ID-Unify™

One Too Many Identities

Multiple directory environments pose access policy definition and enforcement challenges that are difficult for many organizations to overcome. These different identity stores may be different instances of a product from the same vendor - such as Microsoft Active Directory instances - or they may be from other vendors. In this situation - when attempting to create global policies for network access control - it is difficult to decide which user identity to assign policy to.

ID-Unify is a deployment enabler for ID-Enforce. It enables virtual identity consolidation across multiple and even disparate identity stores and can be installed anywhere in the network. Integrated into Identisphere Manager, ID-Unify can easily define the data normalization and schema mappings for multiple directory instance consolidation.

How It Works

By virtualizing identities, ID-Unify enables policies to be associated with a normalized, single identity for users that exist in different directories. Once the associations are created, mapping of identities and attributes occurs automatically based upon the rules applied.

ID-Unify requires "read only" rights into each identity store to which it connects. Using the virtual user identity, a user may authenticate to any of the back end data sources. This means there are no issues with synchronization of data since ID-Unify maps requests directly to the associated identity sources. There are no security issues since the underlying authentication sources are still providing authentication of credentials.

ID-Unify provides organizations with the ability to: