Infoworld, January 16, 2003
Netegrity Adds Provisioning
|The race to offer integrated identity management software packages heated up Thursday with the announcement that identity and access management company Netegrity will license provisioning components of Business Layers's eProvision Software.
The Business Layers components will be integrated with Netegrity's identity management products, which include IdentityMinder, in two phases, with the first release scheduled for the first quarter of 2003 and another in the second half of the year, according to Netegrity.
In the first phase, Netegrity and Business Layers will market their products jointly, targeting customers who can tie both Netegrity's IdentityMinder and Business Layers' eProvision products in to user directories based on Lightweight Directory Access Protocol (LDAP), said Deepak Taneja, chief technology officer at Netegrity.
Full integration of the IdentityMinder and eProvision products later this year will feature a common workflow, including approval processes and delegation, which is the ability to assign individuals the right to manage user accounts and responsibilities, Taneja said.
Netegrity introduced IdentityMinder in December. The product was built on the foundation of the company's existing SiteMinder user authentication software, adding workflow features and integrated tools to SiteMinder that help administrators create and manage user accounts in heterogenous network environments.
For example, using IdentityMinder, administrators can automate tasks such as those required to approve a new user, create a new user group, or change an existing user's access privileges.
The eProvision components will add a provisioning capability to the mix, so that administrators can allocate resources to employees including e-mail accounts, access to network directories, databases, applications and so on.
In addition to setting up user accounts and access to resources, eProvision allows administrators to manage those digital identities as they change and quickly revoke access when customers or employees terminate their relationship or leave a company - a process sometimes referred to as "deprovisioning."
In recent months New Jersey-based Business Layers found a ready market for its provisioning technology, striking a deal to integrate eProvision into Schlumberger's DeXa.Badge product in October.
On Thursday the company announced that, in addition to Netegrity, it reached a deal with SAP to integrate eProvision with SAP's NetWeaver product, adding provisioning for users of SAP's applications.
Although internal development and acquisitions were all considered by Netegrity in its efforts to acquire a provisioning capability, neither option struck the company as in its long-term interests, according to Taneja.
"We considered acquisition, but that wasn't doable. In terms of development, it didn't make sense to build something that was already on the market," Taneja said.
Industry analysts think Netegrity did well to move on the provisioning front, even if it was with another company's technology.
"Its a good thing for Netegrity to get provisioning. It allows them to keep up with the marketplace, given the movement by other vendors," said Charles Kolodgy, a research manager at IDC.
In addition to competing with IBM, which added identity management technology from its purchase of Access360 to the Tivoli product line, Netegrity must fend off a host of other competitors in the hot identity management space, including RSA Security, Entrust and Oblix, according to Kolodgy.
In a sign of the intense competition within the identity management space, IBM issued a statement today responding to the Netegrity announcement.
"Netegrity has talked about adding this functionality through acquisition, internal development and finally an OEM deal. Netegrity's move is yet another proof point that the industry is looking for an integrated approach to identity management ... Since last April, IBM has been making strides to this end, " IBM said.
Netegrity will still offer a competitive alternative to IBM, even when the Access360 integration is complete, Taneja said.
"I don't know how long it's going to take IBM to integrate the Access360 code, but we feel good about the Business Layers technology. It's easy to deploy and install. The ROI (return on investment) is quick. The agents and connectors are easy to get going. All of that will be harder with Access360 technology running on a WebSphere platform," Taneja said.