In the first part of this blog series, we discussed what makes traditional identity security systems like CA Single Sign-On® (formerly SiteMinder) and Oracle Access Manager, inadequate for supporting and protecting today's business models and top digital initiatives. We also compared traditional IAM to Identity Defined Security solutions. Today, we'll describe the migration process from a traditional WAM system to a modern access solution--it's easier and less disruptive than you think.
If you're saddled to a traditional WAM product, you're likely wrestling with your infrastructure through upgrades, add-ons and support issues. Even if you're operating a stable environment today, it's a safe bet that your existing infrastructure either won't be able to support new business models, or it'll require yet another round of expensive upgrades and support difficulties. This significantly impacts your revenue and worker productivity, which is why we see so many enterprises choosing to migrate to a modern access management solution.
Sure, the natural instinct may be to shudder at the thought of a migration. But we've mapped out a straightforward path of four migration steps that'll help you minimize disruption while immediately allowing you to take advantage of new IT business models.
One of the keys to a smooth migration lies in a critical migration capability of Ping Identity solutions. We architected our Federated Access Management solution to co-exist side-by-side with existing legacy WAM deployments, such as CA Single Sign-On and Oracle Access Manager. Through the advanced integration capabilities of the PingFederate server, legacy WAM authentication events and web sessions can be shared across both new and old access management deployments. As a result, your end users won't even be aware of the system changes occurring during a migration.
The four migration steps for successfully moving away from legacy WAM to a modern access management solution are:
The migration starts with planning. It's critical to survey your current infrastructure to understand how your users are authenticated, how access is managed, what policies are in place and what your WAM architecture should look like when the migration is complete. Note: our next blog post in this series will discuss the critical decisions that must be considered during the planning step.
After a solid plan has been developed, the initial installation and integration of the Federated Access Management solution is performed. The integration with your legacy WAM is critical to ensure the end user maintains a consistent experience. This is also a good time to test your migration plan with a small number of low-risk applications.
Once the initial deployment is complete and the first set of applications have been successfully migrated, it's time to ramp up your migration, typically migrating applications from the simplest to the most complex.
Lastly, after the applications have been migrated, it's time to finalize the migration. When all applications have been successfully migrated, the integrations between your legacy WAM solution and Ping can be removed. Now you're ready to say goodbye to your legacy WAM technology for good. Your IT group will see significant cost savings, and will be well positioned to handle new cloud and mobile business opportunities.
Next week in this blog series, we'll explain the technical strategies for authentication during a migration to a modern access solution. Specifically, we'll focus on migration from CA Single Sign-On. In the meantime, here are some good related resources to check out:
Federated Access Management, a white paper and webinar discussing top IT trends, the necessity of an Identity Defined Security approach to support them, and tips for migrating off CA and Oracle.