LEVERAGING ITS average talents in safety and authentication, Netegrity has straight away won a leadership place within the rising id management house. test middle Director Steve Gillmor and InfoWorld editors sat down with Netegrity CEO Barry Bycoff and CTO Deepak Taneja to discuss Netegrity's built-in approach, business portals, and the have an impact on of net services.
InfoWorld: are you able to supply me an replace on Netegrity and what's going on with the company?InfoWorld: So why do you believe the id management stuff and the authentication stuff and the portal stuff has to be integrated? because other individuals would argue -- whether it be Plumtree or Epicentric -- that you simply're at an advantage having them as separate layers?
Bycoff: with ease this. You cannot provide the security -- each within the portlet or in the software itself on the lower back conclusion -- vital to in fact get satisfactory-grained transactions happening on the portal itself. Secondly, all you're doing is replicating the administrative initiatives required for access, for roles, for workflow.The 2d argument is truly a technical argument, and that says, seem to be, the coupling between these layers is really so robust, their relationships are so strong, the variety of contact features is so many, that pondering of them as separate layers is only a bad concept. and that i suppose individuals settle for the undeniable fact that there are lots of these contact points between entry control and identification administration. I believe there's a lot more resistance after they speak in regards to the contact points between entry handle, id management, and the portal; americans are much less inclined to believe that the portal should be a part of this combine. And so that's once they have to give them examples of the contact elements. The average portal nowadays may have its personal person administration save, it will have its own user repository. are you able to leverage an LDAP's repository without delay over SSL from a portal? The reply is no. There is only one portal on this planet that may do this, and that's the portal that Netegrity builds, built-in with their SiteMinder product. the entire other portals on this planet will say, neatly, you [can] access your LDAP without delay from SSL in case you like, but then they are going to synchronize with that LDAP without delay the use of their own synchronization tool." [The problem with that is] the synchronization equipment aren't comfy and do not function over SSL, and synchronization adds yet a further layer of administration, yet an additional failure factor -- not to point out that there is a time change [between] when a consumer's profile adjustments within the directory and when it alterations in the meta-keep that the portal makes use of.
InfoWorld: lots of people appear to connect identification management and authentication, and positively Netegrity looks to have its manufacturer graphic associated with that house greater than portals. but is it basically a protection query or is it more an entry to functions challenge that looks to be riding the space?
Bycoff: I consider it is access to functions, and comfortable access to purposes. So I do not suppose which you could look at one or the other and say, or not it's this subject. When their valued clientele see their capabilities relative to utility integration and portlet wiring and securing the access to this, they get very excited. They view the portal as variety of the gateway to the commercial enterprise. lots the equal method as you view access control and identity. The portal is pushed off of identification-primarily based capabilities.
InfoWorld: How would you examine and contrast yourselves to all of the different players during this house, even if it be Oblix or Open community or CA or Tivoli or sun?
Bycoff: They had been the primary mover. The rest have sort of adopted. And in case you consider the Meta group, they own about 75 % of the market. They dominate the important agencies. they now have deployments that lengthen well beyond 3 to four million users. no one else can exhibit that.
in case you examine just the entry control [space], it is how we'd separate ourselves from the Oblixes of the area, the CAs of the area. but as they circulation ahead, we're speakme a couple of deeply built-in set of items with this common, single point of administration and a extremely tightly integrated platform for proposing a single view of the enterprise, or a gateway to the business. I feel this thought is an extra first mover capabilities for Netegrity.
InfoWorld: What's your take on Microsoft? because they're out now speaking concerning the wonders of integrating the portal with the office suite and throwing CRM in on accurate of that and whatever else they can find.
Taneja: Microsoft is late to the portal celebration, but they have in mind the implications of the portal. They needless to say the portal might become, and is likely to become, the laptop or Webtop of the longer term. and that i feel they are actually looking at, as they always do, leveraging their key electricity in areas comparable to primary business purposes, like office and e-mail systems etc, into a better portal story. I believe they are able to expect them to tightly combine their content material administration, their mail techniques, their workplace purposes, and so on, with a portal. And besides the fact that that portal, in and of itself, could no longer be very first rate -- and isn't very good right now, certainly -- they'll use the undeniable fact that or not it's integrated with programs which have dominant market share to try and gain world market share.
InfoWorld: you have bought an built-in suite of items popping out within the fourth quarter. What's subsequent?
Taneja: We're making an attempt to do two things. First, we'll stream towards the subsequent degree of integration. now they have integrated reasonably somewhat in this [upcoming] liberate, but they will go even further. They desire this to be so compelling that the CIOs of Fortune 500 organizations don't even look at other providers' products. And to do that the administration fashions ought to be absolutely integrated and absolutely normal. So we'll shoot for that next stage of deeper integration going forward. No. 2 is on the identification management side. They should complete their vision with an end-to-conclusion id administration answer that comprises the provisioning of consumer entry rights via business functions. and that is something they won't have in the edition of the platform it truly is transport in October. This platform might be in a position to provision users to LDAP directories, that are customarily used for controlling access to web purposes. They want to be the single aspect of administration for identities for the entire commercial enterprise, and to do that they need a provisioning engine as a part of their platform. They need adapters for SAP, PeopleSoft, Siebel, Microsoft, alternate, Lotus Notes -- the precise 15 [or] true 20 applications and environments obtainable in agencies. So this is a key focus for us going ahead.
And third, they have a big effort on the net features front, so we're going to take their web capabilities story ahead, from an administration standpoint, to make it truly easy for americans to provision, cozy, and manipulate net features from their platform. they will take that a pair steps additional beyond October. we're going to give UDDI integration; there will be a UDDI registry that might be a part of their platform. they will make the technique of disclosing web features even less demanding than it is with this [upcoming] release. we're going to give more advantageous internet services choreography, so while they now have a workflow engine during this liberate, we're now not truly choreographing net services the way the Fidelitys and E-Trades of the realm want us to. We're getting loads of feedback right now from the beta websites that are the usage of their portal and their TransactionMinder web functions safety product. And that'll support us additional great-tune the net services story. So those are the three key areas for us with the 6.0 platform, which we're attempting to have transport across the core of subsequent yr.
InfoWorld: What's your take on internet services and on who's riding the requirements procedure?
Bycoff: We're very lively within the web services house from a product element of view. they have now made some bulletins at Catalyst that in the event you mix their portal product with the new security product we've popping out within the fourth quarter [TransactionMinder], that you may discover, you can at ease, which you can seriously change, and you'll manipulate web capabilities during the mixture of their products. We're feeling very, very good [about] having taken their answer into the web capabilities house, being forward of the competition [there]. What we're avoiding is the advent of internet capabilities. The main players -- Microsoft, solar, IBM -- they'll undoubtedly be the major players in the introduction of web functions themselves. however within the different areas of administration, they think surprisingly advantaged in proposing the infrastructure for administration via internet services, each intra-commercial enterprise and pass-enterprise.
Taneja: [The standards process] is everywhere and it's irritating. it's simply as hard for us as vendors to deal with all of that as it is that you should track what's happening. To a degree, within the net services house, the standardization exercise as been hijacked via Microsoft, IBM, and sun. Microsoft and IBM probably greater than solar. sun's late to the celebration. And it's very political, even more so than it's within the J2EE world. within the Java world, to a point, sun is controlling the exhibit, so there's at least only 1 location to go to to peer what the hell's occurring. it really is now not authentic with internet features. and that i do not know what to inform you apart from I feel loads of these specifications won't go anyplace. loads of these businesses and alliances may not produce anything else that is effective.
InfoWorld: On the one hand they appear to have a spec from the liberty community, then we've Microsoft, after which they have the XNS neighborhood. are you able to type out for us all of the federation strategies obtainable?
Bycoff: You outlined internet features and Liberty. we've got been requested to turn into a founding member of WS1. we're very active [as a] sponsor of the freedom Alliance. So we're all about necessities. this is the business that developed the predecessor to SAML [Security Assertion Markup Language], in advance of turning it over to OASIS. So we're promoting necessities. this is their way of successful. retaining their structure open is yet another essential focal point for us, because they realize that there are aggressive products out there and they should help open standards like JSR168 [for] portal interoperability and some of the provisioning requisites which are coming. So we're very active [in support of] standards and their structure is awfully open, on account of the environments they support.