Re: Which IAM solution do you recommend?

[Bill Thompson <thompsow () LAFAYETTE EDU>]

Jared,

Lafayette is a small liberal arts college with about 2700 students. Our IAM
infrastructure is based on the Internet2 Trusted Access Platform (was
TIER). It looks something like this:
* WebSSO, Federation, MFA - CAS, Shibboleth, Duo
* Enterprise Access Policy/Group Management - Grouper
* Sponsored Accounts Management - CoManage
* Enterprise Directory - OpenLDAP
* Password Management, Lafayette Account Lifecycle - custom
* Application Account/Authorization Provisioning - custom, driven by
Grouper policy
* InCommon Certificate Service
* eduroam

We have support contracts with Unicon, Spherical Cow, and the Shib
Consortium. They have helped us with installations, upgrades, support, etc.
We're planning on moving all of this to AWS in the next 8-12 months.  I
suspect that over time we'll have templates for running most of this in
AWS, and that it will start to feel more like a SaaS type of deployment.
Unicon will already host many of these components for you in AWS.

Best,
Bill


On Fri, May 10, 2019 at 12:34 PM AIS <ais () reinhardt edu> wrote:

> I agree with Brad. In my recent review of Okta, I came to the same
> conclusion.
>
>
>
> I don’t see Internet2 on the GartnerMQ ;)
>
> Companies pay a lot of money to Gartner to win their favor.
>
>
>
> This doesn’t make them the best option for higher ed identity and access
> management use cases or to be affordable to meet the need of our budget.