
			Home \| Contact Us

Home
Products
Virtual Identity Server - .NET LDAP Virtual Directory Virtual Identity Server - LDAP Proxy Firewall Virtual Identity Server for SharePoint (2007 & 2010) Optimal People Picker Virtual Identity Server for Enterprise Group Management Virtual Identity Server for Forefront Identity Manager Virtual Identity Server for Automated Compliance Management Virtual Identity Server Reports for Active Directory Virtual Identity Server Federation Services Virtual Identity Server for Office 365
Solutions
LDAP Migrations (e.g. from Sun LDAP Directory to AD) Eliminate AD schema changes Authenticate users from multiple directories without synchronizing data Multi-Forest SharePoint Common Access Card (CAC) Authentication to SharePoint Authenticating ADFS to other directories/databases (e.g. Sun, eDirectory or SQL) Extending ADFS with two factor authentication such as CAC Extending Office 365 with multi-platform/forest, DoS, 2Factor Authentication and more
Services
Identity Management Packages Microsoft Identity Management Consulting Optimal IdM Consulting Optimal IdM Training Technical Support
Customers
Customers
Partners
Partners Partnership Overview Become a Partner
About Us
About Us Company Mission Careers Management Team Contact Us
News/Events
News Events Industry News Optimal IdM User Conference User Conference Registration

Home >> Products >> VIS >> VIS for SharePoint >> Features VIS for SharePoint 2007 or VIS for SharePoint 2010

Virtual Identity Server for SharePoint

(VIS for SharePoint) - Providing a Secure, Manageable Multi-forest SharePoint Solution

Features

VIS extends the power of SharePoint

Solution Details

Extensible Single Sign On (SSO) Authentication Framework
Seamless Cross-Forest Windows Authentication Module without trusts
Single Point of Administration
SharePoint Governance
Enhanced Authorization & Content Management
Dynamic Role Based Access Control
Comprehensive Audit, Compliance & Reporting
Common Deployment Scenarios

Extensible Authentication Framework

The Virtual Identity Server for SharePoint, provides an extensible authentication framework that dramatically expands the authentication options for a SharePoint deployment. Out of the box, SharePoint provides either Forms Based Authentication (FBA), or authentication to a single Active Directory forest. VIS for SharePoint, expands the authentication options to include:

Integrated Windows (NTLM/Kerberos): Can span multiple forests without the need for forest trusts.
Two Factor Authentication: Such as: SecurID, Smart Card, USB Token
Forms Based Authentication (FBA): Can span multiple forests and multiple platforms, such as: Active Directory(AD), Active Directory Application Mode (ADAM), Active Directory Lightweight Directory Services (AD LDS), LDAP (Sun/IBM/e-Directory), AS/400, Mainframe.
Federation: Federation with standard SAML or Active Directory Federation Services (ADFS) both internally as well with external partners.
"Geneva": Support for Microsoft's "Geneva" framework via a STS that allows authentication to be multi-forest and multi-platform.
CAC Authentication: Supports Department of Defense (DoD) Common Access Card (CAC) authentiation.
IdM Solutions: Single Sign-On (SSO) with Identity Management solutions such as Sun Identity Manager,IBM Tivoli Identity Manager, Oracle Identity Management Suite (OIM/OAM), CA SiteMinder.
Custom: Ability to extend the product to provide authentication to any system using standard Microsoft .NET programming languages.

Click picture to see larger image

The Virtual Identity Server for SharePoint enhances and extends Microsoft SharePoint to provide all of these authentication options across multiple disparate systems and multiple Active Directory forests without requiring trusts.

Additionally, VIS for SharePoint, installs in a matter of minutes and can be seamless deployed to both new and existing installations of SharePoint.

^ back to top

Seamless Cross-Forest Windows Authentication Module without trusts

The Virtual Identity Server (VIS) allows organizations to rapidly and easily to deploy SharePoint across multiple forests without the need for forest trusts with full Office integration.

Many companies have multiple internal Active Directory forests that do not have any forest trust relationships. There are many valid reasons for separating and isolating these forests. However, this often conflicts with the business need to share and collaborate data across these forests.

The Virtual Identity Server makes this once difficult task, easy to achieve. VIS bridges the gap of these siloed directories. This provides a single enterprise view of these isolated directories, while maintaining the security and control of the existing Active Directory infrastructure.

Click picture to see larger image

VIS for SharePoint includes an advanced cross-forest Windows authentication module. This module leverages a user’s existing Active Directory credentials, providing a seamless multi-forest Single Sign-On solution without requiring forest trusts. User’s who are logged into an Active Directory domain are automatically authenticated to SharePoint when accessing the site.

Users who have not authenticated to an Active Directory domain are prompted for a user id and password. This enables organizations to quickly and easily deploy one instance of SharePoint to external and internal users without creating a forest trust or requiring internal users to re-authenticate and full Office integration.

^ back to top

Enhanced Authorization & Content Management using Virtual Static and Dynamic Groups

SharePoint utilizes Active Directory groups to manage authorization and permissions within SharePoint. Utilizing Virtual Static Groups, businesses have a more flexible and powerful way to manage content permissions. Group membership can span multiple forests without the need for forest trusts.

In addition, SharePoint specific groups no longer need to reside in AD forests. Instead, these groups can be centralized within the SharePoint deployment; reducing complexity and cost. Unlike SharePoint site groups, Virtual Static Static Groups can span multiple SharePoint sites allowing for more control and flexibility in the deployment.

^ back to top

Single Point of Administration

The Virtual Identity Server for SharePoint, provides a single point of administration for multiple SharePoint sites. Using VIS, one SharePoint server can span hundreds of Active Directory forests quickly and easily. AD and SharePoint administrators now have an easy to use solution for managing users, groups and access from within SharePoint. VIS for SharePoint seamlessly integrates with and extends the capabilities of SharePoint and Active Directory.

^ back to top

SharePoint Governance

Governance at the root is the connection between IT and the business. SharePoint more so than other business applications brings these issues front and center. IT wants to mitigate risks, while the business wants to generate business value and collaborate. Achieving these goals together can be a challenge without a framework and proper process or checks and balances.

The Virtual Identity Server for SharePoint provides this framework, by enabling the business to work with not against the IT initiatives. With Dynamic Role Based Access Control, the security within SharePoint is now defined once and changes automatically over time, significantly reducing administration, increasing security and lowering the total cost of ownership (TCO). Static Groups at the virtual directory layer can span multiple SharePoint sites allowing for more control and flexibility in the deployment.

^ back to top

Dynamic Role Based Access Control

VIS for SharePoint also simplifies the security within SharePoint by providing administrators a dynamic role-based access control security model for SharePoint. Administrators are no longer required to manage security and group membership on an on-going basis. Instead, SharePoint administrators define dynamic groups based on business rules for who should be included in a dynamic group only once.

The Virtual Identity Server for SharePoint dynamically computes the group membership on-the-fly and in real-time. As the data changes on the user, so does the group membership. The security within SharePoint is now defined once and changes automatically, significantly reducing administration, increasing security and lowering the total cost of ownership (TCO).

^ back to top

Comprehensive Audit, Compliance & Reporting

VIS extends the SharePoint deployment further by providing comprehensive auditing and reporting capabilities. VIS tracks and logs all LDAP activity to a Microsoft SQL Server database.

VIS provides valuable auditing information that can be easily reported on using the Virtual Identity Server Reports, a web based reporting and compliance solution that is optionally available with VIS. Virtual Identity Server Reports allows reports to be run interactively using a .NET web application or can be scheduled for email distribution in popular formats such as PDF, Word and Excel.

^ back to top

Common Deployment Scenarios

The VIS/SharePoint integration is extremely flexible and can accommodate a wide variety of deployment scenarios. Customer requirements vary but often share a common architecture goal such as the ability to:

Deploy SharePoint across multiple internal Active Directory forests
Deploy an external (DMZ based) SharePoint to both external and internal users
Integrate an external DMZ SharePoint server with an internal SharePoint server where documents are synchronized between two deployments.

^ back to top

DataSheet

Download VIS & SharePoint Integration Datasheet Download VIS & SharePoint Datasheet (pdf)

VIS for SharePoint

Additional Resources

VIS for SharePoint Datasheet (pdf)

Certified Windows Server 2003 & 2008