Formerly known as the M-Tech Identity Management Suite (M-Tech was acquired by Hitachi in April of 2008, and the company name changed to Hitachi ID Systems), the Hitachi ID Management Suite consists of multiple components targeted to the provisioning and management of user identities on the network. Though the key core components of the platform (Hitachi ID Password Manager and Hitachi ID Identity Manager) run on Web-enabled Windows 2003/2008 servers, the platform ships with built-in connectors allowing it to interface and interact with multiple other systems, including UNIX and mainframes. The platform achieves this interactivity through support for open communications standards such as SOAP (inbound) or SOAP, SMTP, HTTP, and more (outbound); which enable it to manage passwords and identities on disparate systems without requiring additional software on the target systems themselves. The vendor does note, however, that local agents are provided and recommended for UNIX servers and OS/390 mainframes; and local agents are required for interfacing with RSA SecurID servers. Primary access to the core IDM suite components is via Web browser.

Architecturally, the core components (see below) run on Windows (2003/2008) servers, which themselves can be load balanced (via 3rd party technology such as DNS round robin or external gear) and support both the the deployment of multiple instances per server as well as shared instances across servers. Instances that span multiple servers are functionally identical. Out-of-the-box, the vendor boasts connectivity to better than 70 external components, including A/D, eDirectory (or any LDAP directory, Windows file servers, Oracle, Sybase, SQL Server, Linux, Solaris, AIX platforms, Peoplesoft, SAP, Exchange, and Lotus, to name a few. In addition to these, the vendor includes scriptable agents (Telnet, Web services, SQL code, more) for custom integration with other 3rd party platforms.

The Hitachi ID Management Suite backbone consists of the central offerings Hitachi ID Password Manager and Hitachi ID Identity Manager (formerly known as P-Synch and ID-Synch; Hitachi ID renamed the components in January of 2009) as well as complementary core products including the Hitachi ID Privileged Password Manager, Hitachi ID Group Manager, and Hitachi ID Access Certifier (formerly ID-Archive, ID-Access, and ID-Certify).

Hitachi ID Password Manager provides the ability to transparently synchronize passwords across the supported external components; allowing a user to change their password in a single location and have it automatically propagated to all target systems. Other features include self-service reset and token management features (for RSA SecurID).

Hitachi ID Identity Manager is the user provisioning arm of the platform, providing automated user setup across connected systems.

Hitachi ID Privileged Password Manager allows for the automated management of "privileged" passwords (for example, shared admin passwords); it automatically and periodically re-generates randomized passwords for these critical accounts/devices, encrypting them and storing them across at least two servers, and requires individual administrators to authenticate themselves prior to disclosing the current password for the target device. Administrator access is audited and logged.

Hitachi ID Group Manager provides group membership controls primarily for Active Directory. Features include support for delegated group management and user self-service group membership requests.

Hitachi ID Access Certifier is primarily an auditing tool; it requires and assists in the periodic review of user profiles and access rights by those responsible for those settings, and provides workflow tools that allow those individuals to trigger the removal of those accounts (i.e., following a higher level review and approval the platform automatically deactivates the accounts in question).

Add-on components to the Hitachi ID Management Suite include the Hitachi ID Org Manager (construction and management of Org-Chart data); Hitachi ID Phone Password Manager (allows for self-service password resets by through mobile phones); and the Hitachi ID Login Manager, a single-sign-on tool.

New features in the latest Hitachi ID Management Suite release include support for role-based access control capabilities; a code-less identity synchronization engine; a built-in "Segregation of Duties" engine; a new workflow API; and support for SQL Server 2005 or Oracle 10g as the back-end database server.

The Hitachi ID Management Suite is available now. Visit Hitachi ID's Web site for further information.

product submission by EITPlanet Staff

E-Mail this page to a colleague
send info about Hitachi ID Management Suite

Suggest a link
for the Hitachi ID Management Suite fact sheet