Netegrity Affiliate Agent for Security Assertion Markup Language (SAML)
Netegrity Delivers SAML Affiliate Agent to Lower Cost and Complexity of Federated Security Across Partner Sites
Enables Companies to Securely Partner in Order to Provide Enhanced Services to Users
Waltham, MA, USA. February 10, 2003.
Netegrity, Inc., a leading provider of identity and access management solutions, today announced that it has delivered the Netegrity SAML (Security Assertion Markup Language) Affiliate Agent. Companies, especially in today's economy, are leveraging the expertise and services of their partners in order to drive down costs while providing greater value and enhanced services to customers, employees, suppliers, and partners. Previously, there were barriers to enabling this online partnership including security concerns as well as the costs associated with development and interoperability. The Netegrity SAML Affiliate Agent is designed to address these challenges by providing an out of the box solution to enable companies to leverage SAML in order to securely exchange user identities across partner sites, regardless of the infrastructure in place.
"Harvard Pilgrim needed a way to securely exchange identity information with external companies that provide content and transactions for Harvard Pilgrim Online," said Lawrence Rapisarda, CTO at Harvard Pilgrim Health Care. "The Netegrity SAML Affiliate Agent is going to enable us to provide a seamless user experience across these affiliates in a cost effective federated environment."
SAML, which became a standard within OASIS in October of 2002, provides a standard way to securely exchange user information across partner sites. Netegrity SiteMinder 5.5 currently supports the SAML specification, enabling a company to create a SAML based identity and share that SAML identity with a partner site. With the new Netegrity SAML Affiliate Agent, Netegrity is now enabling the partner to more easily recognize and authenticate the SAML identity.
Now, for example, Company X can seamlessly and securely work with its 401k provider. An employee of Company X logs on to the Company's Intranet, which is protected by Netegrity SiteMinder technology, and then decides to change the funds within their 401K account. The Netegrity SAML Affiliate Agent is designed to allow Company X to securely pass the employee's credentials to the 401K provider without having the employee log in again. The notification capability in the Netegrity SAML Affiliate Agent is designed to allow the 401K provider to automatically send notification back to Company X to alert them of the modifications and adds this action to their audit logs.
The Netegrity SAML Affiliate Agent enables single sign-on across partner sites and the sharing of pertinent user information to personalize the user's experience. In addition, the Netegrity SAML Affiliate Agent extends the SAML specification to meet the needs of its enterprise customers by adding:
Single Sign-Off: As the user travels from partner site to partner site, it is important to ensure that their session is terminated at each site once they logout, preventing unauthorized access.
Notification: The original site from which the user came may require that the partner site send a report back to the company when the user performs certain sensitive transactions. This is especially important in regulated industries such as healthcare and financial services, which require audit and reporting logs.
"As companies execute on a more distributed computing model, they are facing new costs and complexities associated with managing identities across applications and services that span multiple organizations and platforms," said Bill Bartow, vice president of engineering at Netegrity. "The Netegrity SAML Affiliate Agent is one of the first out of the box technology that enables companies to overcome these challenges."
There are several benefits that companies may realize by using the Netegrity SAML Affiliate Agent:
Faster time to deployment: The Netegrity SAML Affiliate Agent is designed to enable out of the box support for SAML, eliminating development time and costs.
Lower cost of administration: The partner does not have to manage any of the users, their credentials, or their passwords as this may be done on the company side.
Higher security: Because the company is managing its own base of users, they can more easily set up accounts and dismantle accounts when an employee leaves the company.
Interoperability: With the Netegrity SAML Affiliate Agent, the partner can also enable single sign-on with other partner sites, regardless of the identity and access management infrastructure they have in place.
A free Web seminar will be held on Wednesday, February 19, 2003 at 1 pm ET to discuss the Netegrity SAML Affiliate Agent in more detail. To register, please go to the events section at www.Netegrity.com.
The Netegrity SAML Affiliate Agent is available immediately.
About Netegrity, Inc.
Netegrity is a leading provider of identity and access management solutions for legacy, Web, and service-oriented architectures. Netegrity provides a comprehensive and integrated identity management solution, with a single administrative model for authentication management, access control, and user administration across heterogeneous environments, both within the enterprise and beyond. Netegrity's flexible, standards-based solutions are designed to enable secure business applications, improve user satisfaction, reduce administrative costs, enforce policy compliance, and mitigate risk. Supported by a vast network of over 200 partners, Netegrity solutions are licensed to more than 250 million users at nearly 700 organizations worldwide, including more than half of the Fortune 100. Customers include industry leaders such as Aetna, American Express, Bank One, E*TRADE, General Electric, the Internal Revenue Service, and Wells Fargo. For more information, visit www.netegrity.com