Is Vaau a wow?

Identity Management This newsletter is sponsored by Akamai Technologies Perk up apps with Web acceleration Discover why one enterprise made the decision to go with a managed Web application service provider to improve application performance. This IT shop decided that a distributed datacenter was too costly and is now reaping the benefits of outsourcing. Its once sluggish application is now chugging along. Network World's Identity Management Newsletter, 08/06/07 Is Vaau a wow? By Dave Kearns When it comes to discussing roles, role management, role mining and role-based access control (RBAC) I do tend to start with Bridgestream and Eurikify. They represent two different approaches to defining roles and so eminently qualify as examples. But there are other companies in the space, and I want to talk about one of them today - Vaau. Vaau isn’t a complete stranger to this newsletter, having been mentioned twice. Once after this year’s Catalyst conference and once after last year’s conference, when I listed it last in a string of role-related vendors. You might expect that it would be chiding me over this, but the ever so polite EMEA Director of Operations, Mel Holloway, wrote in an e-mail: “Please excuse this approach I am not a spammer, I am a fan (that’s stalker talk!!!).” He did catch my attention and reminded me to take a closer look at Vaau. Vaau’s RBACx is based, says the company, on “role engineering.” This role and rule engineering engine is used for role mining, rule mining, identity correlation, and access clustering. RBACx also uses advanced data mining algorithms to identify user access correlations across key applications, and uses that information to develop and suggest application and enterprise level roles and rules. Network World Security Buyers Guide Find the right security products for your enterprise - fast. From anti-spam to wireless LAN security, our Buyers Guides have detailed information on hundreds of products in more than 20 categories. With the side-by-side comparison tool you can evaluate product features to make the best decision for your enterprise. Click here to go to the Security Buyers Guide now. Vaau’s approach is to define multiple processes for roles: * Role mining engine: A hybrid approach to role engineering, looking at a combination of organizational characteristics, user attributes and characteristics and user’s current accounts and entitlements. * Rule definition: Ability to generate rules from the role mining engine, assigned when new users are created or when accounts and entitlements are imported into RBACx. * Roles based on template users: Once the accounts and entitlements of user are imported into RBACx, new roles can be created based on the existing access of some template users. * Import of existing roles from an authoritative source: RBACx has the ability to import roles from any authoritative source, like ERP, mainframe or an existing identity management system. Once imported, the content of these roles can be refined to obtain enterprise roles. * Role vs. actual analysis: After the roles are defined in RBACx an analysis can run and RBACx can search for exceptions where user’s actual access does not match his/her role based access. This can be used to refine the role content prior to pushing the roles to the provisioning solution. * Role lifecycle management: Integrity of enterprise roles is maintained through a process of continuously monitoring exceptions their supporting business processes. As part of that lifecycle management, RBACx provides for: * Role certification by business unit managers * Role certification by role owners * Continuous monitoring of actual vs. assigned exceptions * Role approval workflow * Temporary assignment of roles to users * End dating role - user relationship * Role consolidation If you’re considering RBAC for your organization (and you should be) check Vauu’s methodology and schedule a free demo. It could be just what you’re looking for. Editor's Note: Starting Aug. 13, this newsletter will be renamed "Security: Identity Management" to better reflect the focus of the newsletter. We thank you for reading Network World newsletters!   What do you think? Post a comment on this newsletter

TODAY'S MOST-READ STORIES: 1. Do Not Call Registry gets wake-up call 2. IBM saves $250M with Linux-run mainframes 3. NAC alternatives hit the mark 4. Cisco muffles Linksys death knell 5. Nortel lands huge $300M VoIP win 6. Hogwarts IT director quits 7. Online gamers' dirty little secrets exposed 8. Massachusetts adopts Open XML 9. Wireless LAN best practices 10. Forget your PIN? Use your face MOST DOWNLOADED PODCAST: Twisted Pair: One year later, we're still wasting time

Contact the author: Dave Kearns is a writer and consultant in Silicon Valley. He's written a number of books including the (sadly) now out of print "Peter Norton's Complete Guide to Networks." His musings can be found at Virtual Quill. Kearns is the author of two Network World Newsletters: Windows Networking Strategies, and Identity Management. Comments about these newsletters should be sent to him at these respective addresses: windows@vquill.com, identity@vquill.com . Kearns provides content services to network vendors: books, manuals, white papers, lectures and seminars, marketing, technical marketing and support documents. Virtual Quill provides "words to sell by..." Find out more by e-mail. This newsletter is sponsored by Akamai Technologies Perk up apps with Web acceleration Discover why one enterprise made the decision to go with a managed Web application service provider to improve application performance. This IT shop decided that a distributed datacenter was too costly and is now reaping the benefits of outsourcing. Its once sluggish application is now chugging along. ARCHIVE Archive of the Identity Management Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007