Visibility and Automation on WHO is using the network
DDI is no longer a network-only solution providing automation between DHCP leases, DNS records and IPAM network and IP addresses. It requires wider and open data topology including devices, applications and usage information. The purpose of the Identity Manager is to easily add to the IPAM information related to the IT infrastructure and application users.
By collecting real-time events on user sessions and additional metadata through directory synchronization and linking this information to the “IP source of truth” repository, Identity Manager provides visibility on who is using the network and from where.
PRODUCT BROCHURE – IPAM Identity Manager
Learn how Identity Manager provides a valuable extension to the DDI model for both visibility and network automation.
Global DDI Visibility with User Activity
By which user is this IP address being used? Does this device belong to the user using it on a regular basis? Who is currently on the network from this department? From this branch office? These are some basic questions operation teams have every day, from the Service Desk to the level 3 support team, from administration to design teams.
Identity Manager, by collecting information from the IT tools having visibility on identities, provides a centralized and coherent view of users and their related IP resources such as a device or an IP address. The identity and session views proposed by this module help accelerate incident resolution, go deeper into forensic analysis and provide other ecosystem tools with a enriched view on the usage of an IP address on the network.
Key Benefits
Ease Troubleshooting and Forensic Analysis
Unified visibility on which IT user is using the network resources and from which IP or device
Simplify IT Operational Management
Quick access to main identity information for I&O teams and ecosystem tools through API
Time Savings for I&O Teams
Easy location of users from their IP address through the integrated Global Search Engine
Network User Based Automation
Ability to build automated scenarios based on user session in complement of technical assets like device name or IP address
Rich IP Data Lake Extended Beyond DDI
Enrich IP repository with identities and respective network sessions, in addition to devices and IP addresses
Standard Integration with Active Directory
Real-time Syncronization with Microsoft Domain Controllers through Event Forwarding Engine
IPAM Enhanced with Identity Objects
Identity Manager brings new objects in the global topology of SOLIDserver IPAM. The Identity represents an individual user which is either present in the directory or seen on the network through a collected session. It carries rich information that can be easily shared with operational teams without them having to enter the directory tool. User session visibility allows new operational use cases like correlating activity on the network with users on the IT systems, contacting users before a planned operation or checking security behaviour such as who is connected during off hours.
Identity Based DDI Automation
DDI automation provides I&O teams a good way to avoid errors during operations and save a lot of time and effort for configuration activities. Rich automation comes from the variety of objects linked together. By default, a DDI mainly manages IP addresses, DNS records and DHCP leases. SOLIDserver, however, also manages applications and devices as extensions of its DDI model. Identity Manager extends this further with the identity facet. which enables identity-based DDI automation. It is now possible to link any identity activity on the network with all the other components in the DDI, like a network, a device or a DHCP lease.
Native Integration with Microsoft Active Directory
Microsoft Active Directory is included by default with the Identity Manager product. It automatically gets information about any valid user session directly from the Domain Controller through the standard Microsoft mechanism. It also provides the ability to get additional information, known as parameters, about any identity in the Active Directory by periodically requesting the Domain Controller. This allows quick access to contact and location information about any identity linked with technical data already in the IPAM, such as the IP address of its device, the device name or the DHCP lease. The data manipulation is straightforward and requires neither any complex manipulation in the Active Directory database nor specific access rights in the Microsoft domain. This immediately brings time savings and efficiency for I&O teams.
Related Content
SOLIDSERVER DDI PRODUCT BROCHURE
Our easy-to-use DDI brings vital improvements for reliability, resiliency and security of network foundations. Being cloud & orchestrator agnostic, it benefits from smart automation to accelerate new service deployment and reduce operational costs.
PRODUCT – IPAM For Microsoft DNS and DHCP servers
See how EfficientIP’s IPAM solution delivers complementary technology to leverage your Microsoft investment for DNS and DHCP services
Integrating IT Processes Using IP Data Lakes
Understand benefits of network automation based on a central IP source of truth repository.