Beta Management Company Case - DOC by bsz14056


More Info
									                                              Microsoft Customer Solution
                                              Customer Solution Case Study

                                              Systems Manager Offers Security-Enhanced,
                                              Hosted Solutions with Programming Framework

                                              “Without Windows Identity Foundation and Active
Customer: Quest Software
Web Site:                       Directory Federation Services, it would have been
Customer Size: 3,400
Country or Region: United States
                                              difficult to provide this level of customer data security.”
Industry: IT services                                                  Dmitry Sotnikov, New Product Research Manager, Quest Software
                                              Quest Software wanted to enable its customers to share access
Customer Profile
Headquartered in Aliso Viejo, California,     with their partners and with Quest support staff, to manage user
systems management company Quest
                                              roles centrally, and to log in just once to use multiple Quest
Software has more than 60 offices
worldwide and helps customers in almost       services. Using Windows Identity Foundation, Active Directory
every industry improve their IT efficiency.
                                              Federation Services 2.0, and Windows Azure, Quest can provide
Software and Services                         strong data security, centralized role management, and single
 Microsoft Server Product Portfolio
                                              sign on and direct access capabilities.
  − Windows Server 2008 R2 Enterprise
 Microsoft Visual Studio
                                              Business Needs                                approach. The company wanted to
  − Microsoft Visual Studio 2008
                                              Quest Software creates and supports on-       develop SaaS offerings with enhanced
    Professional Edition
                                              premises systems management products.         security to help protect its customers’
  − Microsoft Visual Studio 2010 Beta
                                              With this traditional software, single sign   intellectual property. Quest looked for a
 Windows Azure Platform
                                              on (SSO) was not accessible—customers         new solution as it began developing SaaS
  − Windows Azure
                                              could not share identity and permissions      versions of its Recovery Manager for
 Technologies
                                              among Quest solutions, and they had to        Active Directory backup and recovery
  − Active Directory Federation Services
                                              set up and maintain roles and permissions     software, InTrust security event
                                              within each product. Because there was no     management software, and Site
  − Microsoft ASP.NET
                                              centralized role management or identity       Administrator for SharePoint information
  − Microsoft .NET Framework 3.5
                                              federation, customers could not share data    and reporting software.
  − Windows Communication
                                              and permissions directly with partners or
                                              Quest; when customers needed technical        Solution
  − Windows Identity Foundation
                                              support, they sent log files to Quest IT      By early 2009, Quest joined Microsoft
                                              support staff.                                Technology Adoption Programs for
                                                                                            Windows Identity Foundation, an
                                              Quest also decided to offer on-demand         extension to the Microsoft .NET
For more information about other              applications hosted over the Internet         Framework; Active Directory Federation
Microsoft customer successes, please visit:   through a data center, known as the           Services 2.0, a Microsoft federation                 software-as-a-service (SaaS) or “cloud”       technology; and the Windows Azure
platform, an Internet-scale cloud services                      user into a security token that is used for      customers, who can pay as they go and
platform hosted in Microsoft data centers.                      authentication; claims work with broadly         incur low or no maintenance costs,” says
Quest built its OnDemand framework, which                       used standards to interoperate with many         Dmitry Sotnikov, New Product Research
hosts all Quest SaaS applications, on the                       security technologies. This interoperability     Manager at Quest Software.
Windows Azure platform, where services                          means that users can log on with their
and data storage are hosted. Quest                              Windows Live IDs or with Active Directory        Flexible architecture. “No matter which
developers used familiar tools, such as                         credentials. Customers who use Active            solutions customers use, our framework
Windows Azure templates for Microsoft                           Directory Federation Services can federate       handles authentication, permissions, role
Visual Studio 2008 Development Edition                          identity and access with Quest. Regardless       management, licensing, storing and
and Visual Studio 2010 Beta, and the .NET                       of the technology used, customers get            retrieving data, and even billing,” says
Framework 3.5. Quest developers reused up                       centralized role management for all              Sotnikov. Quest customers gained SSO
to 50 percent of the original application                       OnDemand applications.                           and can use Windows Live IDs or Active
code for its SaaS solutions, thanks to using                                                                     Directory credentials. Customers can
these familiar developer tools and being                        For data security and storage, Quest             manage roles centrally and grant partners
able to use the prebuilt security logic and                     provides a different data partition for each     or Quest employees access to their Quest
single user access model supported by                           tenant (customer). Computing resources           OnDemand solution and their data.
Windows Identity Foundation.                                    and application code are generally shared
                                                                among the tenants on a server, but with          Enhanced security. Quest customers are
Quest OnDemand services consist of two                          Quest OnDemand, each tenant has its own          in control of their data. Sotnikov says,
components: a small, downloadable                               set of data that remains logically isolated      “Even Quest employees cannot access
software client and the Web user interface,                     from all other tenants’ data. Customer data      business data unless a customer grants
data storage, and business logic running in                     can only be accessed by people and               them access. Without Windows Identity
the Windows Azure data center. The                              software that possess security tokens            Foundation and Active Directory
OnDemand framework elements are used in                         issued for that customer. This helps to          Federation Services 2.0, it would have been
both components. For the software client,                       prevent tenants (or Quest employees) from        difficult to provide this level of customer
the framework provides agent                                    accessing other tenants' data.                   data security.” Customers who use Active
authentication, authorization, data storage,                                                                     Directory credentials gain extra security. As
and application service access; this client                     The beta version of Quest Recovery               employees leave or change roles, these
communicates with the Internet service                          Manager OnDemand for Active Directory            changes automatically translate to
portion of the solution using Windows                           launched in late December 2009. Beta             changed access to Quest OnDemand
Communication Foundation. Similar                               versions of Quest Site Administrator             solutions. Any multifactor authentication
functionality is provided on the Web side                       Reports OnDemand for SharePoint and              systems deployed for Active Directory are
through Microsoft ASP.NET applications                          InTrust OnDemand will launch in January          automatically used for Quest OnDemand.
running in a Windows Azure data center                          2010. These services can be accessed from
and accessible through a Web browser and                                        Developer productivity. Quest
common Web portal. While customers work                                                                          developers used familiar development
with one site for each OnDemand                                 Benefits                                         tools, for a small learning curve. As a
application, it seems as if they are using one                  Quest can offer its software as new SaaS         bonus, says Sotnikov, “Some tools and
common site.                                                    solutions with enhanced security to reach        cloud platforms don’t really allow us to
                                                                new customers.                                   reuse our existing C++ and C# code, but
Quest used Windows Identity Foundation to                                                                        this solution did—up to 50 percent of
create its user-access model, which is                          New markets. With SaaS, Quest can reach          existing code.”
externalized from application code through                      new markets, such as small and midsize
the use of claims, for enhanced security.                       businesses. “The OnDemand cloud
Claims group together information about a                       approach significantly reduces barriers for

This case study is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS

Document published January 2010

To top