Introduction
Evidian ID SynchronizationEvidian User Provisioning
From one single console, depending on security policy, Evidian User Provisioning allows you to provision user accounts and user information automatically on heterogeneous environments distributed over the enterprise: servers, applications, remote access systems..
Thanks to IAM Suite agents and connectors (see diagram, steps 3 and 4), the console ensures policy-based and automated bi-directional synchronization with the target platforms and removes the need for repetitive and time-consuming security administration tasks.
Provisioning from a single console
The most frequent and most important related operations consist in provisioning users or groups of users to the applications or groups of applications for which they have access rights.
Evidian User Provisioning makes it possible to do this automatically, on heterogeneous environments distributed over the enterprise, thanks to its unified and homogeneous administration tool. This increases the productivity of security administration.
However, since the general philosophy of IAM Suite is to allow smooth integration into a given customer’s environment and organization, it is also possible to allow local administrators to set up an access control policy for certain applications or systems. In this case, the bi-directional synchronization capability of User Provisioning manager will allow the security administrator to reconcile all the various policies within IAM Suite.
The secondary passwords that grant access to the authorized target systems are generated automatically by Evidian User Provisioning. The administrator can change the secondary identifier and the secondary password via a form-based interface. At this stage, the administrator can add security parameters when registering the user for an application.
A group of applications gathers several applications into one list in order to easily automate subsequent registration of users for this group of applications.
Provisioning agents and connectors
Standard provisioning agents and connectors ensure bi-directional synchronization with the target applications. This guarantees uniform adherence to corporate security policies, while relieving security officers of repetitive, time-consuming, error-prone configuration tasks.
A Generic Connector makes it possible to manage specific applications that are not supported in the standard catalog. Evidian continuously extends the family of its agents and connectors in order to speed up customers’ deployments. All the administrative exchanges between User Provisioning and the agents are tunneled, with 128-bit encryption.
