Cloud Access Manager

Unified and secure access to overcome your most-pressing challenges

Cloud Access Manager (CAM) is a web-access management solution that offers secure and unified access to all your internal and cloud-based web applications while simultaneously enhancing security and IT efficiency. CAM enables:

  • Adaptive security
  • Scalable just-in-time cloud provisioning
  • Secure identity federation
  • Simplified access control and auditing
  • Single sign-on

Features

  • Centralized authentication, single sign-on (SSO) and attribute retrieval - Move away from dedicated application-centric directories, and the administrative burden they represent, by connecting multiple user directories and applications into a centralized authentication “hub.” Now a single login event (and password) can create a session spanning multiple web applications, hosted locally or by software-as-a-service (SaaS) vendors, as well as your own custom-built mobile applications through the OpenID Connect protocol. Applications can be integrated through a variety of technologies, including credential injection, HTTP headers and Security Assertion Markup Language (SAML) security tokens, as well as OAuth-compliant social login via Google, Microsoft Live ID, Facebook and Twitter. Using a robust, rules-based engine, Cloud Access Manager can deliver additional data about users to protected applications, for personalization or fine-grained access control.
  • Context-aware security -Explore the “who, what, when and where” for security events in your environment. The Dell Security Analytics Engine (SAE), included with CAM, gathers information from a number of sources to provide context upon which access decisions can be made and enforced, including
    • Browser used – Includes historical analysis of browser use that falls outside of normal user behavior
    • Geo-location pattern – Detects if an access activity originates from an abnormal location
    • Specific geo-location – Prevents access initiated from specific geographies know to foster malicious activity
    • Time – Detects access activities that occur outside of normal user patterns
    • Blacklist – Offers a list of “forbidden” networks or network addresses
    • Whitelist – Offers a list of “approved” networks or network addresses
  • Policy-based access control - Eliminate inconsistent, ad-hoc security and ensure that users can access only the applications they are authorized to use, based on IT-defined user roles. Roles and role membership can be assigned dynamically based on policies evaluated in real time, using existing identity data. Rules-based access control can be applied down to sub-regions of a web application, for enabling more granular authorization.
  • Identity federation - Enable access scenarios that span security boundaries (cloud-based applications, multi-forest collaboration, heterogeneous platforms, partner extranets, etc.) without the need for redundant user passwords. With federation support in both Identity Provider (IdP) and Service Provider (SP) roles, Cloud Access Manager easily facilitates user access to web applications, regardless of where the users and/or the apps are located.
  • Cloud access provisioning - Provision user accounts at the cloud application for federated SSO to Salesforce®, Google® Apps service or Microsoft® Office 365®. Cloud Access Manger centralizes access provisioning and SSO functions into a single tool, for greater IT efficiency. Just-in-time provisioning saves money by activating licenses only when access is actually used.
  • Application discovery and remote access - Simplify how users find all the applications they need to get work done with Cloud Access Manager’s Application Portal. Users find an easy-to-read, role-based collection of links to the applications to which they are entitled. Through the Cloud Access Manager proxy, users can access any application from any location via a web browser.
  • Access auditing - Leverage Cloud Access Manager’s role as a centralized authentication and access control solution for auditing and reporting on access events for compliance, repudiation and forensics purposes.
  • SSO in virtual environments - Integration with Dell Wyse vWorkspace provides access to hosted Windows and Linux virtual desktops and applications through the Cloud Access Manager Application Portal.

Specifications

PER HOST SERVER

Operating SystemMicrosoft Windows Server 2008 R2 (with latest updates applied) or above1
CPUMin. 2 multi-core processors
MemoryMin. 8 GB
Disk space (minimum)250 GB


DATABASE
Notes: Proof of Concept deployment option provides a built-in database; database server can be co-located with host machine

Database ServerMicrosoft SQL Server 2008 or above
CPUMin. 2 multi-core processors
MemoryMin. 4 GB
Disk space (guideline, assuming typical usage)200 MB + ~2K per user + ~2K per user per day (audit)
 

BROWSERS

Windows
  • Internet Explorer (version 8 and above)2, 5
  • Google Chrome (version 25 and above)3, 4
  • Mozilla Firefox (version 20.0 and above)2, 4
  • Safari (version 5.1 and above)4
Mac
  • Safari (version 5.1 and above)4
iOS
  • Safari (iOS6 and above)
  • Google Chrome (version 30 and above)
Android
  • Google Chrome (version 30 and above)
  • Mozilla Firefox (version 24 and above)
Blackberry
  • Standard browser (Blackberry 10 and above)
Windows Phone 7
  • Internet Explorer (Windows Phone 7.5 and above)

1Proxy host servers can run on a Windows Server Core configuration
2Supported for integrated Windows authentication
3Google Chrome version 34.0.1847.131m or above supported for integrated Windows authentication
4Supported for administrator users
5Internet Explorer version 9 and above supported for administrator users

Screenshots

loading

Cloud Access Manager

Take a Screenshot Tour

Application Portal

Application Portal

Manage access to all your Web applications from a single portal.

Application Catalog

Application Catalog

Provide users a catalog of apps for which single sign-on can be enabled.

Social login

Social login

Log in to managed applications using existing social media authentication.

Password Wallet

Password Wallet

Securely store app credentials in a personal password wallet.

SaaS support

SaaS support

Enable single sign-on and granular access control for any SaaS application.

Form-fill single sign-on

Form-fill single sign-on

Provides the ideal single sign-on option for web-based apps.

Adaptive security

Adaptive security

Use adaptive security for your evolving needs based on contextual factors.

Security Analytics Engine

Security Analytics Engine

Provides context for access decision enforcement.