The Smoking Monkey: The Trials and Tribulations of Daniel P. Raskin, Sun Identity Marketing Extraordinaire

At Sun we know that some of our competitors have a sizeable footprint in the traditional web access management space. When I say traditional, I'm referring to web access management solutions designed to support SSO and AuthZ for internal web applications. These solutions tend to be aimed at deployments of 100,000 users or less.

One trend we are seeing is that these old solutions are no longer suitable for many organizations and we are regularly being approached as a fresh alternative to replace these existing solutions and to provide additional federation services. This is due to a number of reasons including:

• The existing solution does not scale for the extranet
  
• The existing solution has never been successfully deployed across an organization
  
• The existing solution does not support federation standards or requires a major upgrade to do so
  

As a result, we are coming across many deal opportunities where we are being asked to replace a proprietary web access management solution over time. That is, the organization wants to move to Sun, but they don't want to completely rip and replace their existing solution due to the fact that they have many agents deployed and do not have the budget or time to replace them all in one fell swoop. In short, when they choose to migrate to Sun's Federated Access Manager (FAM), or OpenSSO (FAM is derived from OpenSSO), they require that the old solution be able to coexist with Sun's solution over a period of time.

The beauty of Sun's solution to this problem is that we can easily co-exist with the 3rd party solution (we've been doing this for years) and federate enable them with a single solution and a single deployment. Since we're the only self-contained java application that does web access management and federation in a single distribution, we are unique in that you can deploy a single .WAR file to address both problems.

Easy to deply. Easy to configure. Robust in its access and federation capabilities.

Even better, FAM's multi-protocol hub can translate federation protocols, such as SAML, WS-FED and ID-FF, and proprietary tokens, such as Oracle, Siteminder and IBM tokens, to create a single "circle of trust" between an IDP and it's partners regardless of what protocols they are using. In short, an organization can migrate to FAM through a pragmatic co-existence strategy and simultaneously federate enable the old and new solution using a single deployment of FAM to solve both problems.

How 'bout 'dem apples!