PKI Blog

Best Practices: Optimizing FIM Performance

Posted by CSS Technical Team on Feb 25, 2015 9:58:00 AM

The goal of this article is to provide a checklist for validating Microsoft's Forefront Identity Manager's (FIM) configuration for optimal performance. As there are many different technologies involved in a FIM deployment, I thought it would be helpful to compile a list of articles that would be useful for planning or troubleshooting performance related issues.

This post provides a significant number of things to consider in planning and/or performance optimization of a FIM solution. As with any guidance of this nature, the guidance provided in this article may not apply to all situations and should be earnestly evaluated for applicability against the current design. This document is not specifically arranged in any order or priority, but is intended to form a comprehensive listing of items that may be decreasing performance.

Read More

Topics: Identity Federation, FIM, Identity and Access Management, Forefront Identity Manager (FIM), Identity Management, Microsoft Identity Manager, digital identity, MIM

Workplace Join, AD FS 3.0 or OAuth 2.0: Which is Right for You?

Posted by CSS Technical Team on Jun 18, 2014 6:27:00 AM

At first, this question might initially seem like an apples vs. oranges situation. We’ll find out that in some cases it’s not, and that making the best strategic choice for your needs depends on a number of factors.

Read More

Topics: Workplace Join, IT Security, IAM, Microsoft Security Partner, Azure ACS, Microsoft Azure, AD FS 3.0, Identity and Access Management, SAML 2.0, SAML 2.0 via AD FS 3.0, Identity Management, OAuth 2.0, Blog, SaaS, Azure, OAuth, Mobile, BYOD, Windows Azure

Is My MDM Deployment Vulnerable?

Posted by Ted Shorter on Jul 7, 2012 5:55:35 AM

If you’re reading this, there’s a good chance you’ve already seen the reports about the security ramifications of issuing certificates to mobile devices using the Simple Certificate Enrollment Protocol (more information on our site here). We’ve received many inquiries about how to determine whether a given system is at risk, and if so, what levels of exposure may be involved. Complicating the issue is the sheer number of Mobile Device Management (MDM) products that exist, and the wide variety of configuration options within them. Because of all this variability, simply asking, “Is {Product X} affected?” can lead to over-simplified answers that might still leave you exposed to risk.

Assessing the risk of a given MDM deployment can be a bit nuanced, as there are a number of factors that come into play. The primary criteria to examine when making an assessment are:

Read More

Topics: digital certificate, Mobile Device Management, bring your own device, Provisioning, Public Key Infrastructure, Certificate Management System (CMS), mCMS, MDM, SCEP, Identity and Access Management, iOS, US-CERT, Blog, Simple Certificate Enrollment Protocol, Active Directory, BYOD

A Case for Formal Identity Capability Management

Posted by Identity and Access Management Group on Jun 19, 2012 4:38:04 AM

During the typical sales cycle, a key success factor is getting the end customer to accept the "pain points" or challenges that exist in his or her organization at that point in time. Hopefully the flip side of these challenges are the essence of the capabilities of the solution that you're trying to sell. What if the pain points are evident, but the customer is not there yet? Worse yet, what if the customer doesn't understand the root cause of the problem? Instead they are constantly reacting to fires or to requirements from powerful users instead of addressing the real problem!

Read More

Topics: IT Security, Microsoft Security Partner, Management, Identity and Access Management, IdM capability, Identity Management, IT onboarding, Blog, IdM

Posts by Topic

see all

Want to Learn more about CSS?