| Tool Mentor: ITDI - Operate Security Protection Mechanisms |
 |
 |
|
| Related Elements |
|---|
ContextTool mentors explain how a tool can perform tasks, which are part of ITUP processes and activities. The tasks are listed as Related Elements in the Relationships section. You can see the details of how processes and activities are supported by this tool mentor, by clicking the links next to the icons: DetailsAt most firms, there is no single authoritative directory: companies deploy department-specific applications at all levels of the enterprise—resulting in dozens of application-specific directories. These disjointed directories often contain inconsistent identity information, and don't provide the scalability or data integrity enterprise needed to implement solutions, such as user provisioning. Companies need to define the authoritative sources of critical identity attributes to synchronize with all other instance of this data in real-time across the enterprise to maintain data consistency across all their multiple identity repositories. IBM® Tivoli® Directory Integrator is a metadirectory that synchronizes in real-time identity data residing across IBM and non-IBM directories, databases, and applications. Its open, Java™-based architecture fits into a wide variety of customer environments with minimal disruptions. TDI can provide an authoritative view of directory-based identity information by synchronizing to any data store. ITDI's distributed architecture does not require an inflexible, centralized data store, as other leading offerings demand. By synchronizing data among the local data stores, IBM Tivoli Directory Integrator allows local departments to manage the data they know best while using the tools that make them most productive. This scalable, flexible architecture, based on a nonpersistent data store, uses resources more efficiently than solutions that demand the centralization of all resources. ITDI creates intelligent, multidirectional data flows called AssemblyLines, which can span multiple sources and targets of data for rapid deployment and easy extension. The Event-driven engine enables real-time two-way integration with other enterprise systems. Connectors and parsers within Directory Integrator allow for connectivity to a wide range of systems and a number of protocols. IBM Tivoli Directory Integrator development environment graphical user interface (GUI) discovers the schemas of the target systems and eases the development, testing, deployment, maintenance and support of the integrated enterprise identity infrastructure. The highly-productive Connector development environment and selection of prebuilt Connectors and event-handling mechanisms ease integration with virtually any application or directory. For some instances, directory attribute synchronization can be problematic. For example, this might occur when identity attributes must span multiple authoritative sources, or when internal politics prevent agreement on which is the authoritative source. In this case, enterprise might prefer a virtual directory approach, where data from disparate sources can be aggregated without any overwriting. IBM Tivoli Access Manager, for example, could require the identity data from different authoritative directories. Since there will still be metadirectory requirements, this often requires maintaining two different tools and two different skill sets, and migration from one approach to the other is complex. IBM Tivoli Directory Integrator supports certain virtual directory use cases, such that both requirements might well be satisfied by one tool. IBM Tivoli Directory Integrator provides the real-time, authoritative identity data infrastructure needed to support on demand applications such as enterprise security, integrating tightly with IBM e-business infrastructure software, including IBM WebSphere® middleware and Tivoli identity management. ITDI enhances the effectiveness and productivity of user management solutions like IBM Tivoli Access Manager and Identity Manager for role-based access control, user provisioning, delegated administration, and self-service. For More InformationFor more information about this tool, click on the link for this tool at the top of this page. |
©Copyright IBM Corp. 2005, 2008. All Rights Reserved. |