Novell ® Storage Manager Leveraging Novell Storage Manager and Identity Manager for Provisioning and Compliance of Network Storage David Condrey Engineering Manager

© Novell Inc. All rights reserved 2 Agenda Introductions Role-based Provisioning and Compliance Novell ® Storage Manager Overview IDM Entitlements and Storage Integration Role-based Provisioning Workflow Entitlements

Introductions

© Novell Inc. All rights reserved 4 Introductions David Condrey – NSM Engineering Manager Kamal Narayan – NSM Product Manager Dave Arnold – NSM Senior Engineer Behzad Anaraki – IDM Consultant

Role-based Provisioning and Compliance

© Novell Inc. All rights reserved 6 Relationship Begins Role-based Provisioning & Compliance Provisioning Move Locations Change Roles Forgot Password Password Expires Promotion Password Management Relationship Ends De-provisioning Workflow Entitlement Access Resources Access Management Single Sign-on Network Storage Role-based Provisioning Approval

© Novell Inc. All rights reserved 7 Monitor, Respond and Report Security Policies & Procedures Security & Access Management Roles and Access Lifecycle Management Security Event & Compliance Monitoring Monitor, Remediate, Report on all security events Identity & Policy Management User Account Provisioning Password Management Role-based Administration Workflow & Approval Systems & Resource Management Inventory & Patch Management Configure and Inventory Event Management & Correlation Unified Identity & Security Management Foundation Storage Management Identity, workflow and policy- driven storage management Comprehensive Solution That Lets You Expand As Needed

Novell Storage Manager Overview

© Novell Inc. All rights reserved 9 Netware & OES Linux Windows Storage Novell Clustering Services Novell Storage Services iSCSI Support Storage Area Networks Personal Storage Management Group Storage Management Trustee & Rights Analysis Identity Driven Data Migrations Data Manager Workflow Analysis & Storage Trends Cross-platform Support Role Identity-driven Storage Mgt AD Storage Novell eDirectory Microsoft Active Directory Event Policy Provisioning / De-Provisioning Role Based Management Novell Storage Manager Event-driven Storage Management

© Novell Inc. All rights reserved 10 The Common Thread: Identity HIPAA Sarbanes- Oxley Privacy Act Audit Requirements NCLB / AYP Fast employee ramp-up Do more with less Team Collaboration Eliminate redundant administration tasks Reduce helpdesk burden Trend Analysis Reduce Complexity Consistent storage policies De-provision access to critical data File Rights Analysis Intellectual Property Identity-driven Storage Management Regulatory Compliance Productivity Cost Reduction Data Security

© Novell Inc. All rights reserved 11 Manage Storage Based on Policy …and be done with it. Put your policies in the directory... … point your directory at your disk…

© Novell Inc. All rights reserved 12 Novell Storage Manager Policy Architecture Policy Associations Personal Storage Management Rules Collaborative Storage Management Rules

© Novell Inc. All rights reserved 13 Event-driven Storage Management Across Novell Server Platforms eDirectory Engineering Marketing Novell Storage Manager Identity OES Linux Netware Events Create Rename Move Add Owner Add Member Delete

© Novell Inc. All rights reserved 14 London Sales Atlanta HR Event-driven Storage Management for Windows Server Platforms Windows 2003 Windows 2000 Identity Novell Storage Manager Active Directory Events Create Rename Move Add Member Delete

© Novell Inc. All rights reserved 15 Provision Role- Based Data Manage Renames Provision Storage Create User Transfer Delete User Set Rights Set Attributes Rights Analysis Manage Quota Queue to Manager Vault Reassign Delete Storage Lifecycle Storage Management Based on Identity and Policy Vault Storage Storage Reports, Data Scrubbing Inactive User Policy

Novell Storage Manager ™ 2.1

© Novell Inc. All rights reserved 17 Novell Storage Manager ™ 2.1 OES Linux Deliverables and Requirements Enterprise Storage Reporting Auxiliary Storage Management Collaborative Storage Enhancements User Interface Restructuring Novell ® Identity Manager Integration For more details on all features, please visit the Novell Storage Manager table in the solutions lab

© Novell Inc. All rights reserved NSM for eDirectory Server Deliverables Event Monitor Agent (formerly NSM Sentinel) Snapshot Reporting Agent Snapshot Reporting Server Engine

© Novell Inc. All rights reserved 19 Component Interaction Event Monitors Engine Agents Reporting Server Reporting Agents Data Volumes

© Novell Inc. All rights reserved 20 Event Monitoring SLES 10 SP1 or later OES 2 or later NW 6.5 / OES-NW SP6 or later eDirectory or later eDirectory 8.8 SP2 or later

© Novell Inc. All rights reserved 21 Agent OES 2 (with Patch) NW 6.5 / OES-NW SP6 or later NW – NSS / Traditional OES NW – NSS / Traditional OES 2 – NSS OES 2 – EXT3 OES 2 - Reiser

© Novell Inc. All rights reserved 22 Snapshot Reporting Agent SLES 10 SP1 OES 2 NW / OES-NW SP6 or later SLES 10 SP1 – Native EXT3 SLES 10 SP1 – Native Reiser OES 2 – NSS OES 2 – NCP/EXT3 OES 2 – NCP/Reiser NW – NSS / Traditional OES NW – NSS / Traditional

© Novell Inc. All rights reserved 23 Snapshot Reporting Server SLES 10 SP1 OES 2 Windows Server 2003 Windows Server 2003 SR2

© Novell Inc. All rights reserved 24 Engine NW / OES-NW SP7 OES 2 – NSS OES 2 – NCP/EXT3 OES 2 – NCP/Reiser NW – NSS / Traditional OES NW – NSS / Traditional

Novell ® Identity Manager Integration

© Novell Inc. All rights reserved 26 Classic IDM / NSM Integration Event Monitor EngineAgentData Volume Identity Manager Driver Policy User/Group/Container Events

© Novell Inc. All rights reserved 27 Policy Contains rules and scopes for a predefined set of actions. Sets of actions are defined per event type (create user, move user, add group member, etc). Set of actions occurs in a defined order. NSM process queue assures completion of each action in good times and bad.

© Novell Inc. All rights reserved 28 Maybe Policy is Not Enough Want to control the actions and the order in which they occur (roll your own). Taking action outside of the Policy construct. Work with events and objects that are not connected to Policies. Insert approval processes through workflow. Drive atomic file system actions through the IDM Driver paradigm. Do things we have not thought of. NSM needs a command/control interface for developers.

© Novell Inc. All rights reserved 29 Choosing a Command/Control Interface Considered – SOAP or Web Services – Local System API – RPC-Based API – others Most IDM developers know how to work with Directory Services. So, let’s use eDirectory as the Interface. Action Objects

© Novell Inc. All rights reserved 30 Novell Storage Manager NSM Action Object Novell Identity Manager Workflow Event Layer Directory RBP Action Object Architecture Diagram

© Novell Inc. All rights reserved 31 Action Object Command and Control

© Novell Inc. All rights reserved 32 IDM Entitlements & Storage Integration Role Based Storage Manager IDM Workflow Based Role-based Provisioning (RBP) Identity Manager Entitlement HR System Workflow Entitlement NSM Action Object

© Novell Inc. All rights reserved 33 Role-based Provisioning Role Based Storage Manager IDM Workflow Based Role-based Provisioning (RBP) Identity Manager Entitlement HR System Workflow Entitlement NSM Action Object

© Novell Inc. All rights reserved 34 Role-based Provisioning Role Based Storage Manager IDM Workflow Based Role-based Provisioning (RBP) Identity Manager Entitlement HR System Sales Role Workflow Entitlement NSM Action Object

© Novell Inc. All rights reserved 35 Role-based Provisioning Role Based Storage Manager IDM Workflow Based Identity Manager Entitlement HR System Sales Role Sales Department Workflow Entitlement NSM Action Object Role-based Provisioning (RBP)

© Novell Inc. All rights reserved 36 Role-based Provisioning Role Based Storage Manager IDM Workflow Based Identity Manager Entitlement HR System Sales Department Sales Role Workflow Entitlement NSM Action Object Sales Share Role-based Provisioning (RBP)

© Novell Inc. All rights reserved 37 Workflow Entitlements Role Based Storage Manager IDM Workflow Based Identity Manager Entitlement HR System Sales Department Sales Role Workflow Entitlement NSM Action Object Sales Share Role-based Provisioning (RBP)

© Novell Inc. All rights reserved 38 Workflow Entitlements Role Based Storage Manager IDM Workflow Based Workflow Entitlement Identity Manager Entitlement HR System Sales Role Sales Department Register New Client NSM Action Object Sales Share Role-based Provisioning (RBP)

© Novell Inc. All rights reserved 39 Workflow Entitlements Role Based Storage Manager IDM Workflow Based Workflow Entitlement Identity Manager Entitlement HR System Sales Role Sales Department Approval NSM Action Object Sales Share Role-based Provisioning (RBP) Register New Client

© Novell Inc. All rights reserved 40 Workflow Entitlements Role Based Storage Manager IDM Workflow Based Identity Manager Entitlement HR System Sales Role Sales Department Workflow Entitlement Approval NSM Action Object Sales Share Role-based Provisioning (RBP) Register New Client

© Novell Inc. All rights reserved 41 Workflow Entitlements Role Based Storage Manager IDM Workflow Based Identity Manager Entitlement HR System Sales Role Sales Department Workflow Entitlement Approval NSM Action Object Sales Share Role-based Provisioning (RBP) Register New Client Provision ABC Inc folder Assign RW access and Flag RI DI Copy Legal Template

© Novell Inc. All rights reserved 42 Workflow Entitlements Role Based Storage Manager IDM Workflow Based Identity Manager Entitlement HR System Sales Role Sales Department Workflow Entitlement Approval NSM Action Object Sales Share Role-based Provisioning (RBP) Register New Client Provision ABC Inc folder Assign RW access and Flag RI DI Copy Legal Template

© Novell Inc. All rights reserved 43 Workflow Entitlements Role Based Storage Manager IDM Workflow Based Identity Manager Entitlement HR System NSM Action Object Sales Role Sales Department Workflow Entitlement Approval Sales Share Role-based Provisioning (RBP) Provision new client folder, assign RW access, flag RI DI, and copy Legal Template files ABC Inc Register New Client Provision ABC Inc folder Assign RW access and Flag RI DI Copy Legal Template

© Novell Inc. All rights reserved 44 Workflow Entitlements Role Based Storage Manager IDM Workflow Based Identity Manager Entitlement HR System Sales Role Sales Department Workflow Entitlement Approval Completion Status NSM Action Object Sales Share Role-based Provisioning (RBP) ABC Inc Provision new client folder, assign RW access, flag RI DI, and copy SOP files Register New Client Provision ABC Inc folder Assign RW access and Flag RI DI Copy Legal Template

© Novell Inc. All rights reserved 45 Workflow Entitlements Role Based Storage Manager IDM Workflow Based Identity Manager Entitlement HR System Sales Share Sales Role Sales Department Workflow Entitlement Approval Notification to User Completion Status NSM Action Object Role-based Provisioning (RBP) Register Client Request ABC Inc Provision ABC Inc folder Assign RW access and Flag RI DI Copy Legal Template Provision new client folder, assign RW access, flag RI DI, and copy SOP files

© Novell Inc. All rights reserved 46 Role Based Storage Manager IDM Workflow Based Identity Manager Entitlement HR System Sales Share Sales Role Sales Department Workflow Entitlement Approval NSM Action Object Role-based Provisioning (RBP) Disable Client Request ABC Inc Inactivate Client Data Storage Vault

© Novell Inc. All rights reserved 47 Role Based Storage Manager IDM Workflow Based Identity Manager Entitlement HR System Sales Share Sales Role Sales Department Workflow Entitlement Approval NSM Action Object Role-based Provisioning (RBP) Disable Client Request ABC Inc Inactivate Client Data Storage Vault

© Novell Inc. All rights reserved 48 Role Based Storage Manager IDM Workflow Based Identity Manager Entitlement HR System Sales Share Sales Role Sales Department Workflow Entitlement Approval NSM Action Object Role-based Provisioning (RBP) Move client folder to vault ABC Inc Disable Client Request Inactivate Client Data Storage Vault

© Novell Inc. All rights reserved 49 Inactivate Client Data Role Based Storage Manager IDM Workflow Based Identity Manager Entitlement HR System Sales Share Sales Role Sales Department Workflow Entitlement Approval NSM Action Object Role-based Provisioning (RBP) Move client folder to vault ABC Inc Disable Client Request Storage Vault

© Novell Inc. All rights reserved 50 Role Based Storage Manager IDM Workflow Based Identity Manager Entitlement HR System Sales Share Sales Role Sales Department Workflow Entitlement Approval NSM Action Object Role-based Provisioning (RBP) Move client folder to vault Disable Client Request Inactivate Client Data ABC Inc Storage Vault

© Novell Inc. All rights reserved 51 Role Based Storage Manager IDM Workflow Based Identity Manager Entitlement HR System Sales Share Sales Role Sales Department Workflow Entitlement Approval NSM Action Object Role-based Provisioning (RBP) ABC Inc Move client folder to vault Inactivate Client Data Storage Vault

© Novell Inc. All rights reserved 52 Role Based Storage Manager IDM Workflow Based Identity Manager Entitlement HR System Sales Share Sales Role Sales Department Workflow Entitlement Approval Notification to User Completion Status NSM Action Object Role-based Provisioning (RBP) Move client folder to vault Inactivate Client Data ABC Inc Storage Vault

Live Demonstration

© Novell Inc. All rights reserved 54 NSM Action Object

© Novell Inc. All rights reserved 55

© Novell Inc. All rights reserved 56 Action Object Driver Set

© Novell Inc. All rights reserved 57 Provision Client Folder Request

© Novell Inc. All rights reserved 58 Provision Client Folder Request

© Novell Inc. All rights reserved 59 Client Registration Approval

© Novell Inc. All rights reserved 60 Client Registration Approval

Q & A

Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.

© Novell Inc. All rights reserved 64 Color Palette RGB RED RGB ORANGE RGB GREEN RGB BLUE RGB RGB RGB DK GRAY Note: The gray dotted-line box represents the margins or “working area” into which all text and most graphics and diagrams should conform. How to Add Novell Colors to Your OpenOffice Color Palette: 1. Go to the “Tools” menu 2. Select “Options” 3. Expand “OpenOffice.org” 4. Select “Colors” 5. Delete existing colors (one-by-one) 6. Add Novell Colors by giving them a name and entering RGB values 7. Click “OK” RGB TEAL RGB YELLOW MD GRAYLT GRAY

© Novell Inc. All rights reserved 65 Graphics & Typeface RED ORANGE GREEN BLUE GRAY Icons/Lines: This presentation refresh simplifies the current template and pushes focus on the content being presented. The icon library will continue to be utilized, but a refresh will be noticeable with the addition of the “Bubble” set of icons, and a subtle color shift. These icons are created to provide a professional, consistent look. When these icons are used sparingly, and in direct relation to the content on the slides, our presentations will communicate and work more effectively. Note: Typeface: Arial has been selected as the new typeface for all Novell communications. The following were considered. 1. Our typeface needs to be designed to carry information quickly to the reader. 2. It needs to be usable for Novell employees in company correspondence and presentations, as well as for outside vendors for marketing and promotion. 3. It needs to easily function on the Linux, Windows and Macintosh platforms. 4. And finally, Arial was created for these exact purposes. Download Icon Library at: How to Add Novell Icons to OpenOffice Gallery: 1. Go to the “Tools” menu 2. Select “Gallery” 3. In the Gallery window select “New Theme...” 4. With the “General” tab active name your new theme (ie.Red flat) 5. Select the “Files” tab. 6. Select “Find Files...” 7. Find the downloaded folder containing the icons named and click “Select” 8. Select “Add All” and then “OK” 9. Repeat for all icon groups RED ORANGE GREEN BLUE GRAY Bub ble Flat3-D

© Novell Inc. All rights reserved 66 Novell Storage Manager 2.1 Overview Identity-driven and Policy-based Storage Management – Second Level bullet (20pt) > Third level bullet (16pt) » Fourth level bullet (14pt)

© Novell Inc. All rights reserved 67 Novell Storage Manager NSM Action Object Novell Identity Manager Workflow Event Layer Directory RBE Architecture Diagram