Identity Manager 3
Strengths: User interface, flexibility of architecture, design functions
Weaknesses: Very little, but users must plan for implementation
Verdict: A comprehensive package for identity management and provisioning at the enterprise level
Novell have been around since the very early 1980s and will be associated by many with NetWare and, more latterly, their work in the open source area. With offices around the world, the company is active in many technology areas, including consultancy. It is therefore well placed to understand the eccentricities of network access control, corporate directories, provisioning and such like.
The Novell Identity Manager 3 application is aptly named, as there is little to do with identity management that the application cannot do with aplomb. However, it is much more than that, as it also offers a powerful provisioning workflow system and, via Novell SecureLogin and Novell iChain, single sign-on for client server and web-based applications.
That's a lot of functionality to offer, and putting it all together in a robust manner is no mean feat. Fortunately, Novell knows all about networks, directories, disparate O/S architectures and the building blocks to be found within the typical enterprise, and this wealth of knowledge is encapsulated within Identity Manager 3, providing a very comprehensive, robust product.
In simple terms, one may picture the application as an identity vault, used to store data and definitions, coupled to the Identity Manager engine, to manage the flow of data in and out of the vault and between other sub-systems and directories, and the user interface, which uses an abstraction of the data in order to remain flexible without impacting existing directories and datasets. Various drivers tie the whole thing together, ensuring that communication flows smoothly, regardless of the formats used.
If setting all this up sounds like a nightmare, Novell has a pleasant surprise in store, in the shape of the Designer for Identity Manager. This stand-alone module allows drag-and-drop systems design via an intuitive interface, which means you can construct and model various scenarios prior to actual implementation. This is a great help, both from a systems design perspective and to become familiar with the Identity Manager way of going about things. Even better, when you have optimised your systems design, the Designer can automatically generate all the relevant documentation for you. This is an excellent idea, providing an audit trail and design history as well as promoting good design from the outset.
If you are getting the feeling that this is an unusually well-thought through product, you are right. However, it doesn't stop there. Users will appreciate this product just as much. The delightfully clear and purposeful interface allows them to quickly see departmental groupings, complete with "business cards" for individual users and easy navigation through the hierarchy. Even here, there are some nice little touches, such as the ability to click on a user's business card and send them an email.
It almost goes without saying that there are self-serve facilities for password resets and an intuitive workflow for requesting access to additional applications, which allows progress checking at any time in order to monitor the status of approvals. Within this workflow, approving managers may easily see their outstanding requests and respond appropriately. They can also refer approvals if they are in any way unsure of the situation, and all this information will be reflected in the audit trail, enabling the requestor to track the progress of their request. A similar principle may be followed to request inventory, all in a seamless manner that allows the user to stay in control of the overall process.
The administrator, meanwhile, has full information as to who has access to what and can generate a variety of useful reports. Naturally, these workflows may be customised as appropriate, even to the degree of adapting the design of the user interface to incorporate your corporate design schemes.
The closer one looks at Identity Manager 3, the more one is struck that this is an application which really does provide genuinely useful functionality in a way that can save both users and administrators a lot of time. For those struggling to manage disparate directories and user requirements within a complex organisational structure, Identity Manager 3 could be a godsend.
Furthermore, as regulatory compliance is becoming ever more important, the ability to have user identity and access managed in such a coherent manner, irrespective of underlying technologies, will prove invaluable. Add to this single sign-on capabilities with a logical and straightforward administration, and you really have an identity management methodology to satisfy all your needs. And, with Novell's background, it will come as no surprise that both Windows and Unix/Linux environments are catered for, together with flexibility around directories, databases and networks that allow the product to be tailored to pretty much any environment. This is what IT should be like.
In conclusion, this is a very impressive product that should be high on the shortlist of any business looking for identity management. Full marks to Novell for tying this all together in a manner that really does make sense for contemporary organisations.