Description

The aim of implementing an identity and access management strategy is to strengthen security and simplify access to the most important company information. During this Identity and Access Management training you will learn how to implement a single authentication system based on a robust system which relies on a PKI infrastructure respecting industry standards, a federated management strategy of identities and the latest cloud technologies.

Who is this training for ?

For whom ?

This seminar is aimed at IT directors, research directors, technical architects, IT project managers.

Prerequisites

It is advisable to know the security issues covered, for example, in the ISS Fundamentals training. You must also know how to use a Windows operating system.

Training objectives

Implement an identity management/authentication strategy to control access to your IT resources

Develop a public key infrastructure (PKI) system to manage enterprise trust relationships

Establish trust relationships external trust between organizations sharing a common identity management strategy

Improve authentication with digital certificates, smart cards and biometrics

Extend single sign-on (SSO) to the Azure and Amazon clouds.

Training program

• Specificities of LDAP directories
  • The specificities of directories with respect to relational databases.
  • The history of X500 in LDAP.
  • The role of the identity repository in the IS.
  • The key concepts of LDAP directories.
  • Topology: replication and distribution.
  • LDAP and DSML protocols.
• Modeling a directory
  • The step-by-step modeling approach.
  • Design of the schema, the LDAP tree.
  • Practical work Based on a directory Open LDAP.
• Choice of tools
  • The state of the art on the market.
  • LDAP server software (Open LDAP, offers from Sun, Novell, Microsoft, Oracle, IBM, etc.
  • ).
  • LDAP client software (Softerra LDAP Browser, Java LDAP Browser, etc.
  • ).
  • Directory connection APIs and frameworks ( JNDI, PerlLDAP, ADSI, PHP-LDAP, etc.
  • ).
  • The strengths and weaknesses of each solution.
• Urbanization approach applied to identity management
  • Mapping of IS repositories.
  • Analysis of the context and needs.
  • Definition of target repositories and their supply circuit (provisioning ).
  • Choice of tools.
  • Design of information flows.
• Directory management tools
  • DCMS tools.
  • Management and presentation of directory content.
  • Management by non-IT profiles.
  • Strengths and weaknesses of each solution.
• Provisioning tools
  • Propagation of identity data.
  • Organize directories feeding processes.
  • The strengths and weaknesses of each solution (Sun, Novell, Microsoft, Oracle, IBM, etc.
  • ).
• Single Sign On and PKI tools
  • Propagate application sessions.
  • Two types of SSO architecture: client/server and reverse proxy.
  • Advantages and limitations.
  • SAML specification.
  • Some market solutions.
  • PKI integration.
• Uses of business directories and ROI
  • Identity data warehouse.
  • Centralized repository.
  • IT management tool.
  • The benefits of data management 'identity.
  • Rationalization of employee management.