At the RSA Conference 2005 show in San Francisco yesterday, the company launched eTrust Identity and Access Management r8, which is said offer a greater amount of integration than its previous IAM offerings.
The version 8 releases of eTrust Admin, Access Control, Single Sign-on and Directory are now built with a common user interface, common installer, common documentation and common software components, the company said.
Older versions can create a user profile with the Admin provisioning software and pass it to the Access Control software, but with r8 it is more seamless and built on standards that enable modules to interoperate with third-party products, CA said.
With all identity management product there are a set of features that overlap, because each was designed to deal with a specific problem, said Bilhar Mann, vice president of eTrust Identity and Access Management at CA.
Working with SPML, the Services Provisioning Markup Language, Admin could create a user role, or Directory could store a user role, that would work with an SPML-compliant third-party access control suite, Mann said.
Each of the four products has had feature upgrades in their new releases. eTrust Admin has a new workflow tool, for example, and eTrust Directory has expanded virtual directory abilities, Mann said.
Access Control has a new policy-learning ability that may take some of the hassle out of creating policies, Mann said. Rather than manually creating the policies, the software can create its own by watching and learning from a period of normal usage.
The software acquired when CA bought Netegrity Inc for $430m last November will be integrated into this modular common architecture in a phased approach that will start bearing fruit in the middle of this year, and should be completed mid-2006, Mann said.
The first part of the integration into CA’s catalog sees Netegrity’s old SiteMinder, TransactionMinder and IdentityMinder Web Edition becoming able to feed data into eTrust Security Command Center, CA’s security event management console.
In its next release, SiteMinder will support XACML, the extensible access control markup language, which will enable the software to push out role-based access policies to other pieces of software, Mann said.
It seems that all of Netegrity’s products, even the ones that had the most significant overlap with CA’s existing line-up, namely identity provisioning, will have a home at CA.
Mann confirmed that the roadmap includes eProvision, the software that Netegrity acquired when it bought Business Layers Inc in early 2004 and had not finished integrating into its own suite when CA snapped it up.
All of Netegrity’s products will be a part of the suite. We will phase them in, with the first phases starting later this year, Mann said. End of lifeing only really starts to happen when you’ve been through two release cycles.
Mann said CA will continue to support and upgrade both eTrust Admin and eProvision for the time being, but will also release a superset product halfway through this year. Users of both will be offered a migration path to this hybrid.
The superset offering will support SPML, enabling it to provision user access privileges to third parties in a federated identity scenario, in much the same way as SAML is used today to federation session-based access privileges.
