Wednesday, January 23, 2019

BeyondTrust Privileged Access Management Platform

I just realized it has been a long while since I last blogged. Have been super busy with new direction with the company and making customers happy.

Today, I tried to source for a PAM (Privileged Access Management) solution for my customer who has his infrastructure on AWS. As such, an appliance-based PAM solution does not make sense.

Then I came across BeyondTrust. Not totally new to me since I have friends working there. But there has been great changes in 2018.



2018 was a game-changing year for the Privileged Access Management market. Lieberman, Avecto and BeyondTrust were all acquired by Bomgar and, in 2019, we will launch the new BeyondTrust. Bringing together these best-of-breed technologies allows us to deliver the most comprehensive PAM solution to date.


Wow! 4-in-1!



Hope to do some businesses with BeyondTrust!


.

Wednesday, October 31, 2018

SSO Migration in 10 (+3) weeks ... People matters!

I have a long time SSO customer who came back to me after 6 months "ditching" us. Well, the actual fact was a new VP came in and we did get along well. Anyway, he couldn't deliver after 6 long months and he was out of the game. The old VP called me immediately after she was reassigned  with the SSO infrastructure.



I'm very familiar with their environment and even though there is a lot of customization, I promised the whole migration will only take 10 weeks. Yes, a major jump in software version. A lot of code rewrites. A lot of Java code decompilation as the software has gone closed-source. It was real fun!

I brought in my best team. And we are going live this coming Sunday! (Ok, customer requested to delay go-live for another 3 weeks as there is 1 site that customer would not want to migrate to the new platform. Thus communication with their end-customers is required to shut down that site.)

Last mile and we are talking about Cut-Over Plan yesterday.

I joined in the discussion. Towards the end of the discussion, customer looked at me and asked me if I have any comment. My only request was: "Give me the same set of people who had performed the dry-run weeks before."

It is going to be a real long night this Sunday and a lot of eyes are on the whole team. I told the manager of the application teams not to assign people based on availability (you know, as this is a midnight job, the seniors will always find excuses not to be involved), but based on experience and capability. Don't give someone who has no idea what is going on.

People matters!

Thursday, June 7, 2018

One Identity Cloud Access Manager - STS Windows Service

In One Identity Cloud Access Manager deployment, there is a STS host and Proxy host. The proxy host acts as the reverse proxy to protected applications, as well as serving as the Login Page.




On the Proxy host, if you ever need to restart the service, a quick search for One Identity Cloud Access Manager Proxy does the job. Fairly easy to locate.




On the STS host, if you need to restart the service, you are not in luck. It took me a while initially. I just could not locate any service that starts with "One Identity ...".



To do so, search for "Redistributable Secure Token Server" instead.


Weird and inconsistent naming convention indeed!


.


Wednesday, June 6, 2018

One Identity Cloud Access Manager - Notifications

I found a good feature in One Identity Cloud Access Manager today - Reminder to turn off detailed message logging.



So I was debugging something yesterday and totally forgotten to turn off detailed message logging. I was at admin console a while ago and I saw a new notification on the top right of the dashboard.

Being curious, I took a look and was reminded to turn off detailed message logging as "Keeping detailed message logging turned on impacts performance".



Not a hard feature to implement. But I seldom see this in other products. Good reminder to my team which is currently busy with their little product development.

.

Tuesday, June 5, 2018

One Identity Cloud Access Manager - Database Snapshot

Cloud Access Manager provides a utility feature for customers to download a snapshot of the CAM database. 



This could be helpful for raising a support ticket. Other products have similar feature to capture a snapshot of the current configuration. However, none is as convenient as this.


Pretty good!


.

Saturday, June 2, 2018

Accredited Consultant

ForgeRock Access Management Accredited Consultant



ForgeRock sent me this yesterday. Nice gesture. I take.


Just few weeks ago, I was told by one of my consultant (btw, he is ForgeRock Identity Management Accredited Consultant) that a young punk from another company boasted to him that he is ForgeRock Access Management certified.

Nothing to be great of. Uncle me accredited keeping a low profile here.

When you are capable, you just dig in and work harder. You don't need to show off. Customers have bright eyes.

.



Thursday, May 24, 2018

Magic Quadrant for Full Life Cycle API Management (2018)

The latest magic quadrant for Full Life Cycle API Management has been released a month ago. I just received a mailer from CA. 



Well done, CA Technologies remains in the Leaders quadrant. Not sure why Google (Apigee) is so high up, as we don't see much competition from them in this region. As long as you are totally cloud-based in this region, especially Singapore, you're basically out of the game. I'm saying if you are looking for large customers. The game is still very much on-premise.

Interestingly, Tyk has made it to the Niche Players quadrant. That's real hard work for a new player who has been in this market for less than 5 years. Really impressive! Kudo to the Tyk team!


.