By Cameron Sturdevant  |  Posted 2005-06-06 Print this article Print

OctetStrings VDE 3.0.2 has templates for Computer Associates International Inc.s eTrust Directory, which we used to simplify access to applications by users. VDE 3.0.2, which shipped in April, is priced at $20,000 to $45,000, depending on server configuration. This update gains templates for Siemens Information and Communication Networks Inc.s HiPath Security DirX. The updated product supports a wide array of popular directory and database platforms, as well as adapters to access identity information in applications.

In tests, VDE basically took LDAP calls from our applications and used joins that we built using a wizard supplied by VDE to transform data requests to the original identity sources. These were either LDAP-compliant directories or our Microsoft Corp. SQL Server database.

VDE, unlike RadiantOne VDS, relies on high-speed connections to the original data source to provide applications with access to identity information. We installed VDE on a Windows 2000 Server system with all the VDE components on one machine. We used information from a CA eTrust Directory, a Windows Active Directory and data from a SQL Server installation, along with Novell Inc.s eDirectory installed on a NetWare 6.0 server.

Click here to read Labs review of RadiantOne VDS. Using VDE, we could summon necessary data from a variety of these sources at the time a query was made in our test, as if all the data were stored in a single directory.

The consolidated application information—in this case, user data to authorize a simple log-on request that could be used to support a Web portal—was presented to the application. The key to using VDE to its fullest advantage is to understand that information is provided in real time, drawing from the original authoritative sources. A metadirectory product, in contrast, would have copied the data and provided the information from a secondary source.

Metadirectory solutions are well-understood, but this level of integration is usually politically sensitive and sometimes costly because data synchronization and replication procedures are required to keep information in the metadirectory current.

With VDE, the data stayed in the original source, and no extra effort was needed on our part to tell the test application where to find the necessary data, aside from directing it to VDE.

As with RadiantOne VDS, however, this isnt to say that creating a virtual directory is easy. Any IT manager who seeks to provide an identity management system based on data drawn from multiple directories, databases and applications must first have a clear idea of what information is stored where.

We used adapters provided by VDE to access our Active Directory data store. This immediately raised a serious question during tests: What attributes are needed to uniquely identify each user when required information is stored in multiple sources?

The lesson we learned is that substantial time must be allowed for system administrators to learn where identity data is stored and how to connect that information together for individual users. At Digital ID World, users of both VDE and RadiantOne VDS indicated that their virtual directory projects took at least six months to implement.

In Labs tests, we found that virtual directory tools, once in place, require heavy ongoing maintenance both to tune performance with existing applications and to accommodate new applications and systems coming into the network.

VDE can be installed on a wide range of platforms, including Windows, Solaris, Linux, HP-UX, AIX and Mac OS X.

Next page: Evaluation Shortlist: Related Products.

Cameron Sturdevant Cameron Sturdevant has been with the Labs since 1997, and before that paid his IT management dues at a software publishing firm working with several Fortune 100 companies. Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility, with a focus on Android in the enterprise. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his reviews and analysis are grounded in real-world concern. Cameron is a regular speaker at Ziff-Davis Enterprise online and face-to-face events. Follow Cameron on Twitter at csturdevant, or reach him by email at csturdevant@eweek.com.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel