Top Reasons to Upgrade to IDM 11gR2 PS2

If being an early adopter of IDM 11gR2 PS3 is not part of your risk plan, and you prefer a more established version of the Oracle IDM stack, then you may want to upgrade to IDM 11gR2 PS2.

Following is a list of the benefits realized by our customers who have taken the same approach.

1.      OIM and OIA converged.  OIA is used to periodically review users’ access. For advanced features, it was once necessary to integrate OIM with OIA. Now, with 11gR2 PS2, the advanced access review capabilities of OIA are implemented into OIM.

2.      OIM shopping cart experience (The Catalog).  In 11gR1, users encountered a multi-step, and sometimes tedious and complex, wizard to submit requests. With 11gR2, a Catalog is available, which allows users to complete their request submission within two pages. This also provides the user a familiar “shopping cart” experience.

3.      OIM Scheduled Tasks performance and reliability significantly increased.  With 11gR2 and 11gR2 PS2, the reliability and performance of the scheduled tasks within OIM have increased significantly. Tasks are now completed in a more acceptable time frame.

4.      OIM Archival and Purge Utilities.  In 11gR1 and 11gR2 PS1, the data managed by OIM accumulates quickly, which causes slowing and degradation of the system. It was once necessary for the OIM administrator to intervene and manually run wizards via command line, as well as run scripts to clean up data to improve performance on the OIM system.  Included in 11gR2 PS2, the Archival and Purge utilities can be configured to run automatically and periodically. The OIM administrator is able to set a threshold and a number of parameters they deem necessary to run the utilities, and they will run automatically.

5.      OIM Configurations and Diagnostics made easier.  The only configurations completed within the OIM Design Console are adapter configurations and integrations for provisioning workflows.  Everything else, such as password policies, is now integrated nicely within the OIM Console.  OIM Diagnostic Dashboard is now moved from a standalone web application that runs on the server to within the Fusion Middleware EM console. You can now view the configuration and state of OIM within the EM console, as well as test basic functionality, such as LDAP connection or IT Resource testing.

6.      OIM Sand Box.  The Sand Box provides the ability to make changes and customizations on OIM pages without affecting live users. It is a temporary storage space where developers and administrators can try new changes before publishing to the live server.

7.      OPAM.  If you need a centralized product that manages access to passwords for privileged accounts, such as WebLogic, xelsysadm, root or sys, there is no need for concern about sharing administration accounts within an organization. OPAM will manage all administration accounts without the need for delegating them to employees or developers.  It also utilizes a check-in and check-out system, is able to completely audit and track down who is using what account at what time and for what, and is able to report the audit results.  Additionally, request, approval and certification workflow is possible in order to further enhance the security with privileged accounts.

8.      OIF Converged as a service into OAM.  It is no longer necessary to have a separate domain specifically for OIF, as it is packaged together within OAM as a service.  Additionally, configurations are removed from the EM Console previously in 11gR1 and are all converged into the OAM Console in 11gR2.  Performance and stability of the OIF-OAM integration is greatly improved. Architecture is also significantly reduced by removing an entire domain.

9.      OAM Enhancements.  Introduced into 11gR2 are many more logging capabilities. OAM Administrators are now able to see, at a granular level, where issues are occurring.  All of these are able to be reported to, for instance, a BI report.  Detached Credential Collector is now introduced in 11gR2. In 11gR1, the user would authenticate using an ECC, Embedded Credential Collector, meaning the users would authenticate directly to the OAM server. Using a DCC, the user authenticates to the DCC Webgate, and then the Webgate communicates to the OAM servers. This means the user is no longer communicating directly to the OAM servers. The DCC sits outside of the DMZ and can handle the user’s authentication request without them being able to maliciously communicate to the OAM server directly. This is one of the biggest enhancements over ECC.  Additionally, out-of-the-box password management is now possible with OAM alone. You may now force a password change on first login after reset, warn before password expires, force a password change on expiry, track failed login attempts and lock accounts after too many fails, automatically unlock accounts after a configurable period, all without needing OIM. You are also able to configure the password policy directly from within the OAM console.

10.   Oracle Mobile and Social.  There is now ability to consume identities from Facebook, Google, Yahoo, Twitter, and LinkedIn for signing into customer-facing and other low-risk applications, which means providing a user the option of eliminating the use or creation of an account within the backend infrastructure, such as OID or OUD.  One use case for Mobile and Social is the ability to run BI reports via a mobile device since the organization is now able to secure applications and data, regardless of which device is being used to access those applications.

11.   Oracle API Gateway.  Along with 11gR2, Oracle API Gateway is available, which provides the capability of securing and protecting either web services or even APIs themselves.

12.   Move one step closer to Digital Transformation.  By implementing the Oracle 11gR2 stack, you can move your organization one step closer to the adoption of a Digital Transformation, such as being social media-aware and Cloud integration-prepared.

IDM 11gR2 PS2 may be the best upgrade option for your organization.  Using the benefits listed here, as well as a thorough analysis of the needs and risk assessment of your firm, you should be able to clearly determine which is the best option for efficiency of processes within your firm.