Content area
Full Text
A growing number of companies are setting up Web portals to let employees and trading partners access critical business information and services, even though securing such systems presents a daunting challenge.
Many Web portal software vendors, including Plumtree Software and Epicentric, acknowledge they don't have sophisticated single sign-on (SSO) access-control capabilities. To provide better authentication and access-man- agement controls, they have to work closely with SSO vendors such as Netegrity.
For network executives, this can mean sorting through dozens of possible mix-and-match combinations to set up a portal with security.
"If you are trying to assemble your own best-of-breed architecture and pull products and suppliers together,you are assuming any risk of bumping into product incompatibilities,"says Phil Schaecter, an ana- lyst with The Burton Group.
Security access management "is not our specialty," Plumtree's marketing manager Nills Gillman says as he describes how the Plumtree Corporate Portal software shares HTTP-based "security tokens" with SSO server software from Netegrity, Entrust, Oblix, IBM and RSA Security.
Typically, the Web SSO software performs the authentication and access-rights management function before a user is allowed through the portal.
For its part, Epicentric leverages Netegrity's SiteMinder and RSAs ClearTrust by linking them into the "credentials vault" in its portal product, Foundation Server 4.0.
The alternative for users is to purchase security and portal components from one vendor, whose portals often have tighter coupling to security. Computer Associates, IBM, Novell and Oracle offer Web portal and security-access controls, and they promote the appeal of this single-source capability.
"We have it all," says Barry Keyes, market- ing vice president at Computer Associates, a contender in the portal competition with its Jasmine software. "You don't have to worry about the integration."
The market leader of Web single sign-on products, Netegrity thinks that argument has merit....