What is Advanced Authentication?

bg

Overview

Performance

Because Advanced Authentication has been optimized for performance, organizations continue to appreciate our focus of enabling them to do more with less. Unlike traditional virtualization, containers access the kernel of their host environment externally, which means that there is no need to include OS elements inside a container. This approach makes for more efficient utilization of server hardware that can be achieved with VMs.

Flexibility

From the beginning, Advanced Authentication was engineered from the bottom up to give organizations the flexibility they need to optimize it for their environments. Now, using Docker Containers to keep all of its application dependencies packaged together inside of the same container, Advanced Authentication containers can be executed on any Docker host without the need for manual configuration. This lessens the risk that inconsistencies in the environment will adversely affect a customer's configuration.

Docker containers can interact with any combination of bare-metal, virtualization, hypervisor, and cloud-based technologies. As an added benefit, container technology simplifies the process of effectively managing such complex configurations.

In the case of older applications which may not integrate well with containers, it may not pay to update or refactor them all at once. Instead, a future migration from VM-centric applications to containerized applications can be planned in such a way as to have it happen incrementally as each of these changes is able to be implemented over time.

Security

In that they help organizations segment their access controls to a small microservice level, Docker containers inherently offer a zero trust segmentation approach to security. Docker provides a signing infrastructure that enables administrators to sign container images. Unsigned containers are assumed to be untrusted, which prevents these containers from being deployed. In addition to this, Docker includes container security scanning solutions, which will alert administrators of any signed container images that might have vulnerabilities that could be exploited.

Predictability

Since all the containerized processes that makeup Advanced Authentication are isolated from the host, the risk posed by other processes or environment variables are diminished. In a similar fashion, since the host is not interacting directing with Advanced Authentication’s containerized processes, a higher level of reliability is achieved. All of this results in enhanced predictability when migrating to a new host. Also, because there are standardized interfaces for working with containers, it’s a relatively simple and straightforward task work with them.

Simplified maintenance

Administrators want uncomplicated tools with easy to understand controls which allow them to access more and more powerful features. Because application dependencies are bundled directly into each container, the application infrastructure is less complicated, and the risk of environment-related problems is lessened. This leads to less troubleshooting and thus less cost or effort is expended. Moreover, the Docker Image and Container model and associated APIs are quickly becoming an industry standard with virtually every major operating system having native support for working with these standardized components.

Version control is likewise simplified in that Docker tools make it easy to track successive versions of Advanced Authentication, monitor changes, and, when necessary, roll back to a previous version. Furthermore, containers reuse components from across versions, which economizes on disk space and other resources.

Automated scaling

With distributed configuration storage, dynamic scaling happens automatically along with the associated re-configuration of containers. And this does not require that the containers themselves are dependent on any specific static configuration.

Optimizing Advanced Authentication for the cloud

Docker containers can make public cloud services cheaper by dividing them up into more fine-grained units apportioned across multiple clouds. This approach can be done using multi-cloud management software, which is sometimes referred to as a Cloud Management Platform (CMP). Because of containers’ lightweight execution environments, Docker is a particularly useful tool for creating hybrid cloud deployments. And additional portability can be achieved by moving ancillary services like load balancers, caching and firewalls to yet other cloud-based containers.

Review important related assets:

  • Securing Today's Remote Access
  • Today's Risks Require Tomorrow's Authentication
  • Hard Tokens vs. Soft Tokens

Resources

Assets

Securing Today’s Remote Access
Today’s Risks Require Tomorrow’s Authentication
Hard Tokens vs. Soft Tokens: Why Soft Tokens Are the Better Option
What is Adaptive Access Management?
What Is Identity Governance and Administration?
What Is Zero Trust?
What Is Privileged Access Management?
Customer Identity (CIAM)
Workforce Identity
NetIQ Unplugged YouTube Channel
State of Zero Trust Report
IGA Buyers Guide
KuppingerCole Leadership Compass Report: Access Management
KuppingerCole Leadership Compass Report: Identity Governance and Administration (IGA)
KuppingerCole Leadership Compass Report: Privileged Access Management (PAM)
KuppingerCole Executive View Report: NetIQ Privileged Account Manager (2021)
What is Identity and Access Management?
What Is the Principle of Least Privilege?

Related Products

Access Management for Everything

No need to settle for complexity when you can have SSO everywhere through a single solution.

Learn more ›

Enterprise single sign-on

Streamline user authentication by providing a single login experience.

Learn more ›

A Comprehensive Identity Governance Solution

A business-friendly interface built on a common governance model that spans all of your business processes relating to identity, access, and certification.

Learn more ›
    See all related products
    Netiq Advanced Authentication

    Get started today.

    Learn more