I want to share the status of the Identity and Access Management (Id&AM) Portfolio offered by Microsoft with you. First begin with “What is Id&AM for the enterprise?” The following approach is the one that Oracle proposes:
My first thoughts about this scope proposed by Oracle is that they do not consider a long term Strong User Authentication strategy moving from Password Auth to SmartCard Auth.
Which is the value proposition from Microsoft? The identity portfolio has grown significantly since FY06 (when only AD and MIIS where MS players) that now we have a value proposition based on 5 Identity Management Pillars which (besides they are are product-centric) covers many of the aspects that the industry considers in the scope of Id&AM:
1) Lifecycle management: Password Sync + Certificate Mgmt + Identity provisioning
2) Information Protection: Message Encrypting + Rights Management
3) Federated Identity: Web single-sign-on. Federated Identity.
4) Strong Auth: SmartCard based auth built upon a PKI Infrastructure.
5) Directory services: Central identity repository. Authentication and role-based authorization.
As a context, Microsoft is beginning to build his identity portfolio (More focused since FY06) and now is beginning to be considered a challenger in the identity industry.
Below the Gartner magic quadrants for Web Access Management and User Provisioning.
Today Microsoft Identity Portfolio has many flaws, which you need to cover with partners solutions to gain full coverage of the Identity management needs on the Enterprise. The main flaws are regarding reporting and having a true single-sign-on framework which (again) you can only gain taking profit of partners solutions (like Quest for example)
See you soon!