Sun-iPlanet Targets Network Identity

Sun Microsystems announced the immediate availability of the Sun Open Net Environment (Sun ONE) Platform for Network Identity, a combined software, hardware, and services offering from Sun for organizations to establish an open, end-to-end network identity infrastructure rapidly. Once the Liberty Alliance specifications are available in mid-2002, the Sun ONE Platform for Network Identity will support federated network identity.

Analytical Summary

Current Perspective: Slightly positive on Sun- iPlanet’s introduction of the Sun ONE Platform for Network Identity, because the company strengthens its position and continues its leadership role in defining the terms of interoperability for network identity and Web services.

Vendor Importance: High to Sun-iPlanet, because the company effectively leverages its dominant market position in directory services to try to secure its control over network identity services for both the enterprise and Internet environments.

Market Impact: High on the integration technologies and collaborative commerce segments, because direct competitors will need to account for Sun’s ability to leverage its directory services strength in order to establish a platform for network identity services.

Current Perspective: Positive/Neutral

We are taking a slightly positive stance on the launch of the Sun Open Net Environment (Sun ONE) Platform for Network Identity. We are positive because Sun-iPlanet is positioning, both aggressively and proactively, to leverage its software, hardware, and services strengths to take the lead in establishing a network identity infrastructure to support Web services solutions. We qualify our assessment because the Liberty alliance specs for identity services interoperability is a future deliverable, few Web services-enabled applications are ready-to-market, and the professional services engagement to develop a true federated identity services for a large enterprise requires more than a 10-day commitment.

We have previously written on the role of Web services as representing the end-game of interoperability through the ability to provide application to application, system to system, and network to network interoperability. This is achieved not through some monolithic interface. Instead, it is accomplished through the implementation of a cluster of messaging, directory, and descriptive format protocols (associated with SOAP, UDDI, WSDL, and ebXML) whereby application functionality can be leveraged and exposed as a service using standard interfaces. In short, Web services do not impose, but rather create an environment for integration that may serve as the logical extension of open standards interoperability to enable cross application, system, and network interconnectivity.

Sun’s Sun ONE Platform for Network Identity is focused on the identity component that is integral to the interoperable Web services environment. To enable interoperability that facilitates intra- enterprise and inter-enterprise communication, and that exposes company assets and application logic for employees, customers, and partners, either within an intranet or over the public Internet, requires identity management, policy administration, and access control.

Sun-iPlanet’s LDAP Directory Server has been a key differentiator due its acceptance as the industry standard and its pervasive footprint, with over 400 million licenses worldwide. There is by no means a direct mapping between the LDAP footprint and the deployment of the Network Identity Directory Server Access Management platform. But with the LDAP standards and expectations in place (i.e., scalable, open, extensible, etc.), rival offerings such as the Microsoft Active Directory face an uphill struggle trying to gain control over the directory component of Web services-based network identity.

While directories services are the core to access control for localized applications and Web applications, they are but a piece of the Web services identity puzzle that requires a studied professional services commitment and peripheral technologies such as managed trust services to develop the federated interoperability for heterogeneous environments that is expected down the road. For the current stage of network identity and Web services market development, Sun has smartly instituted the Network Identity Capability Assessment program and an Architecture Workshop for Network Identity that inculcates, with select partners, a set of best practices data, applications, reports, and transactions (DART) that represent a methodology to think through a organization’s information assets and develop those assets in the form of services.

However, while Sun has offered an iForce partners list to support the initiative, except in a few cases, it is not very substantial, and does not represent the industry-specific business consulting promoted. When Sun describes its platform as comprising “pre- installed and configurable software,” it needs to be specific about pre- installed and configured for what.

The first area for development will likely be intra-enterprise-based pilot programs to extend Web services to facilitate the interaction of employee access to resources and applications. Eventually, the extra-enterprise development of partnering relationships will emerge where Web services interoperability can optimize commerce and business processes that are consistent with the current business model. To drive adoption of its platform for Internet-based network identity, Sun should work either through direct contact or with its solutions provider alliances to establish the Sun ONE Network Identity Platform with financial institutions, telcos, network and wireless infrastructure and service providers, portals, and device and appliance manufacturers.

Finally, Sun needs to clarify how it will provision the security and trust infrastructure that Web services network identity warrants. Directory services can store and manage identities, and administer policies, privileges, and entitlements. Strong authentication services, however, are required to provide the level of security and trust necessary for complex interoperable environments.

Market Impact: High

Sun has a dominant market position in directory services that the company has leveraged very effectively in developing the Sun ONE Platform for Network Identity.

The true goal of federated, policy-based, secure and trusted network identity and authentication services remain a future deliverable, and lack at this time standard specifications for the interoperability of identity services.

Vendor Importance: High

Sun needed to introduce the Sun ONE Platform for Network Identity in order to maintain a leadership role in the defining the standards by which Web services are extended in both enterprise and Internet environments.

Sun needed to introduce Directory Server Access Management V. 5 Enterprise and Internet editions to leverage its very strong directory services competency and installed base in order to try to secure its control over network identity services.

Competitive Positives

Sun maintains its momentum and strengthens its position in the contest for control over the standards for interoperability for Web services.

Sun-iPlanet leverages its dominant market position in directory services to try to secure its control over network identity services for both the enterprise and Internet environments.

Sun establishes a best practices methodology and professional services commitment that is necessary to drive adoption of network identity services.

Sun’s plan going forward includes support for all devices, tethered or otherwise, to make a convincing argument for applications as services independent of platform.

Sun’s commitment to open standards technologies and interoperability is market-proven over the years is a type of capital that the company can bank on in developing its Web services infrastructure play, and in engaging in competitive sales situations with client organizations.

Competitive Concerns

Sun’s network identity infrastructure play lacks the correlate Project Liberty identity services interoperability specifications, which qualifies the event’s immediate impact and potential.

Sun’s ten day professional services commitment is fairly limited to develop network services beyond the pilot stage. With the potential mostly for only pilots in place, the pricing of the enterprise and Internet editions will be high in relation to the actual implementation and use.

Sun’s promotion of its current iForce partners does not include major solutions providers that will be necessary to drive adoption of the network identity services infrastructure offering, especially for the enterprise space.

Sun does not offer formal alliances with financial institutions, telcos, network and wireless infrastructure and service providers, portals, and device and appliance manufacturers that are necessary to drive adoption of the network identity services infrastructure throughout the Internet.

Sun has not clarified how it will provision the managed security and trust infrastructure necessary to develop network identity services as a federated model.

Recommended Vendor Actions

Sun should continue to reinforce its strong, long- standing commitment to open standards, and to Project Liberty as a key initiative, to rally support for its plan to establish the model for network identity interoperability standards. Sun and its Project Liberty partners cannot move quickly enough in finalizing the identity services interoperability specifications.

Sun should consider developing a tiered service and price structure, especially at this stage of market development, in order to address potential client concerns about the cost for infrastructure and service for most likely pilot implementations. This will alleviate problems down the road as clients ask tough questions about the relative cost of the technology in relation to the services required.

Sun should move quickly to build out its network of solutions providers alliances, using the PwC relationship as a model for potential partners to develop an identity services solutions practice as part of its overall risk management solutions. This channel is especially important for the enterprise environment where the focus should be on industry specific solutions.

Sun should move quickly to establish formal alliances with financial institutions, telcos, network and wireless infrastructure and service providers, portals, and device and appliance manufacturers. This is especially important to drive adoption of the network identity services infrastructure throughout the Internet.

Recommended Competitor Actions

In principle, Sun’s commitment to open standards for network identity services interoperability should be welcomed by B2C and B2B software, hardware, and services organizations. The partnering opportunities are obvious for any company specializing on anything from device and appliance technology to services.

Competitors with directory offerings such as Novell, Oracle, and Microsoft should consider leveraging their directory competency in the same manner, and commit to open standards to extend the functionality of their technology for the network identity and Web services market. As it stands now, competitive directory services are simply candidates for integration through Sun’s meta-directory application.

Microsoft is caught between a rock and a hard place, should Sun succeed in uniting its Directory Server Access Management platform and the Project Liberty initiative.

Managed trust services competitors should strongly consider partnering with Sun to integrate the strong authentication capabilities that are required to provide the level of security and trust necessary for complex interoperable environments

Major solutions providers such as Accenture, KPMG, Deloitte, EDS, IBM, and so forth should look to partner with Sun to develop an identity services solutions practice as part of their overall risk management solutions. Major financial institutions, telcos, network and wireless infrastructure and service providers, portals, and device and appliance manufacturers should strongly consider partnering with Sun to integrate network identity capabilities into their services offering.

Target Markets

• B2B Communities
• Consumers
• End Users
• Global 2000
• Large Enterprises
• Resellers/Channels
• Small Office/Home Office
• Small to Medium Enterprises
• Systems Integrators
• Web Portals

Recommended End User / Customer Actions

Organizations should welcome the Sun One Platform for Network Identity as holding much promise for establishing an open standards infrastructure to manage identities and administer policy for Web services.

Organizations should question Sun about the timeframe for implementing the federated model for network identity services, and how best to proceed in an incremental fashion to establish the foundation in targeted areas to exploit Web services technologies for employees, customers, and partners. Pilot programs within the firewall should be the proving ground.

Organizations should strongly question Sun about its technology and services pricing schedule, and request tiered or pilot-based pricing. It is hard to imagine any initial implementation scaling to $14.90 per identity.

Organizations should Sun about its schedule for delivering the managed security and trusted infrastructure required to support Web services and identity interoperability for complex environments.