In this interview, Dmitry Sotnikov (Director of Cloud Solutions) and Einar Mykletun (Security and Compliance Architect) from Quest Software discuss building Quest’s new OnDemand product line – cloud-based IT management services to help IT professionals manage their on-premise Active Directory and server infrastructure. We talk about what it took to build the services on top of the Windows Azure platform, focusing specifically on security.
Quest is an early adopter of the Windows Azure platform. They’ve built out an extensive services framework as well as a few initial service offerings that sits on top of Windows Azure Framework and Windows Identity Framework. One of the key elements in the design of Quest’s framework is secure communication and authentication between all the service components and layers, whereby encryption is based on certificates stored within the dedicated certificate store provided by Windows Azure. On this topic, Einar explains similarities between developing software for on-premises and in Windows Azure as well as highlights a few key differences.
Meanwhile, Dmitry dives into benefits of claims based authentication and authorization which is leveraged by Quest’s OnDemand solutions, shows that customer’s Security Token Service (STS) can be interconnected with other, public STS systems to provide access to the cloud-based solutions. Dmitry shows us a few key code samples from Quest’s STS implementation highlighting the use of Windows Identity Foundation (WIF) classes and Einar shows code necessary to implement STS federation for Quest’s SSO for existing Quest support customers.
Finally, our guests talk about Quest Software benefits from Windows Azure datacenter, such as security, recoverability, replication and compliance when building solutions on top of Windows Azure platform, and how customers’ internal networks can actually be MORE secure if they adopt the Quest OnDemand Log Management service built on top of Windows Azure.
Listen to the interview and then:
Link Removed
More...