Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IAM Suites

Not Just Set and Forget

An IAM implementation involves more than buying the software and setting aside a few days to install it. It requires considerable planning and may demand consultants; we list some of the resource and identity-store information you'll need to gather in "Roll Out the Red Carpet,". All the products we tested scaled well for thousands of simultaneous users, and any will meet most enterprise needs. The major variables are the products' features and ease of use.

All the products are priced per user, and most require a minimum of 1,000 users. Per-user prices range from $20 to $50, but beware the hidden costs: All the vendors recommend consulting services. A global IAM consultant told us IAM implementation typically takes six months, and more than a year for large enterprises.

With the exception of Novell, which offers only a reverse-proxy mode, all the vendors provide both agent and proxy approaches. To implement agents, you typically install an ISAPI/NSAPI filter on each Web server that will be part of the IAM infrastructure. In the long run, an agent approach might require extra maintenance, but it will provide more granular control. On the other hand, a reverse proxy, which is placed between the client and the Web servers, requires no server modifications. It's a good choice for shops using a Web server for which the vendor doesn't offer a Web agent, such as older versions or unsupported platforms. In addition to required changes in the network configuration, performance could be a problem with a reverse proxy unless you use a redundant/load-balanced architecture, because all traffic must be routed through the proxy rather than distributed across many servers.

Our Impressions

  • 1