On-Premise. Federated Identity

 

An on-premise federated identity management system that provides seamless and secure access to thousands of applications using Single Sign-On technology. Integrated with our Virtual Identity Server (VIS), OFIS provides multi-factor authentication and authorization from any data store.

About OFIS

OFIS is an on-premise federated identity management system that provides seamless and secure access to thousands of applications using Single Sign-On technology. Integrated with our Virtual Identity Server (VIS), OFIS provides multi-factor authentication and authorization from any data store.

sign on

OFIS is an on-premise offering from Optimal IdM that provides everything you need in a federated single sign-on solution.

With it, users — whether on-premise, cloud hosted or federated — have seamless access to applications in the cloud and/or on-premise.

OFIS is much more than just a self-service password reset tool for Active Directory. The application’s built-in entitlements framework engine provides an easy to use and powerful claims based authorization solution. Application administrators define entitlements and specify both who can request access to them, and who can approve/deny access. Using the web interface, users’ requests are routed via email and delegated to administrators to approve or deny. As users authenticate, these additional entitlement/claims are added to the claims sent to the application.

Benefits

Increased Security and Control

Eliminate Deployment Barriers

Read more

Reduced IT Costs

Read more

Meet Audit and Compliance Initiatives

Read more

Cloud vs. OFIS Comparison

Understanding costs differences between Identity as a Service (IDaaS) and On Premise Deployments

Background

Usage of the cloud has become more and more prevalent, even for areas that were classically on premise deployments.  For example, the cloud Identity as a Service (IDaaS) market has grown substantially over the last few years.  A major reason for the cloud adoption is that organizations have started to understand the true costs of maintaining an on premise identity deployment.

Historically organizations didn’t realize the true cost of maintaining the solution until after it was purchased and deployed.   Once deployed, employees needed to be trained and become “experts” to be able to fully support and maintain the environment and unfortunately many identity management deployments are complicated. Over time organizations have started to realize that by leveraging cloud solutions they can effectively outsource these deployments to organizations that specialize in certain areas.

Read more

FAQ

Does OFIS provide audit capabilities?

faq-imageYes. All activity is optionally logged to a Microsoft SQL server database. This includes: who authenticated, when, how, to what application and with what claim values. There are audit reports that come out of the box for an administrator to run.

How can I control who has access to what applications using OFIS?

Using the built in Entitlements system of OFIS, an administrator can create custom claims that users can request access to. When a user requests access, the built-in workflow sends the request to either a delegated administrator or a claims administrator for approval or denial. If approved, this additional claim is added (claims are augmented) to the list of claims after authentication. These claims can be utilized to create very granular fine grained access to not only applications but also specific permissions such as a SharePoint document library.

What applications does OFIS provide authentication?

OFIS is a 100% full Federation solution that can provide access to any application that supports the federation standards. This includes both on premise applications as well as Cloud applications such as Sales Force, Concur, Office 365, etc.

Does OFIS provide any way to host other identities such as partners or customers?

Yes, this is built-in to the solution. Users can be created manually using the web interface, or they can self-register using the built-in self-registration module that includes workflow approval of users.