|
The benefits of a Single Sign-On solution are well-known:
- Improved security, since users will not defeat the purpose of passwords by writing them down, posting them on their workstations, or using easy-to-guess strings such as the names of their pet.
- Reduced help desk costs, since fewer users will call for password resets or other password issues that eat up support time.
- Better productivity for users, since they will be able to access enterprise applications on any platform without needing to learn or remember how to logon to each one.
To realize these gains in your enterprise, however, you must carefully evaluate your options and select the solution that can truly deliver these benefits.
This Evaluator's Guide is intended to help you in that process.
Determining your requirements
To successfully deploy Single Sign-On today, most organizations have a set of key requirements that must be met. Here are some of the most common requirements expressed by organizations seeking Single Sign-On.
- You have a multitude of existing applications on multiple platforms-Windows, Web and legacy-that need to be integrated quickly into the Single Sign-On solution, with a minimum of effort.
- You need a highly available and scalable architecture.
- You need the lowest possible Total Cost of Ownership and the smallest possible IT management burden.
- You need a flexible authentication scheme that supports your choice of current and future technologies.
- You need a solution transparent to users that will not disrupt their daily routines.
This Evaluator's Guide describes how Focal Point meets all these requirements, and will help your enterprise gain all the benefits of a well-implemented Single-Sign On solution.
Quick Integration of Applications
To help evaluate competing Single Sign-On solutions, many IT departments challenge a short list of vendors to integrate a test set of applications. Using Focal Point's built-in tools, our consultants routinely succeed in integrating more applications in less time than any other vendor.
Why is it faster to integrate applications with Focal Point?
To start, Focal Point's design supports every major platform used by any modern enterprise. As well, Focal Point uses a more flexible set of integration tools, including an innovative set of software agents driven by XML parameter files that can handle most existing applications on any platform.
Multi-platform support
Focal Point supports every major platform used today.
The Focal Point client is designed for a heterogeneous network with workstations running any combination of Windows 95/98/ME/NT/2000/XP, Web browsers, Citrix, Linux, NCR UNIX and/or Solaris. The Focal Point server runs under Windows NT4 with Service Pack 5 or higher/Terminal Server/Windows 2000/XP/2003 or .NET.
The target applications for Single Sign-On can run on any platform accessible to the network including mainframes (OS/380, AS/400, Tandem and others), UNIX servers, Web servers, Windows NT/Terminal Server/2000/XP and .NET servers, Citrix, Novell NetWare, corporate databases, Lotus Domino and others.
Solid experience and support for all these environments ensures that your Single Sign-On system will be quickly rolled out to all your users, no matter what workstation and applications they need.
Flexible integration tools: agents and XML
As shown in Figure 1, Focal Point uses a flexible set of tools for integrating applications. At the highest level, a Wizard provides an easy-to-use GUI suitable for integrating common applications. The Wizard outputs one or more XML parameter files.
These XML parameter files provide a powerful and versatile mechanism for automating the logon process to any application. For more flexibility, these XML files can also be edited or hand-tuned using any standard XML editor or word processor.
The XML parameters are fed to one or more software agents to handle applications on specific platforms such as Win32, Web, terminal-based and on so. Additional agents are being developed to provide tight integration with other popular environments such as Java.
The Win32 Agent handles any application running under any 32-bit version of Windows including 95/98/ME/NT/2000 or XP. This agent uses the Win32 API to register in the Windows event loop. Whenever a relevant event occurs, such as opening a login or password dialog box or calling another application, the Win32 agent is triggered. The agent then loads the XML parameter file and takes the appropriate action.
The Web Agent handles any Web application accessed through any popular Web browser. The Web agent is launched as soon as the user starts a Web browser. This agent uses the published APIs for these browsers to deal with any relevant event that can occur, such as opening another window for a different URL.
|
