Identity Management for Networks on the Rise
The notion of applying the same concepts to networks as found in IdM for applications is gaining momentum. As I talk to prospective customers and at speaking events I get questions like, “How is this different from a RADIUS server?” much less often. Folks are starting to grasp the interdependency of identity, policy, authentication and authorization and the requirement to add a layer of intelligence to networks in a heterogeneous way. Last year Eric Norlin started a conversation about the linkages between NAC and identity management and suggested the terms NIdM and AIdM to describe the two elements and their relationship to the broader IdM space. One of my posts from September of 2006 has all the relevant links. He’s staying abreast of the topic as well with a related post just last month.
Since then I’ve been trying out the NIdM term as a way to describe what my company does and through some trial and error I found that putting the “N” last increases understanding significantly: so I now say “Identity Management for Networks” rather than “Network Identity Management.” Perhaps the latter term has too much of a connotation of IPAM and MAC address databases where as the “for Networks” puts a qualifier on a term that most within IT already understand.
I put together a presentation for the SecureIT conference which attempts to map out what IdM-N is and how it relates to a legacy RADIUS server as well as your traditional IdM investment. I’ve since presented a variation on the same theme last week at the New York Metro chapter of the ISSA. At that conference there was a lot of head nodding as well as a customer presentation on IdM in general by Dennis Brixius (CSO at McGraw Hill). Dennis spoke to the need for identity in networks which was great as we served to reinforce some of each other’s points.
Tomorrow I’m presenting the same topic at the Network Applications Consortium’s spring conference. Many of the presenters and attendees at this conference are well versed in IdM for applications and I expect to learn a lot. While over the mid-term I see IdM merging into a single entity that comprises the entire space, it will take us a little while to get there. In the interim, finding ways to link network and application elements through the adoption of standards makes a lot of sense.
A written version of the components in IdM-N can be found in the IPJ article I referenced in an earlier post.
I expect the next six months to be very telling in terms of what terms take hold with customers and more importantly, what applications they are solving with these technologies.
Technorati Tags: AAA, Identity Management
May 2nd, 2007 at 5:22 pm
[...] Eric Norlin responded to my Identity Management for Networks post with some thoughts of his own. It sounds like we are mostly on the same page (i.e. he agrees sticking the “N” or “A” at the end might help) however he did point out some real challenges to the merger of the two spaces: Sean sees identity management becoming a “single entity.” I’m not as optimistic. There’s an awful lot of legacy to get through here — legacy of job titles, legacy of how software and networking companies are organized, just plain legacy. Will IdM-N and IdM-A products and suites have to learn how to be intertwined? Absolutely. Will they merge? That sounds like a ten year job to me. [...]