Learning Lab Sessions

Speaker: Various

These Learning Labs are instructor-led demonstrations focusing on specific components of Identity, Access, and Directory Management. Choose six of the twelve sessions to attend. 

Identity Management

• Custom Reports
• FIM Portal Customization (OCG)

RBAC (Role-Based Access Control)

• Role Modeling (FIM 2010 R2, RBAC, BHOLD)
• A View of Audit from the Top

Directory (AD Azure, AD FS)

• Virtual Directory (Optimal IDM, Mike Brengs)
  • Technical Session: We will dive deep into how a virtual directory can be deployed to solve business scenarios such as LDAP Migrations, Federated Authentication beyond Active Directory, and how complicated Office 365 deployments can be achieved in days instead of months. This will be a detailed discussion of how these components are configured to solve these scenarios.
  • Business Scenario Session: this is ideal for those not very familiar with the various use cases for a virtual directory and who want to find out the many ways a virtual directory can be used in the enterprise. When you leave this session, you’ll be able to identify “if my customer has ‘this’, then a virtual directory can solve it this way.” Topics include LDAP Migrations, Federated authentication beyond Active Directory, and how complicated Office 365 deployments can be achieved in days not months. Attend the technical session to understand the details for how the technology achieves these goals. 
• AD Azure Cloud Id (OCG)
• Active Directory Unification (STEALTHbits, Ian Anderson): Deep visibility into AD enables a unified security model. Consolidating domains can be a difficult task to undertake; this lab provides a step-by-step look into the unification process. Understandng the details of access entitlements prior to the project can enable simplified management while reducing security model complexity. 

Data Loss Prevention and Access 

• Multi-factor Authentication
• Certificate Management for BYOD
• Data Classificiation
• RMS File Extensions
• Rights Management for the Cloud/Exchange DLP (Microsoft)
• Benefits of Using RSA Adaptive Authentication with Microsoft Unified Access Gateway (The SCE Group, Jose Barros): We will explore the additional security benefits of integrating RSA's Adaptive Authentication product with Microsoft's UAG platform. We'll look at the overall architecture of how a client environment should look and demo a user log-in to access corporate resources via UAG with Multi-factor Authentication; Adaptive Authentication. 

Opening Keynote: Where is Identity Headed?

Speaker: Kim Cameron (Microsoft)

Kim will discuss the future of Identity. More details to come. 

The State of the CSO

Speaker: Per Melker (CSO Media)

Please join CSO as we present results from the exclusive 2012 Global Information Security Survey. Learn valuable information regarding CSOs and the security focus within organizations. This research provides an understanding of how executives and industry leaders view current and future challenges facing the information security industry.

The State of the CSO

Speaker: Per Melker (CSO Media)

Please join CSO as we present results from the exclusive 2012 Global Information Security Survey. Learn valuable information regarding CSOs and the security focus within organizations. This research provides an understanding of how executives and industry leaders view current and future challenges facing the information security industry.

Active Directory Federation Services

Speaker: Samuel Devasahayam

Sam will first provide an overview of Windows Server Active Directory Federated Services and the scenarios that it supports. Learn how AD FS extends Active Directory for cloud services (such as Microsoft Office 365), Business to Business services, as well as line-of business applications. We’ll show you the various features in AD FS that can help solve specific business use cases that you may encounter.

Optimal IdM - Customer Use Cases

Speaker: Michael Brengs (Optimal IdM)

In this session we will highlight customer use cases. We will present the customer challenge and existing environment and then the solution/architecture deployed and how it solved the customer’s problem. We will detail out how one customer deployed FIM, VIS + VIS Federation, UAG and AD FS as a part of large scale identity management solution which was a competitive win over Oracle.

Another case study will detail out how a large insurance company with over 100 forests and 400,000 users deployed VIS for Office 365 remotely in a matter of weeks, solving many business requirements such as two-factor authentication and detailed auditing as well as handling identity conflicts.

Identity and Access Capabilities for Applications on Windows Azure and Microsoft Office 365

Speaker: Stuart Kwan (Microsoft)

Windows Azure Active Directory provides easy-to-use, multi-tenant identity management services for applications running in the cloud and on any device and any platform. In this session, developers, administrators, and architects will take an end to end tour of Windows Azure Active Directory to learn about its capabilities, interfaces and supported scenarios, and understand how it works in concert with Windows Server Active Directory.

Operational Efficiencies and Improving the User Experience

Speakers: James Booth, Joe Gasowski (Deutsche Post DHL)

DHL is part of the world's largest logistics group, DHL Deutsche Post, and has historically been a very heavy user of directory services. As the aging LDAP directory infrastructure began to show signs of stress, DHL set out to replace both its LDAP directory and metadirectory products with Microsoft offerings. The goals were to lower the total cost of ownership, reduce licensing costs, and to provide a framework for the continued evolution of directory enabled line-of-business applications at DHL. This session discusses the trials and tribulations of migrating literally hundreds of applications from one directory to another, and the opportunities for improvements afforded by the adoption of the FIM portal for user management. 

FIM 2010 R2 Enhancements

Speaker: Mark Wahl (Microsoft)

In this session Mr. Wahl, CSA, will be presenting the improvements in FIM 2010 R2 that enable organizations to more efficiently manage identity and access across applications. He will be covering work in the FIM platform for using policies to automate user provisioning, enhanced connectivity to third party systems, and the additional capabilities for end-user self-service password reset for users on non-domain joined computers and in particular mobile devices.

Using PowerShell for FIM Deployment and Test Automation, Operations, and Extensibility

Speaker: Craig Martin (Identity Consultant)

FIM is the identity integration platform for Microsoft. PowerShell is the task automation platform for Microsoft, and also the darling that unites both the IT Pro and Developer communities, not to mention the envy of every other platform. Combining these two forces successfully enables us to deliver quality deployments with more functionality in less time. Learn how PowerShell can help you design, deploy and operate FIM like a guru. Topics covered will include:

1. Using PowerShell to automate FIM tasks and operations

2. Using PowerShell to rapidly produce FIM Workflows

3. Using PowerShell to rapidly produce FIM Reports

Hybrid Cloud - Building the On-Ramp

Speaker: Brjann Brekkan (Microsoft)

Cloud is here and it is part of your IT whether you like it or not. Implementing a cloud strategy is about enabling the business by providing agile solutions to get ahead of the competition. In our work to quickly adjust and adopt to trends we sometime take shortcuts with regards to security and compliance. Consumerization of IT isn’t just about staff bringing their own devices, it is also about staff adopting services outside of your organization. Well managed identity enabling agile service offering from the IT department provides the platform for a cloud strategy.

How MSIT "Does" Enterprise Authorization

Speaker: Laura Hunter

With all of the attention that’s been paid to changes in the Authentication space in recent years, it can be easy to forget that “Access” can, and should, be just as important to your IAM story as “Identity.” It’s not enough to ask “Who are you?” We also need to be able to manage the answer to “Now that I know who you are, what exactly can you do?” In this talk, come and hear how MSIT manages the Authorization story at Microsoft enterprise-scale — custom tooling, dynamic access control, and XACML, oh my!

FIM 2010 R2 RBAC Compliancy Tools (Attestation and Reporting)

Speaker: Rob De Jong (Microsoft)

Attestation is the process of recertification of user access rights by managers and ensuring that those users have the rights that their manager approved. The Attestation process sets up a campaign, executes is, and then evaluates the results. During this session we will further define Attestation, its goals, and its importance. Reports give insight into the access rights that people have and provides proof of compliance. We will go through a scenario of setting up and running an attestation campaign, a demonstration of the Reporting tool, and we will show how to create your own report in the RBAC model.

Extending Identity Management & Governance to Unstructured Data

Speaker: Matt Flynn (STEALTHbits)

Identity Management solutions have traditionally done a good job of incorporating any system that has an entitlement store into their workflow processes. In the world of Unstructured Data (file systems, etc.), there is no entitlement store. Entitlements are distributed across the resources themselves through share permissions, folder permissions, inheritance, and group nesting. In this session, we’ll discuss techniques to incorporate unstructured data into identity management workflows.

Identity Management as a Security Control

Speaker: Mark Wahl (Microsoft)

In this session, Mr. Wahl will be presenting a summary of the approaches by which Microsoft FIM 2010 R2 works alongside third-party technologies as well as other Microsoft technologies to enable organizations to more efficiently meet their regulatory compliance and audit objectives. FIM 2010 R2 provides controls for Enterprise IT administrators, security officers, and business decision makers to understand and visualize the identities within their organization, their access, and their effects on the organization’s all-up security posture.

Information Protection Everywhere

Speaker: Enrique Saggese

Bring your own device (BYOD) and service is the new reality inside enterprise IT. Microsoft is working on closing the gap between need compliancy, information protection, and the consumerization of IT devices. 

Closing Keynote: Azure Active Directory and Core Infrastructure (Active Directory Futures)

Speaker: Alex Simons (Microsoft)

In this closing session Mr. Simons will share with the audience how the Active Directory product group will assist customers with on-premise, cloud and hybrid challenges in the areas of Identity and Access Management, Information Protection, Authentication and Authorization, and Directory.