Migrate identity and apps on your timelines
Legacy IAM from SiteMinder, Oracle, RSA, and IBM are fast approaching their End of Life (EOL). Organizations must quickly migrate apps and identity from legacy to modern identity systems. Maverics performs Identity Orchestration which automates the migration of hundreds of apps and identity systems.
Maveric’s patent-pending Abstraction Layer avoids rewriting apps and minimizes disruption to the user experience. Transparent to your users, the incremental migration approach means predictability and lower risk.
Challenges Migrating Legacy Identity
- Hundreds of legacy apps must be lifted and shifted to the cloud, and identity systems must be updated through automation tools that scale.
- Legacy identity from SiteMinder and OAM is EOL in 2022, meaning many organizations running critical workloads on EOL platforms will fall outside of compliance.
- Apps are integrated with identity using multiple integration mechanisms. Many lack SAML, OIDC and require app refactoring to change identity systems.
- Many apps cannot be rewritten due to no source code or original developers.
- The time required to refactor apps is significant, usually months per Web app and costs exceeding $200,000 per app.
- Legacy app skills are in short supply, and current developers have limited experience working with 15-year-old technologies like SiteMinder or OAM.
- Legacy IAM and modern IAM feature sets are different. First-generation identity and cloud-generation Azure AD and Okta have varying granularity of policy.
Migrate Without Rewrites
Strata’s patent-pending Session Abstraction technology transparently integrates apps with identity at the network layer, which means there’s no need to modify apps to switch their identity system. This saves $200,000 or more per app and avoids months of custom coding.
Migrate Hundreds of Apps in Weeks
Maverics was designed from the ground up to manage hundreds of app migrations while working with any Web app, including those built on Java, .Net, Go, Ruby, Python, Citrix, Kubernetes, and many more.
Incremental Migrations. Predictable Success.
With Live Migrations™, there are no Big Bang replications or ‘reset all passwords’ approaches that get out of sync. You can selectively move apps in any order desired and work alongside existing infrastructure or load balancers, proxies, networks, app servers, and apps. Simultaneously run legacy identity and modern cloud identity systems.
Teach a New Dog Some Old Policies
Many legacy features are not available from Azure AD or Okta. For instance, enforcing ‘time of day’ and ‘day of week’ conditional access in Okta is not possible but is common with SiteMinder shops. Overlay policies can be set to make up gaps in features between identity systems.
Automatically Screen Accounts During Migration
Migrations can be an opportunity to ‘dedupe’ and sanitize user accounts. Maverics can dynamically check “AmIP0wned” to see if user credentials are compromised. Additionally, users that don’t go through the Live Migration process during a defined window can be flagged for reset upon the next login, greatly reducing the risk of unauthorized dormant accounts.
Save millions by avoiding integration expenses to rewrite apps to work with cloud identity systems.
Retire legacy infrastructure, support and maintenance costs, reduce data center complexity.
Future-proof apps and identity systems with an abstraction layer.
Accelerate the move to the cloud, rapidly lift and shift apps to the cloud.
Improve reliability of identity infrastructure by using cloud scale services instead of 15 year old unreliable and overly-complex legacy identity.
Meet compliance guidelines moving mission critical workloads off of EOL software.
How Maverics Modernization and Migration Works
Create cohesive decentralized identity management out of fragmented, distributed identity silos spread across multiple clouds and on-premises.
- Install Maverics on-premises and in the cloud of your choice
- Integrate the login page of the portal and live migrate users to the new identity system. (Subsequent logins will be remembered and directed to the new identity system.)
- Identity Orchestrator will run as a proxy between the app and the identity system to facilitate migration
- Patent-pending session abstraction layer dynamically maps the session system of the app.
- There is no change to the app as Maverics transparently orchestrates sessions between legacy and the modern identity system.