Netegrity updates ID management software

Netegrity this week rolled out a new version of its IdentityMinder software featuring integrated user administration and resource provisioning capabilities.

The technology is aimed at letting administrators automate the task of creating and managing user identities and control access to services based on those identities, said Deepak Taneja, a vice president at the company.

Netegrity's product is the latest in an emerging category of software from companies such as IBM, Novell and Oblix that aim to tie together access control, authentication, authorization and application provisioning functions.

"It is really all about service delivery and user productivity by giving them the right access to the systems they need, much faster," said Jonathan Penn, an analyst at Forrester Group.

From an administrative standpoint, the centralization and automation provided by such technologies can save time and money, Penn said. With it, for instance, administrators can automate the process of adding new users or groups, changing access rights, delegating password management and deleting user accounts when a person leaves a company.

Driving the need for such products is a slew of short- and long-term issues, according to Albert Braunberg, an analyst at Current Analysis. Among them are the growing adoption of Web services, the need to secure business-to-business transactions through better ID management and enterprise IT's focus on ROI, Braunberg said.

"It's a very exciting market right now," he said, adding that such products are unlikely to appeal to anyone other than very large corporations.

Netegrity's new product integrates its previous access control functionality with application provisioning software from Business Layers. The two companies had announced a partnership earlier this year.

Key features of the integrated package include the following:

-- Password management capabilities that enable self-service password reset and synchronization across multiple applications.

-- Role-based access control and administration.

-- A rules-based engine for provisioning access to LDAP and other directories, databases, ERP and CRM applications.

--Auditing and reporting capabilities for collecting, storing and managing user information.