Monday, October 20, 2008

Oracle Adaptive Access Manager (10gR3)

Oracle Adaptive Access Manager provides real time and offline context aware risk assessment, multi-factor authentication and authentication process hardening for enterprise and consumer web applications. Adaptive Access Manager makes it safer for all types of businesses to expose sensitive data, transactions and business processes to consumers, remote employees and partners.

I'm pleased to announce the release of OAAM 10gR3. This release contains a lot of exciting new enhancements that the market has been asking for. Increased effectiveness, ease of use, and adaptability were the main themes of this release. The major areas of enhancement are globalization, behavior profiling, investigation tools, dashboard, reporting, proxy support, configurable actions and the administration interfaces.

1. OAAM 10gR3 has been localized for the standard set of languages supported by Oracle products. Specifically, Adaptive Risk Manager supports the nine standard administration languages and Adaptive Strong Authenticator supports the twenty-six standard runtime languages.
2. Behavior profiling uses administrator defined patterns to profile the behavior/activity of entities such as users, devices, IPs, shipping addresses, credit cards, email addresses, etc. The rules engine uses the profile data to evaluate the risk level of a situation based on comparisons of "normal" activity for the individual entity and all entities of the same type.
3. The new agent cases make forensic investigations quicker, easier and more successful. Events can be configured to create a case automatically. An investigator can quickly view the data involved in an incident and quickly locate related situations by easily harnessing the complex data relationships captured by OAAM.
4. The dashboard has expanded performance statistics and summary data as well as enhanced trend graphing capabilities.
5. A limited license of Business Intelligence Publisher is now included with OAAM so reporting can be fully customized to meet customer requirements. A collection of out of the box templates are provided that can be used as is or altered.
6. An Apache version of the "Universal Installation Option" reverse proxy is now supported to provide an alternative to the MS ISA proxy.
7. New configurable actions allow for customizations and integrations previously not possible. Custom code can be called directly by the ARM rules engine. This capability opens the door to almost unlimited possibilities.
8. The enhanced administration interfaces allow access to functionality previously available only to developers programmatically. The rule template editor allows a non-developer to create, edit and delete rule templates completely in the GUI. The transaction configuration screens allow the definition of a transaction and it's constituent data elements. As well various environment configurations are now exposed in the UI such as logging, properties and enumerations.

You can learn more about OAAM here

You can download OAAM here

No comments: