Unified Access Management for On-Prem Applications

Written by Natalie Bluhm on April 2, 2018

Share This Article

The last decade in the identity management world has created a shift to the cloud. In fact, solutions such as first generation Identity-as-a-Service (IDaaS) platforms (more commonly known as web application single sign-on) have changed the conversation to focus on cloud applications. That focus is now coming full circle as the conversation comes back to unified access management for on-prem applications.

How is unified access management changing the identity management world? What kinds of problems is unified access management for on-prem applications solving for IT organizations? To answer these questions, we need to look at the identity and access management (IAM) space as a whole, starting with the beginning.

Modern IAM, LDAP, and Active Directory

virtual identity

The start of modern identity management really kicked off with the advent of the open source authentication protocol, the Lightweight Directory Access Protocol (LDAP). This innovation enabled the creation of many other identity providers including OpenLDAP and Microsoft®  Active Directory® (AD).

Of course, AD would go on to become the monopoly in the space because Windows® machines and applications were the standard, and the entire network was on-prem. This led to Active Directory basically introducing the first concept of unified access because a person’s Windows credentials would give them access to the network, their system, applications, and data.

This worked well for a number of years, but started to break down with the introduction of web applications. These IT resources were hosted in the cloud and weren’t necessarily Windows based. The result was that Active Directory struggled to connect to these off-prem, non-Windows IT resources.

Web App SSO Emerges to Help AD

As a result, a generation of IAM solution called web app single sign-on (SSO) stepped in to solve this problem. These identity-as-a-service platforms, as the analysts called them, would integrate with Active Directory and federate AD identities to a user’s web applications. This, too, worked well for a number of years. Active Directory managed everything on-prem, and the web application SSO platform handled web apps. Then, the on-prem network started to change and morph even more. Windows started to be replaced by Mac® and Linux® devices. Critical on-prem applications started to be based on Linux and use the browser as the front-end interface more often.

IT organizations were stuck. Active Directory couldn’t manage and connect to Mac and Linux systems or Linux-based applications. While web app SSO platforms did a great job with web apps, they didn’t offer the ability to manage on-prem apps that authenticated with LDAP, Kerberos, other non-SAML protocols, or non-Windows systems.

So, the first generation IDaaS vendors started to shift their focus to include on-prem apps as well. They called this unified access management. The challenge with this approach is that it doesn’t cover all of an IT organization’s on-prem resources ( i.e. Mac, Linux, Windows systems, Samba file servers or NAS appliances, and local and remote servers). Further, this so-called unified access management approach still required Active Directory on-prem which still meant that IT admins were managing at least two platforms.

The concept of unified access management for on-prem applications, cloud apps, systems, cloud servers, file servers, networks, and more makes complete sense. Having one identity to securely connect a user to the IT resources they need regardless of location, platform, protocol, and provider is exactly what modern IT organizations are looking for.  The good news is that they don’t have to look any further because JumpCloud® Directory-as-a-Service® has recently emerged and comes standard with this kind of approach.   

Beyond Unified Access Management for On-Prem Applications

directory-as-a-service

Completely cloud-based, JumpCloud is a modern, full-fledged directory service that integrates with the following IT resources:

JumpCloud goes beyond unified access management for on-prem applications by connecting with resources regardless of where they are, who they’re from, what protocol they leverage, and what platform they are based on. We refer to this concept as True Single Sign-On, which is a unique concept of the JumpCloud platform. This independent approach makes it possible to truly provide users with one set of credentials that will authenticate users to all of their IT resources.

Find Out More

Get Started and Learn more about JumpCloud

If you would like to dig in deeper on the cloud identity management solution that delivers unified access management for on-prem applications, cloud applications, systems, files, and networks, drop us a note. Ready to start testing our cloud-based directory service? Sign up for a free account, and use your first free ten users (which are free forever) to find out how JumpCloud Directory-as-a-Service can centralize your IT environment.

Natalie Bluhm

Natalie is a writer for JumpCloud, an Identity and Access Management solution designed for the cloud era. Natalie graduated with a degree in professional and technical writing, and she loves learning about cloud infrastructure, identity security, and IT protocols.

Continue Learning with our Newsletter