Evidian Announces AccessMaster NG – A New Generation Software Suite to Secure The Extended Enterprise

Paris, October 7th, 2003: Evidian, a subsidiary of Bull specialised in secure management software, today announced AccessMaster NG, a new-generation enterprise security management software suite, resulting from the major evolution and integration of its AccessMaster and PortalXpert software suites, already recognised as leading security management software solutions.

Answering the complexity of identity and access management in heterogeneous environments

AccessMaster NG has been designed to answer the needs of enterprises that want to deploy consistent security policies, with rapid return on investment (ROI). The first comprehensive, integrated and modular identity and access management software suite, AccessMaster NG satisfies in a simple way the security needs of networked enterprises.

Comprehensive, AccessMaster NG covers most environments (web, mainframes, Citrix, Windows, Unix, Linux), directories (OpenLdap, Microsoft, Sun, Novell, IBM), authentication modes (password, token, certificate, biometrics?) and organisation (centralised, decentralised and multi-domains). Integrated, it enables consistent identity and access management, from web to legacy. Modular, it allows organisations to manage their security progressively according to their priorities, while opening to future evolutions in complete flexibility.

Relying on Evidian’s recognised technology in access control for distributed environments, Single-Sign-On (SSO) and integrated security policy management, AccessMaster NG offers numerous new features:

Unified identity and access management, from web to legacy – AccessMaster NG allows to globally manage profiles and rights, all along the user life cycle through a direct interface with the multiple LDAP directories of the enterprise, its subsidiaries and -possibly- its partners. This open, unified approach for both web and non-web environments favours flexible and consistent user management, leveraging the existing directories (employee directory from HR, e-business community directory, subsidiary directory, customer directory?) without imposing the deployment of a unique, centralised directory.

The support of multi-domain security policies – In the extended enterprise, as in e-business communities, users are not always all managed in a purely centralised way. Regional branches, subsidiaries or even partners can choose to manage their own users independently. Compliance with the SAML standard allows AccessMaster NG security servers within an organisation to verify third-party users’ identities from the security servers of the domain they belong to (subsidiary, partner?). Once the third-party users are authenticated, they can be dynamically assigned the appropriate access rights depending on the level of trust granted to the third-party organisation. This flexible approach – distinguishing authentication and access control — solves in a simple way the exponential complexity of user management between multiple distinct organisations.

Advanced and customisable delegated management, user self-service and approval workflow – Adapting to the distributed security policies of each enterprise, all the AccessMaster NG modules now integrate advanced and customisable delegated management, user self-service and approval workflow functions. An approval workflow procedure makes it possible to automatically escalate requests for account creation, modification or revocation to the appropriate decision levels: operational managers, human resources, etc.

Advanced certificate and cryptocard management; even in heterogeneous environments – While offering its own registration and certification authorities, AccessMaster NG also interfaces with the main certification authorities on the market (Microsoft, Sun, Entrust?). This facilitates a consistent Public Key Infrastructure (PKI) management, even in heterogeneous, multi-PKI environments, such as federations of partners.

A flexible, modular architecture – Whether they plan to deploy an entry-level SSO, control access for key applications or manage identities, enterprises can choose to deploy a single or several AccessMaster NG modules. Independent, these modules allow simple deployment, with rapid ROI. Integrated, they natively interoperate with the other modules, which can be added one by one, as needed. AccessMaster NG modules also interoperate easily with other market solutions, notably in identity management, thus offering great flexibility.

A broad set of APIs – AccessMaster NG Application Programming Interfaces (APIs) have been extended, allowing enterprises and integrators to easily interface AccessMaster NG with third-party solutions, as well as to develop specific new functionality rapidly.


The first truly comprehensive, integrated and modular identity and access management software suite for the enterprise

AccessMaster architecture has been reviewed to allow progressive deployment of security policies, with rapid ROI at each step. AccessMaster NG now comprises eight independent and complementary modules, answering three kinds of need: identity management, secure access control, and plug-and-play single sign-on.

Identity management
Evidian Identity Manager: consistent management of employees, partners and customers, within multiple LDAP directories (MS Active Directory, OpenLDAP, Sun ONE Directory, Novell e-Directory, IBM Lotus Directory,).

Evidian Provisioning Manager: Automation of user management across distributed enterprise systems and applications, with dedicated agents: Windows NT/2000/2003, Unix, Linux, MVS, GCOS, SAP, Lotus Notes, Netware, MS Exchange, MS SQL Server, Evidian Certificate Manager: creation, certification, storage and revocation of keys and cryptocards.

Evidian Approval Workflow: approval cycle management of user profiles and rights (creation, modification and revocation) by the appropriate managers: operations, IT, security, HR, etc.

Secure access control
Evidian Secure Access Manager-Web Edition: Centralised management of authentication, access control and audit, in Internet and Intranet environments.

Evidian Secure Access Manager-Standard Edition: Centralised management of authentication, access control and audit, in client-server and mainframe environments.

Plug-and-play single sign-on
Evidian SSO Xpress-Web Edition: Plug-and-play SSO for web environments. This is an entry-level web SSO module, able to evolve towards Secure Access Manager-Web Edition.
Evidian SSO Xpress-Standard Edition: Plug-and-play SSO for Windows environments. This is an entry level-web SSO module, able to evolve towards Secure Access Manager – Standard Edition.

Independent and integrated, each module natively interoperates with other modules, which can therefore be added progressively when needed, making it possible to set up a global and integrated security policy.

Proven technology
AccessMaster NG is developed by Evidian, recognised as the European leader in access control and user management software. In 2000, 2001, and again in 2002, Evidian’s offer received the worldwide ‘Best Access Control Solution’ award from SC Magazine, the premier magazine in IT security. Leading corporations, government organisations, banking, financial, and manufacturing companies around the world rely on Evidian to secure their IT and telecom infrastructure. Customers include EADS (European Aeronautic Defence and Space Company), CNAM (the French health system) and T-Mobile (the leading German mobile operator).

Availability
AccessMaster NG will be available as of October 2003, except Certificate Manager and SSO Xpress -Standard Edition modules, which will be available in December 2003, and Approval workflow, which will be available in the first semester of 2004. The AccessMaster NG security server is available on Windows 2000 and 2003, AIX and Solaris, plus Linux for the SSO Xpress-Web Edition server.

Architecture schema and screenshots
An architecture schema and screenshots of AccessMaster NG management interface are available at: http://www.evidian.com/press/resources/index.htm

About Evidian
Bull’s mission is to provide to targeted customers seamless and open IT solutions, going from server design and manufacturing for secure networked infrastructures, to applications design, integration and outsourcing. Evidian is Bull’s secure management software unit. Evidian is a leading international player in security and service management software, in particular with its AccessMaster and OpenMaster software suites.