Migrate Applications from Legacy Identity Systems to Azure AD with AMaaS

February 22, 2021
Canming Jiang

If you’ve decided to migrate your applications from a legacy identity system, such as Symantec SiteMinder, on-premises LDAP, or custom-built basic authentication solution, to Microsoft Azure Active Directory (Azure AD), you want the process to be as fast, hassle-free and cost-effective as possible.

Datawiza, the industry’s only cloud-native access management as a service (AMaaS), makes it easy to integrate access management across hybrid infrastructures to enable Single Sign On (SSO) and Multi-Factor Authentication (MFA) without rewriting applications. Datawiza also supports fine-grained access controls to enable regulatory and privacy compliance.

With Datawiza’s no-code/low-code approach, organizations standardizing on Azure AD can easily create a Zero Trust Architecture for hybrid multi-cloud environments. Datawiza’s industry-first lightweight, cloud-native access broker and cloud-based management console make configuring Datawiza and integrating applications with Azure AD simple and fast, reducing the migration effort by 10x compared to other solutions.

The Challenge

Migrating from a legacy identity system like SiteMinder to Azure AD typically requires additional and expensive team expertise to perform application code rewrites that can take months to complete and test. Many solutions that claim to ease migration still require complex deployment and configuration processes.

In addition, while Azure AD is an excellent identity management solution for storing user profiles and credentials, many companies need the additional ability to enforce user access policies for governance and regulatory purposes using fine-grained access controls based on detailed user and device attributes, such as group, role, URL or browser.

Businesses migrating to Azure AD need a solution that meets all the following criteria:

  • No rewriting of application code
  • Fast and simple integration and deployment
  • Simple cloud-based user interface for easy configuration and management
  • Fine-grained access controls to ensure governance, compliance and end user productivity
  • Easy ability to adapt to future changes in organizational structure and workforce make-up

The Datawiza Solution

The cloud-delivered Datawiza platform helps companies migrating to Microsoft Azure AD implement a Zero Trust Architecture by providing a no-code/low-code solution for connecting applications and services. Datawiza integrates with Azure AD “out of the box” to enable Single Sign On (SSO) and Multi-Factor Authentication (MFA) using modern protocols such as OIDC and SAML.

Datawiza supports policy-defined, URL-level access controls based on detailed user and device attributes, such as group, role, URL, or browser. As a cloud-delivered solution, Datawiza reduces the integration effort required for migrating to Azure AD by as much as by 10x.

The Datawiza platform is composed of two key components:

The Datawiza Access Broker (DAB)

  • Lightweight, cloud-native, container-based proxy that enables no-code/low-code SSO & MFA
  • Policy-based authorization to meet complex access control requirements
  • On-premises or cloud deployed
  • Simple up or down scalability to meet evolving business requirements
  • High performance throughput

The Datawiza Cloud Management Console (DCMC)

  • Unified cloud console for configuring access controls for all applications in the cloud and on-premises
  • Centralized logging for compliance and auditing
  • Cloud-delivered updates and new features
  • Holistic, real-time visibility into user access
  • Alerts and advanced threat detection

Datawiza AMaaS Platform

access management as a service (AMaaS) diagram

Datawiza and Azure AD - How they work together:

  1. When a user attempts to log into any application, the DAB intercepts the access request and authenticates it using a built-in connection to Azure AD via OIDC or SAML protocols.
  2. The user logs in through the Azure AD login page, and the OIDC or SAML message exchanges with Azure AD and DAB are automatically completed on behalf of the application.
  3. The DAB authorizes the request based on the fine-grained access policies configured in the DCMC and user attributes from Azure AD.
  4. The DAB then sends the correct login information to the application, which uses the fine-grained access policies configured in the DCMC to display only the appropriate information.
  5. An IT administrator configures the platform, applications and access policies using the Datawiza Cloud Management Console, instead of having to deal with the configuration files scattered in hybrid multi-cloud environments.

Market Leading Benefits

The Datawiza AMaaS consolidates access management across all applications in hybrid multi-cloud deployments for continuous, real-time trust and risk management. The platform propagates a single identity-based access policy across all applications and services, dramatically simplifying access management while increasing security and reducing frustration for employees who finally have immediate access to the tools and data they need when they need them.

With Datawiza, Microsoft Azure AD customers can:

  • Save money – Reduce the time and engineering effort required to migrate apps to modern protocols (OIDC, OAuth and SAML) by as much as 10x thanks to the lightweight, cloud-delivered Datawiza architecture.
  • Rapidly improve security – Migrate applications from legacy identity systems like SiteMinder and on-premises LDAP to Microsoft Azure AD without having to rewrite applications.
  • Ensure governance and compliance and support a flexible workforce – Enforce comprehensive, centralized, fine-grained policies to support all types of application access, including remote workers, contractors, partners and customers. Gain visibility across the entire environment.
  • Future-proof the data environment – Ensure a Zero Trust Architecture even as applications and protocols evolve (e.g., microservices and APIs).

For companies migrating from a legacy solution like SiteMinder to Azure AD, Datawiza is the only AMaaS that accelerates migration, slashes engineering effort and costs by 10x, and provides a no-code/low code path to a Zero Trust Architecture and fine-grained access controls across all applications.

Datawiza was invited to join the Microsoft Intelligent Security Association (MISA). Read the release.

DOWNLOAD IN PDF