Bridging and Management
Email
Print
Symplified Sync makes use of
so-called identity routers-operated by Symplified, or by the local IT group-that
provide the exchange between a directory store and a targeted application. What
makes this particularly useful for administrators who are supporting both
Active Directory and one or more cloud applications is that this doesn't
require user provisioning to be done through unfamiliar tools. Adds, changes
and deletes are still performed through the existing tools for Active
Directory, but are pushed up to the cloud without the need for administrator
intervention.
Symplified Virtual Directory goes
beyond this bridging function to provide an impressive array of services that
accommodate organizations with multiple identity stores, offering attribute
mapping, data transformation, normalization and related functions for numerous
LDAP and RDBMS (relational DBMS) systems on the one hand, and cloud-based
services on the other. By offering these capabilities in a one-to-many model,
Symplified claims that the Virtual Directory removes the need to fiddle with
schemas or write custom code in order to exchange data between repositories.
All of this is managed through
the SinglePoint Studio, a Web-based application that from all appearances is
truly a browser-neutral tool. I was even able to use Safari on Mac OS X to
access its functions, although most of my tinkering was done through an
installation of Firefox 3.6 on Windows XP.
For my testing, I used a
cloud-based setup of the Symplified applications. It's relatively easy to
become comfortable with the processes of configuring and applying policies to
various groups. Even higher-level functions, such as configuring user identity
stores, are readily accessed and managed.
SinglePoint Studio defines
applications with one or more "relative paths"-these don't correspond
to any portion of a file system, but are better thought of as reflections of an
organizational chart. One might have an application defined for sales, another
for operations and so on. Within each application, relative paths can be
defined to separate manufacturing from warehousing, if those groups have
different rules for accessing a supply chain function that's common to the
operations group.
The studio's dashboard page shows
at a glance how a SinglePoint system is configured: applications, identity
routers, user stores and pending configuration changes are all displayed for
easy reference.
SinglePoint Studio's management
functions are rather well thought out, offering a "Super Administrator"
role that backstops the standard administrator role. "Supers" have
the ability to add, delete and edit administrators and super administrators,
and both groups have the power to define and manage the various aspects of the
access control and authentication policies. "Supers" also have the
power to reboot the all-important identity routing service.
It's relatively easy for SinglePoint customers to incorporate
new public cloud services into their application mix. Once Symplified's
engineers digest a service's authentication scheme, it becomes available to
Symplified's entire customer base. That's as forward-looking as one could hope
for.
