Welcome to identity driven manager, Introduction, Why idm – HP Identity Driven Manager Software Series User Manual

1

Welcome to Identity Driven Manager

Introduction

Network usage has skyrocketed with the expansion of the Internet, wireless, and
convergence technologies. This increases the burden on network managers working
to control network usage. Also, the complexity of large networks makes it difficult
to control network access and usage by individual users.

Identity Driven Manager (IDM) is an add-on module to the HP PCM Plus (PCM+)
application that extends the functionality of PCM+ to include authorization control
features for edge devices in networks using RADIUS servers and Web Authentica-
tion, MAC Authentication, or 802.1X security protocols.

Using IDM simplifies user access configuration by automatically discovering
RADIUS servers, domains, and users. You can use IDM to monitor users on the
network, and to create and assign access policies that dynamically configure edge
devices (wired and wireless) and manage network resources available to individual
users. Using IDM, access rights, quality of service (QoS), bandwidth throttling,
ACLs, and VLAN enrollment are associated with a user and applied at the point of
entry or “edge” of the network.

Why IDM?

Today, access control using a RADIUS system and PCM devices (switches or
wireless access points) is typically made up of several steps.

1. A user attempts to connect to the network.

2. The edge device recognizes a connection state change and requests identifying

information about the user. This can include MAC address, username and
password, or more complex information.

3. The switch forwards an access request, including the user information to the

authentication server (RADIUS).

4. The RADIUS server validates the user’s identity in the user directory, which can

be an Active Directory, database or flat file. Based on the validation result
received from the user directory, the authentication server returns an accept or
deny response to the switch.