When prior vendors changed product features and ended support for existing product lines, Northern Arizona University (NAU) found that they were not getting the support or features needed to provide large scale authentication, authorization and information security for 30,000 faculty, staff, and student users. They began a search for a long-term solution focusing on scalability and reliability. “With three separate hardware clusters across two data centers providing capacity and fail-over for the University, it was important that we have a system to support growth, with extremely high reliability for our mission-critical infrastructure,” said Summer Steddom, Systems Integration and Architecture Team Lead.
The team at NAU researched several options, including open source products, but was concerned about the ability to get both scale and support. When they saw a demo for UnboundID, they realized that they could get all of their needs met. “The UnboundID solution has a large feature set – Lamborghini options compared to the Volkswagen-type features we were used to,” said Ms. Steddom. “The Identity Data Sync product allowed us to remove a lot of in-house custom code which had been developed to facilitate MetaDirectory functionality and complex account provisioning business rules. The ability to manipulate data transformation rules through a simplified interface rather than in source code saves a lot of time. The directory's schema validation is also much more thorough when adding, modifying, or importing data and has uncovered many attribute syntax issues that have been lurking in the background.”
The University also likes that all administration functions of the product can be carried out through command line interfaces that have identical parallels in the web interface. The solid command line interface allows NAU to script up and deploy complex changes to multiple servers in a fraction of the time it was taking with their old product. “The UnboundID product stack is just what we wanted and needed,” said Ms. Steddom. “A robust, reliable and scalable directory is important to the university, acting as the fundamental base for IdAM development, securing everything from department web applications to enterprise email systems, learning management systems, student information systems, and much more.” NAU found that the UnboundID Identity Data Store provides a more reliable changelog implementation that is compatible with multi-master replication. Querying the changelog distributed on each directory instance allows NAU to continue triggering MetaDirectory processes even when multiple directory instances are in the act of failing. No failover is required and distributed real-time MetaDirectory routines never skip a beat.
“We wanted to be sure we got the features that we really needed, and that the systems would perform well into the future,” said Ms. Steddom. “And that’s what we’ve got.”