface tailored to specific types of users (auditors, managers, administrators, and more) and is highly customizable
?
Features, advantages and benefits
Advantages Benefits
Automates the implementation of
Quickly connect users to Embedded
administrative requests on the environment,
appropriate resources while provisioning engine
and provides universal connectors for
reducing administration and universal
extending the management model to
workload integration tools
support new and custom environments Enables users to perform password resets, Helps reduce help-desk costs password synchronization, and and ease the burden of daily
Self-service interfaces
modification to personal information administration on help-desk without administrative intervention and IT staff
Demonstrate enforcement of
Detects and corrects discrepancies between
internal controls to auditors Closed loop user
approved account access and local
and eliminate orphan or over provisioning
privileges
privileged accounts
Establishes formal process for
Provides ongoing certification process on
validating access and
whether user access is still valid and allows Access recertification
facilitates critical compliance
for automated remediation of access
requirement
Enables automated assignment of user Reduces cost of manual
administration and enhances Role management access rights via static, hierarchical and
dynamic roles visibility of user access
Mitigates risk and enhances
Prevents user access conflicts within
security by preventing user Separation of duties
organizational processes
access conflicts up front
Centralizes the creation, modification and Accelerates configuration of
Group management
deletion of groups user administration Enables administrators to produce reports Quickly produce reports for Auditing and
Features
Benefits
internal audits and ensuring regulatory compliance Implement and modify
Provisioning policy Simulate impact of provisioning policy on
provisioning policies more
impact simulation user accounts before committing changes
quickly and accurately Consistent security implementation across the
Centralized Web Centralizes the definition of users and
organization while simplifying
administration provisioning of user services
management through a single interface
Enables grouping of users according to
Role and rule-based
business needs and delegation of Helps reduce administration
delegated
administrative privileges along costs
administration
organizational and geographical boundaries
Features reporting mechanisms
Advantages
on who has access to what