Idm architecture, Idm architecture -3 – HP Identity Driven Manager Software Series User Manual

1-3

Welcome to Identity Driven Manager

Introduction

•

An administrative GUI for configuration, events viewing and SSL certifi-
cate management

•

A SNAC-IDM communication interface

•

SNAC 802.1X hybrid solution support

■

Active Directory connection for verification and ongoing synchronization

■

The capability to register multiple devices per user

■

Multiple deployment support, including “SNAC + IDM” or “Classic IDM”
only

■

An integrated PCM/IDM installer

■

IDM Support for IPv6

■

Auto-allow capabilities

■

The capability to dynamically load OUIs from a file

■

IDM GUI enhancements, including “realm” labels renamed to “domain”

IDM Architecture

In IDM, when a user attempts to connect to the network through a switch or access
point, the user is authenticated via the RADIUS Server and user directory. Then, IDM
is used to return the user’s “access profile” along with the authentication response
from RADIUS to the switch. The IDM information is used to dynamically configure
the edge switch to provide the appropriate authorizations to the user, that is, what
VLAN the user can access, and what resources (QoS, bandwidth) the user gets.

The following figure illustrates the IDM architecture and how it fits in with RADIUS.