Interested in getting more info?
 
Interested in Learning More?
* Required fields
Name:*
Company:
Phone:*
Email:*
How    Heard?:*
Type in Code:* Security Image
News / Webinars

PRESS RELEASES

January 5, 2010
Emergent Signs as an Aegis Identity Appliance Reseller 
>Learn More

January 1, 2010
New Sun-based AegisUSA appliance brings easily managed, scalable IdM to every company
>Learn More

December 16, 2009
Versatile Systems Signs as an Aegis Identity Appliance Reseller 
>Learn More

October 8, 2009
The Root Group Becomes a Reseller Partner of Aegis Identity Appliances
 >Learn More

IdM WEBINARS

"Fine-Grained Authorization" 
>View and Listen 

"Best Practices for Defining Identity Management Workflows and Policies" 
>View and Listen

 

Federated Identity Appliance for the InCommon™ Federation

Universities are continually challenged to provide students, faculty, and staff with access to protected external resources such as Apple iTunesU, Turnitin, external libraries and other collaborative resources. Federated identity, also known as external single sign-on, eliminates the need for organizations and partners to manage accounts, passwords, and credentials for this external access through the use of single sign-on using existing, internal university credentials. Federated SSO consists of Identity Providers (IDPs) and Service Providers (SPs). An identity provider handles the authentication of the user to validate that they are indeed an active member of the IDP’s organization. A Service Provider represents an organization wishing to allow external users to access their resources (e.g., Microsoft Dreamspark). The InCommon Federation provides a valuable service to both universities and their partners by acting as a hub for multiple federation partners. Without InCommon, each university would need to create a point-to-point federation with each service provider, increasing cost and complexity for both the universities and the service providers.

Figure 1: Federated Hub

Aegis Appliance Solution

AegisUSA offers a plug-and-play Identity Provider appliance solution that allows universities to join InCommon without the need to have a Shibboleth expert on staff. The appliance is available in two formats, either hardware-based or VMWare, and is configured for redundancy and failover.
The appliance leverages existing credentials by integrating with Microsoft Active Directory or other LDAP directories for authentication and authorization. The Aegis Appliance provides turnkey technical infrastructure, allowing staff to focus on the business, legal, and end-user aspects of rolling out a federated SSO solution.
Figure 2: Appliance Benefits

Aegis’s Identity Appliance Infrastructure

Aegis USA offers multiple identity appliance configurations to meet our customer’s needs as well as their current infrastructure preferences. These options include appliances built on Oracle’s Identity Suite, open source software, or the legacy Sun Identity Suite. Together with redundant hardware, AegisUSA provides a hardened, robust, 24x7, highly scalable, high-performance identity solution that is revolutionary in the market today.
Figure 3: Aegis Appliance Options
 

Conclusion

Aegis’s Federated Identity Appliance for the InCommon Federation provides an opportunity for universities to quickly expand their reach by providing turn-key infrastructure necessary for enabling federated/external SSO to InCommon’s Service Provider members.
In addition, the Aegis Appliance allows for future IAM initiatives such as provisioning, SSO, and password management to leverage the pre-configured appliance infrastructure.
Figure 4: Aegis Identity Appliances

Universities are continually challenged to provide users with access to protected external resources such as Apple iTunesU, Turnitin, and collaborative library resources. The InCommon Federation eliminates the need for universities and partners to manage accounts, passwords, and credentials for this external access through the use of Single Sign-on using existing university-credentials. Joining the InCommon federation is a multi-step process involving legal agreements, documentation of organizational identity practices, verification of eligibility, and finally, technical infrastructure.

* InCommon is a registered trademark or trademarks of the University Corporation for Advanced Internet Development and/or InCommon, LLC in the United States and/or other countries.