By Cameron Sturdevant  |  Posted 2003-03-03 Print this article Print


IBMs Tivoli Identity Manager and Tivoli Access Manager, Novells Nsure family, and CAs eTrust Identity Management and eTrust Access Management are designed to integrate user authentication and authorization into the broader arena of user provisioning.

These user management frameworks are appropriate for organizations that have a good user provisioning system in place and work best in large-scale, heavily regimented environments.

In fact, the more rule-bound and process-intensive an organization, the better—these products can eat bureaucracy for breakfast and spit out almost completely automatic user setups by afternoon. However, the frameworks wont do much for organizations that have confused or poorly outlined user provisioning guidelines.

Nsure comes with a license for Novells eDirectory, which is required for the various components of this wide-ranging user provisioning family to work. Novell has gone out of its way to leverage eDirectory, providing some pretty impressive user automation capabilities.

IBMs Tivoli Identity Manager and Tivoli Access Manager work together to provide authentication and access control services for large enterprise networks. The IBM platform goes head-to-head with Novell by incorporating not only a wide range of applications for which it can provide access control but also a variety of directory products.

Because both the IBM and Novell platforms can be integrated with a number of different authentication devices, the real differentiator between the two is how well they can be integrated into an organizations existing environment.

CAs eTrust family of products takes an incremental approach to identity management.

Architecturally, eTrust Identity Manager and eTrust Access Manager are similar to the IBM Tivoli platform in that both support a wide range of enterprise applications. Both platforms also support a number of directory implementations, so IT managers should be able to implement them without disturbing established infrastructure.

One advantage IT managers may find with CA is an ability to implement single-sign-on, user self-service and other user provisioning modules as needed and as the products prove their ability to reduce administrative costs. This is a pleasant departure from CAs all-or-nothing approach to IT management in the late 1990s.

Now, CA components will likely provide IT managers with the breathing room they need to meet regulatory deadlines without having to hire a fleet of consultants.

Senior Analyst Cameron Sturdevant can be contacted at

Cameron Sturdevant Cameron Sturdevant has been with the Labs since 1997, and before that paid his IT management dues at a software publishing firm working with several Fortune 100 companies. Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility, with a focus on Android in the enterprise. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his reviews and analysis are grounded in real-world concern. Cameron is a regular speaker at Ziff-Davis Enterprise online and face-to-face events. Follow Cameron on Twitter at csturdevant, or reach him by email at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel