A few months back we saw that Sailpoint released their 6.0 and then 6.1 versions of IdentityIQ. Still in many of the ongoing implementations around the world many organizations are still using IdentityIQ 5.5 version.
Talking about connectors, what’s that we have been missing in version 5.5 and what’s new that we have got in 6.0 and above?
Let us discuss here what are the major changes that have come in version 6.0 in terms of IdentityIQ’s connectivity with the Target Applications.
For performing almost all of its intended functions IdentityIQ requires collection of data from various applications and then pushing data back on these applications to perform closed loop remediation. This is done through application connectors (OOB or custom developed) and integration configurations.
So here we broadly classify connectors into 2 categories:
- READ –ONLY: Connectors which can only read data from target applications (fetch\bring data in IdentityIQ). Sometimes also called Governance Connectors.
- READ-WRITE: Connectors which can read as well as write data on target applications (fetchbring data in IdentityIQ and push data on target apps). The Read-Write connectors can again be divided into 3 more categories depending upon the technique they use for provisioning of data on target applications.
With IdentityIQ version 6.0 and above, Sailpoint has phased out almost its entire Gateway and Agent type connectors and has expanded capabilities of its READ-WRITE connectors.
- READ-ONLY/Governance Connectors: Such Connectors just establish a read only connection with the target application and fetch data into IdentityIQ.
- Gateway Connectors: Gateway Connectors utilize multi component architecture to communicate with the target application. Connector gateway sits in between the IdentityIQ instance and the Connector Manager to intercept the request. Earlier connector gateway was to be installed as a separate component but these days it has been ingested into connector manager and no separate installation is required.
Agent connectors: Agent connectors are used to connect to situations where the target systems are centralized mainframe security systems; Similar to the Gateway connectors, Agents communicate with IdentityIQ through the Connector Gateway. Agents serve the purpose of Connector Managers as well.
FeaturesString : One important feature of Connectors is the featuresString.Its value on each connector indicates the functionality that connector is capable of providing; when PROVISIONING is specified in the featuresString, the connector is a write-capable connector.
IdentityIQ Version 6.1 comes up with new OOB connectors for
Tivoli Access Manger