atos cybersecurity

© Atos

Atos CybersecurityDirX Kundenveranstaltung

18. November 2021

Ralf Knöringer Manager Competence Center IAM

Atos Big Data & Cybersecurity DeutschlandDirX Kundenveranstaltung 2021 – Agenda

Zeit Inhalte Referenten

10:00-12:00 Teil 1 – Produktneuheiten & Live-Demo

10:00-10:15 Willkommen und Neues von Atos Cybersecurity Ralf Knöringer, Leiter Competence Center DirX

10:15-11:00 DirX Roadmap - Highlights Gary Weissenbacher, Leiter Produktmanagement

11:00-11:45 Live Demo – Neue RESTful API, Business User GUI, Governance& Compliance mit DirX Audit

Vahid Asadi, Senior Solution Manager

11:45-12:00 Q&A und Zusammenfassung Teil 1 Alle

13:30-15:00 Teil 2 – Best Practice Sharing/Kundenberichte

13:30-14:00 Kundenprojektbericht: Access Management mit IDV ZH Broker beim Kanton Zürich (Identity Federation im Public Sektor)

Leo Stucky, Amt für Informatik des Kanton Zürich

14:00-14:45 Best Practice - IAM Konzerndienste bei AtosLive Demo – Integration Cloud-Services

Marcus Diemer,IAM Application Owner, Atos Global IT

14:45-15:00 Q&A und Ende der Veranstaltung Ralf Knöringer

© Atos - For internal use

Identity and Access Management

DirX Roadmap & News

| 18.11.2021 | Gary Weissenbacher | © Atos - For internal use

Content overview

Atos in a NutshellNews in CyberSecurity

Atos DirX IAM Portfolio

DirX Roadmap

Analysts View

01.

02.

03.

04.

4

Atos in a NutshellNews in CyberSecurity

| 18.11.2021 | Gary Weissenbacher | © Atos - For internal use 6

#1 in managed security services Europe and#3 worldwide

In a Nutshell

105,000 business technologistsin 71 countries worldwide

€11.2 bn revenue and €1 bn operating margin

Global leader in cloud anddigital workplace

Worldwide IT Partner of the Olympic and Paralympic Games

c.€235 m R&Dper annum

85,000 new digital certifications

14.9 tCO2/m€ revenue industry best-in-class


A recognized Industry Leader

#1 in managed security services in Europe and #3 worldwide

Best-in-class computing power

Global leader in private cloud

Global leader in cloud and digital workplace

Pioneer in edge server technology

Leader in accessibility solutions

Pioneering quantum technology with the Atos Quantum Learning machine

Global market leader in Enterprise Single Sign On


BDS - Big Data & Cyber Security

Big Data & Cybersecurity (BDS) division is responsible for the product and security services offering of Atos. Its mission is to answer enterprise, public sector and defense customer needs for turning data into a business differentiating advantage and secure their information assets.

BDS is the Atos Powerhouse for Cybersecurity and High Performance Computing

#1 European and #4 worldwide player in Big Data & HPC

#1 European and #3 worldwide provider in Cybersecurity

900 M Euros – 5,200 experts

8

The Atos IAM Portfolio is a key building block of the BDS Cybersecurity Strategy. With DirX BDS provides leading IAM technology made in Germany to customers worldwide.


BDS Big Data & Cyber SecurityRecent Acquisitions - Atos invests in technology and capabilities for Cybersecurity

10

Cryptovision designs, develops and implements cryptography software, security solutions and hardware products. Its unique solutions are made in Germany, certified by the Federal Office for Information Security (BSI) and accredited by the NATO.

SEC Consult is a leader in providing cybersecurity consulting, penetration testing, red teaming and technical assessment services in DACH, APAC regions (Singapore, Thailand, Malaysia) and North America (over 200 highly skilled specialists)

GreenShield VS E2EE e-mail and file

Scinterface Smartcard middleware supporting 2FA, Login, VPN, SSO, PIN Cache

Already tested and operational with DirX


Teaser – Proposal for additional Webinars Learning more about the DirX cybersecurity ecosystem

IAM and PAM (Privileged Access Management)• Warum ? Unterbinden von Lateral Movement, da Ransomeware-Angriffe meistens damit starten

• Was liefert Atos ? Die Verbindung von IAM und PAM schützt Zugriffsrechte auf die Kernressourcen des Unternehmens

• Ecosystem ? DirX, Wallix, CyberArc,

IAM, PKI und Verschlüsselung• Warum ? End-to-end Security und 2FA in Verbindung mit sicherem Identitätsmanagement

• Was liefert Atos ? Smart Card, Tokens, PKI Produkte, Trust Center im Zusammenspiel mit DirX IAM

• Ecosystem? Atos Trust Center, IDnomic PKI, Cryptovision Security, Card OS , DirX Access

11

Integrated IAM• Warum ? IAM als integrierter Dienst in allen Web Services

• Was liefert Atos ? Einführung in die effiziente Nutzung der DirX Services mit RESTful APIs und Federation (SAML, OpenID)

DirX Portfolio


DirX DirectoryHigh-end LDAP / X.500 Directory Server and LDAP ProxyIn-memory database, LDAP Proxy, support of dynamic groups, very large CRL’s, enhanced security for IoT

DirX AccessIdentity Federation, Access Management, and SSO for the Connected WorldMulti-tenant, cloud-ready, risk-based authentication, FIDO, SAML 2.0, authorization XACML 3.0, OAuth, RESTful interfaces

DirX AuditAnalytics and Intelligence for Identity and Access ManagementMulti-tenant, cloud-ready, risk-based, historical identity data, context-based analysis and correlation of events, customizable reporting

DirX IdentityUser and Access Management aligned with Business ProcessesMulti-tenant, cloud-ready, risk-based identity and access governance, RESTful interfaces, BUI, SCIM

DirX State of the Art: integrated Product Suite for Identity and Access Management under one Brand

13

DirX

DirX Roadmap


Identity Management and GovernanceDirX Identity

• Comprehensive identity management and risk-aware governance for heterogeneous environments

• Creation and consolidation of unique digital identities from HCM and other sources

• Centralized and automated role- and rule-based user management

• Delegated administration and self-service

• Access certification campaigns

• Provisioning of accounts and group/role memberships in IT systems and applications (incl. Cloud)

• Audit and reporting of user access rights on enterprise level

• Integrated role management based on RBAC with context-based assignments, SoD, and risk-awareness

• Process-oriented with integrated workflow

• Comprehensive integration with SAP

• Rich set of connectors incl. cloud interfaces and RESTful interfaces

• Scalability, reliability and high availability

Key StrengthsDescription

15


Identity Governance and AdministrationDirX Identity V8.9

16

July 2019

V8.9 – Advanced Service and Cloud• Extension of Business User

Interface• Actor / Approver / Delegation

• Extended RESTful interfaces:• Provisioning of additional

cloud services / SCIM

• Extended Salesforce connector

• Tec Update (Java 11, Tomcat, Win 2019, Web Center)

V8.9 SP2: February 2021


Identity Governance and AdministrationDirX Identity Roadmap

17

2022Q4 2021

V9.0 – Comprehensive RESTful Interfaces• Fully configurable Business

User Interface and RESTful services

• Extended cloud integration• Generic SCIM connector

• SAP Cloud Platform (SCP)

• Optimized maintenance

• Support automated certificate management

V8.10 – Additional Cloud Services• Extension of RESTful interfaces

and Business User Interface• User Management

• Certification Campaigns

• New RACF Connector

• Simplifying deployment, configurability, operability

• Tec Update


Federation, SSO, and Access ManagementDirX Access

• Identity federation with cloud services, business partners, and social platforms based on SAML 2.0, OAuth 2.0, OpenID Connect and Microsoft ADFS

• Centralized, risk-based authentication, Web single sign-on, and session management

• Multiple authorization models based on XACML 3.0 (e.g. RBAC and ABAC) to support powerful and complex authorization

• Support of FIDO-based authentication methods

• RESTful client services and detailed audit trails for user access to resources

• Adaptive and context-based risk assessment of access requests

• Supports a large variety of authentication methods

• Support of a broad range of authorization models

• Based on standard XML and Web services technologies ( OpenID Connect, SAML, UMA, FIDO, XACML, WS-*…)

• Platform-independent, multi-tenant, cloud-ready, and service-oriented


18


Federation, SSO, and Access ManagementDirX Access V9.0

19

July 2021

V9.0 – Evolving Security

▪ Improving security and scalability

▪ Extended Authorization Service Layer

▪ Focus on Authentication & Identity Federation features

▪ Simplified architecture

▪ Extended RESTful Interfaces for admin functionality

▪ Tec Update: TLS 1.3; Linux update

V9.0 SP1: October 2021


Federation, SSO, and Access ManagementDirX Access Roadmap

20

2023Q4 2022

V9.1 – Evolving Security• Resilience against security attacks

• Extended Microsoft Azure integration


• Extended RESTful Interfaces for admin functionality and new management console

• Tec Update

V9.2 – Enhanced Serviceability• Improving security and

scalability

• Extended Authorization Service Layer

• Zero trust ready



Analytics and IntelligenceDirX Audit

21

• Collection of IAM audit logs from different sources and transformation into a common format

• Secure storage of audit logs in one (or more) central databases (multi-tenant) incl. historical identity data

• Filtering, analysis, and correlation of audit data

• Dashboard with KPIs, statistics, and metrics

• Continuous risk assessment of identities

• Controlled access to audit logs

• Extended audit reports based on templates

• Customizable, incl. additional audit sources

• Continuous insight into IAM activities, incl. reviewing identities in the past and point-in-time comparisons

• Allows for classifying and analyzing the risks of identities’ access rights

• Consolidation and correlation of identity audit logs

• Open and flexible architecture and platform-independent



Analytics and IntelligenceDirX Audit V7.1

22

July 2020

V7.1 – Advanced Reporting• Additional Reports: configurable

business reports with MS Excel output (70+ templates)

• Database performance and resilience

• Tec Update: Windows Server 2019, Java 11, Tomcat 9, database support SQL Server 2019, Oracle 18c and 19c

V7.1 SP1 August 2021


Analytics and IntelligenceDirX Audit Roadmap

23

2023Q2 2022

V9.1 – Prescriptive Analytics• Automated policy / control scans -

alarming

• Violation notifications with configurable thresholds (changes / errors per time interval and high risk users)


V9.0 –Advanced Service Management• Additional business report


• Automatic monitoring of database KPI’s

• Tec Update; new database and LINUX versions


Directory ServerDirX Directory

• LDAP / X.500 directory server with Standard-based distribution incl. integrated LDAP Proxy

• High availability through floating master

• Rich security features, X.509/PKI support, and comprehensive and flexible password policies

• Powerful LDIF import and export incl. high-performance offline loader

• Change logs and event triggering

• Scriptable and graphical administration

• Auditing, monitoring, and SNMP traps and Integration with Nagios monitoring

• Fully integrated backup and restore

• Excellent robustness, scalability, and high availability

• Outstanding read and write performance with 100+ million entries in one single server

• Support of very large groups (incl. nested and dynamic groups)

• Integrated LDAP Proxy

• Comprehensive auditing and monitoring

• No downtime for administration and backup


24


Directory ServerDirX Directory V8.9

25

August 2020

V8.9 – Advanced Service Management• LDAP Proxy extended search

result rewrite rules

• New LDAP controls

• Optimized operation and runtime with extended runtime checks for DSA and DBAM cache repair

• Tec Update: SLES 15, RHEL 8, OpenSSL 1.1.1 / TLS 1.3

ID


Directory ServerDirX Directory Roadmap

26

2022Q4 2021

V9.0 – Advanced Proxy• Additional LDAP Proxy features

• Multiple sources

• Optimized operation support

• Additional LDAP controls

• Enhanced Linux security

• Additional documentation

• Tec Update

V9.1 – Advanced Service Management• Simplifying deployment,

configurability, operability

• Advanced monitoring / diagnostic

• Identity Provider (IdP) Bundle

• RESTful interfaces


DirX RoadmapOutlook 2023

DirX Audit 7.1 SP1

• Service Management

DirX Identity 8.10

• BUI / RESTful

DirX Access 9.0

• Adaptive Security

DirX Directory 9.0

• Advanced Proxy

2021

CloudManageability

DirX Audit 9.0

• Advanced Performance

DirX Identity 9.0

• Accessibility / SCIM

DirX Access 9.1

• BUI / Azure Integration

DirX Directory 9.1

• RESTful

2022

Service Provider Serviceability

DirX Audit 9.1

• Prescriptive Analytics

DirX Identity 9.1

• RESTful / SCIM / Cloud

DirX Access 9.2

• Zero Trust Architecture

DirX Directory 9.2

Zero Trust / RESTful

2023

Zero TrustReady

27


End of Software MaintenancePlanned

28

Product

Version

Date of

General Availability

End of

Software Maintenance

DirX Audit V7.0 June 2018 June 30th, 2022

DirX Audit V7.1 July 2020 July 31st, 2023

DirX Identity V8.7 December 2017 March 31st, 2022

DirX Identity V8.9 July 2019 December 31st, 2023

DirX Access V8.7 December 2017 December 31st, 2021

DirX Access V8.9 June 2019 December 31st, 2022

DirX Access V8.10 December 2019 June 30th, 2023

DirX Access V9.0 July 2021 July 31st, 2024

DirX Directory V8.7 December 2018 June 30th, 2022

DirX Directory V8.9 August 2020 August 31st, 2023

Analysts View


DirX Identity and Access ManagementClients (Overview)

30

En

terp

rise

Pu

blic S

ecto

r

Schweizer Bahn

http://www.giz.de/de/startseite.html

http://www.stadt-zuerich.ch/


DirX @ AtosFour Major Services based on Standard DirX Products

Atos Name

Description User Community Use Case Service Delivery

WAC Web Access Control, Federation, Security, and Audit

All Atos Employees and Partner

Access Management & Federation; IdP

Global Delivery Center Poland

DAS2 Corporate Directory, Identity Management, Password Reset, and Provisioning

All Atos Employees and Partner

Corporate Directory & IdM


ASN-IAM Privilege User Management, Access Control and certification for Admins

All Atos Admins and Client Admins

Privilege UserManagement (PUM)


MCaaS Atos Voice Service; Management of unified communication based on OSILA

All Atos Employees Subscriber Management

IDM Germany

31


What Analysts say about DirX

“DirX Identity is a mature offering for IGA, delivering both leading-edge Identity Provisioning capabilities and a strong Access Governance feature set and ... added a modern user

interface”

“Atos DirX Directory counts amongst the leading-edge directory services in the market. It is a very mature product, benefiting from continuous enhancements and innovations”

“DirX Access counts amongst the most feature-rich solutions on the market with a specific strength to support for specific capabilities such as session state sharing and Dynamic

Authorization Management”

“DirX Audit is a very powerful solution that complements DirX Identity and DirX Access. DirX Audit goes well-beyond what is found in many other Access Intelligence solutions”

32


EXECUTIVE VIEW Atos DirX Access

Atos DirX Access is a mature solution for Access Management, covering the full range of targets from legacy web applications to modern SaaS services. It comes with comprehensive support for modern standards, including FIDO 2.0. A specific strength is the support for specific capabilities such as session state sharing across servers, Dynamic Authorization Management, or integrated User Behavior Analytics. Atos DirX Access counts amongst the most feature-rich solutions on the market.

Atos DirX Accesshttps://www.kuppingercole.com/report/ev80167

33

https://www.kuppingercole.com/report/ev80167


DirX Identity and Access ManagementKey Strengths

Atos is a major player in the identity and access management market and offers standard-based leading-edge technology for scalability, reliability, and high availability

Atos has a long track record of successful customer solutions implementation and is a reliable and globally acting partner for international enterprises and organizations

The DirX products help customers to ensure regulatory compliance, support business agility, and provide a proven return on investment

34

Atos, the Atos logo, Atos | Syntel are registered trademarks of the Atos group. October 2021. © 2021 Atos. Confidential information owned by Atos, to be used by the recipient only. This document, or any part of it, may not be reproduced, copied, circulated and/ or distributed nor quoted without prior written approval from Atos.

© Atos - For internal use

Thank you!

atos cybersecurity

Documents