Red Hat Identity Management and Infrastructure

Red Hat® Identity Management and Infrastructure

Red Hat provides a portfolio of standards-based identity management offerings to manage individual identities and their authentication, authorization, and privileges/permissions to increase the security of your system and help to ensure that the right people have access to the right information when they need it.

Original photo by torreyhardee

The Red Hat identity Management portfolio consists of three distinct solutions that use related technologies but are combined and optimized to solve different use cases. These three solutions, one feature set in Red Hat Enterprise Linux and two Red Hat Enterprise Linux add-on products, are described below:

Identity Management in Red Hat Enterprise Linux is a feature set specifically designed and integrated into Red Hat Enterprise Linux 6.2 and later to simplify identity management. This feature set is available free with your Red Hat Enterprise Linux subscription. It allows you to expand your use of Linux while at the same time reducing costs, administrative load, and rising compliance levels by implementing central authentication, identity look-up service, and fine-grained access control.

Red Hat® Directory Server is an LDAP-compliant server product that centralizes user identity and application information. It provides an operating-system independent, network-based registry for storing application settings, user profiles, group data, policies, and access-control information. It is very flexible and can support custom schema.

Red Hat® Certificate System provides a powerful security framework to manage user identities and ensure communication privacy. Handling the major functions of the identity life cycle, Red Hat Certificate System simplifies enterprise-wide deployment and adoption of a public key infrastructure (PKI).

Identity Management in Red Hat Enterprise Linux

Identity Management in Red Hat Enterprise Linux provides a centralized and clear way to manage identities for users, machines, and services within large Linux/Unix enterprise environments. Identity Management also provides a way to define access-control policies to govern those identities. In addition, in mixed Windows/Linux environments, Identity Management in Red Hat Enterprise Linux inter-operates with Microsoft Active Directory for easier identity management administration.

Because Identity Management is integrated with Red Hat Enterprise Linux, it is an easy and cost-effective way to introduce identity and policy management wherever you need it. It is a free feature set included with your Red Hat Enterprise Linux subscription.

Features include:

  • Integrated, native user, host, and service and authentication and access control
  • Consistent and manageable identity management
  • Standards-based, trusted technologies
  • Easy and clear ways to implement, maintain, and understand authentication and access-control policies
  • Flexible access-control rules based on sudo rules, host-based rules, and other criteria
  • Consistent and universal password policies for users
  • Integration with established Linux/Unix services like NFS, automount, NIS, NTP, Kerberos, and DNS into a single management domain
  • Up to 20 servers and replicas and an unlimited number of clients in a single domain

Red Hat Directory Server

Red Hat Directory Server is an LDAP-compliant server that centralizes application settings, user profiles, group data, policies, and access-control information in a network-based registry. Red Hat Directory Server simplifies user management by eliminating data redundancy and automating data maintenance. It also improves security, enabling administrators to store policies and access-control information in the directory for a single authentication source across enterprise or extranet applications.

Features include:

  • Centralized management of people and their profiles, thus reducing administrative costs
  • Central repository for user profiles and preferences, enabling personalization of applications and systems
  • Twenty-way, multi-master replication of data across the enterprise, providing a centralized, consistent data source available to enterprise applications
  • Single sign-on access
  • Scalability for massive numbers of users by containing the information control required for developing extranet applications

Red Hat Certificate System

Original photo by tom_bullock

The Red Hat Certificate System is an enterprise-class open source Certificate Authority (CA). It is a full-featured system that supports all aspects of certificate life-cycle management, including key archival, Online Certificate Status Protocol (OCSP), and smart-card management. A certificate has a long life cycle, beginning with the initial request and ending when it's revoked or expired. There are different operations for validating a request, issuing and revoking the certificate, and checking its status; it is also possible to use smart cards or to recover lost keys. Red Hat Certificate System combines these functions to centralize control for your public key infrastructure—validating requests, issuing certificates, storing keys, processing OCSP requests, and managing tokens.

Features include:

  • Certificate issuance, revocation, and retrieval
  • Certificate Revocation List (CRL) generation and publishing
  • Certificate profiles
  • Simple Certificate Enrollment Protocol (SCEP)
  • Local Registration Authority (LRA) for organizational authentication and policies
  • Encryption key archival and recovery
  • Smart-card life cycle management
  • Token profiles
  • Token enrollment, on-hold, key recovery, and format
  • Face-to-face enrollment with the security officer workstation interface

Top Solutions for Identity Management

Top Solutions for Red Hat Certificate System

Top Solutions for Red Hat Directory Server