Identity Manager overview

Identity Manager is an automated and policy-based solution that manages user access across IT environments, helping to drive effective identity management and governance across the enterprise. By using roles, accounts, and access permissions, it helps automate the creation, modification, and termination of user privileges throughout the entire user lifecycle. Identity Manager can help increase user efficiency, reduce IT administration costs, enforce security, and manage compliance.

Identity Manager centralizes the process of provisioning and accessing user accounts on the operating systems and applications in your organization.

Software stack and virtual appliance installation modes

Identity Manager is available both as a virtual appliance or as a software installable stack.

Depending on the deployment option you choose, some administration tasks are different. For a comparison, see Virtual appliance and software stack deployments.

Identity Manager virtual appliance overview

The Identity Manager virtual appliance is a network appliance-based identity-management solution. Identity Manager offers a virtual appliance to reduce the overall Time To Value (TTV) and greatly reduce the deployment time of the product. You can configure the virtual appliance for a cluster environment.

Identity Manager provides a mechanism to initially set up a semi-passive virtual appliance and a high availability solution for providing an all-in-one identity solution. The virtual appliance helps to decrease the amount of time the user spends in deploying and configuring in their own product environment.

You can configure a virtual appliance to connect to external database servers, directory servers, and other supported appliances. You can manage the configuration interfaces and capabilities to deploy and configure the products on the virtual appliance.

The Identity Manager virtual appliance cluster is made of one primary node and other member nodes. All configuration changes such as hardware and software are done only on the primary node. There is only one primary node in the cluster. Even if the primary node itself goes down or must be taken down, the other nodes can continue to do the Identity Manager functions. Changes to configuration details are not allowed until the primary node is reconnected in the cluster.

Virtual appliance features

The Identity Manager virtual appliance provides the following features:
  • Identity Manager now has Identity Governance capabilities through the Identity Governance adapter.
  • A configuration wizard for the first time configuration of the Identity Manager solution in stand-alone or cluster mode.
  • A dashboard for viewing system status such as system notifications, cluster status, component and application status, deployment statistics, and disk usage.
  • Analysis and diagnostics tools such as memory statistics, CPU usage, and performance metrics and service statistics for Identity Manager.
  • Centralized management of Identity Manager settings such as data tier components or external entities, and log files.
  • The controls for the system settings such as host name, date or time, and network settings.
  • Most of the features are configurable by using the graphical management interface.
  • Add member nodes that point to the primary node to process large number of Identity Manager requests.
  • Remove a node from the cluster for any maintenance such as applying fix packs, upgrades, or failures.
  • Synchronization between two nodes.
  • Backing up a primary node for disaster recovery purposes.
  • External middleware components such as database server and directory server.
  • Manage application server certificates, upload feed files, configure mail server, configure Security Directory Integrator server, or Oracle server.
  • Configure Single Sign On to authorize the user to use multiple applications with the single sign-on facility.
  • Configure an external user registry with Identity Manager to grant users of external user registry the authority to log on to Identity Manager application.
  • Upload, download, or update files on the virtual appliance by using the Custom File Management feature from the Appliance Dashboard.
  • Upload library files and custom workflow extensions that can be used in Identity Manager.
  • Update Identity Manager properties by using the Update Property feature from the Appliance Dashboard.
  • Monitoring the status of all the nodes and the individual applications in the Identity Manager virtual appliance cluster.
  • IBM® Security Access Request mobile application to manage accounts by using a mobile phone to communicate your requests from the Identity Manager virtual appliance.
  • Send system audit events over emails.
  • SNMP monitoring can be used to monitor the Identity Manager virtual appliance.
  • Enabling and simplifying workflow extension configuration.
  • Configure an external library.
  • Enable separate application interfaces for the virtual appliance and the application consoles.
  • Use of log file management.
  • Export and import configurations. You can also export, import, access, or download report files.
  • Download and view core dumps to diagnose or debug virtual appliance errors.
  • Manage hosts file.
  • Configure static routes.