Sun versus IBM Identity Management

Michael Halcrow mike at
Tue Feb 15 17:18:42 MST 2005

> I'm not sure who has worked with such a software stack before, but I
> would greatly appreciate opinions on either set of products. If your
> company deployed a similar stack I would appreciate information on
> deployment times, road blocks and problems that arose during the
> decision making process and implementation. If there are some people
> that want to toss in Novell eDirectory comments, those will be
> appreciated as well. Novell's eDirectory is a recent option we have
> been looking at but seems to be problematic in regards to WebSphere
> Portal/Commerce authentication and SSO.

CAREER-PRESERVING DISCLAIMER: I work for the IBM Linux Technology
Center.  Anything I say here does not necessarily reflect the opinion
or position of IBM.

You mentioned that you will be deploying this on Linux.  In that case,
one thing to consider is the company's commitment to Linux and its
experience and ability in supporting Linux environments.

On Mon, Feb 14, 2005 at 09:26:28PM -0700, Stuart Jansen wrote:
> Hopefully the rest of what I have to say isn't news:
> * All vendors are liars.

No we're not!  :-)

In all seriousness, I am not in sales (I am just a lowly security
engineer that actually builds this stuff), but I would be very
interested in hearing about where you all think a Linux-based solution
might fall short of meeting any of these sorts of requirements.  We
have a large and competent security team, and we are always looking
for ways to enhance the suitability of Linux for the enterprise
environment.  Authentication mechanisms are a hot area of development.
One major focus this year is TPM integration for key/credential
protection and management.  SELinux is another area of interest.  Any
other ideas on where we could enhance Linux authentication or
authorization mechanisms?

> * Three years from now, are you likely to decide to switch to a
> different vendor?

If you go with the wrong company, you may find that you have no choice
but to switch vendors a few years from now, but I digress.  ;-)

> * All vendors are liars.

No we're not!  :-)

                         Michael A. Halcrow                          
       Security Software Engineer, IBM Linux Technology Center       
GnuPG Fingerprint: 05B5 08A8 713A 64C1 D35D  2371 2D3C FDDA 3EB6 601D

Friends don't let friends do Windows. 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : 

More information about the PLUG mailing list