May 01 2013

How McAfee Cloud Identity Manager Benefits Higher Ed IT Professionals

Identity management tool provides single sign-on to apps.

Every user is familiar with the struggle to remember multiple passwords to various systems. With McAfee Cloud Identity Manager, IT departments can relieve some of that pain.

By centralizing identity management and control, Cloud Identity Manager provides users with single sign-on access to cloud ­applications. In addition, the identity management tool creates a web portal for a variety of online services, ranging from LinkedIn to Amazon, to which users can connect with a single click. The central server that controls access manages passwords and sign-on credentials for web services, protects against data loss and compliance violations, and logs user activity.


The McAfee Cloud Identity ­Manager offers IT a central means of controlling identity-based access to cloud applications. For ­users, the tool simplifies and ­secures cloud access. For man­agers, it supports policies that require strong passwords.

The product integrates with any Lightweight Directory Access ­Protocol 3.0 directory service, such as the popular Microsoft Active ­Directory. This integration means that users need to remember only one password, which eliminates a number of common security weaknesses (such as passwords written on sticky notes and affixed to monitors).

Cloud Identity Manager ­enhances security for all users by supporting two-factor authentication. A one-time password ­capability uses mobile messaging such as SMS or email.

Why It Works for IT

McAfee Cloud Identity ­Manager works with the most commonly used server operating systems, such as Windows Server 2003, Windows Server 2008 and Red Hat Linux. The product runs in the ­background as a service. IT ­managers can access the management ­console through a web browser, from the server itself or from a ­machine elsewhere on the network.

Once configured, the identity management tool provides a highly flexible policy manager that provides for role-based access, control over location access (for example, allowing access to cloud applications from within the office but not from outside) and audit logging. IT managers can use the console to set password and access policies, such as requiring a specific number of ­characters or varying levels of password ­complexity for different classes.

IT managers can also use Cloud Identity Manager to create ­specific security standards, such as up-to-date ­security ­software, anti­virus tools and smartcard authentication.Intel ­Identity Protection ­Technology (which is built into second-generation Core i3, i5 and i7 processors) can validate clients. However, Cloud Identity Manager doesn't require the use of Intel ­processors and worked fine on an AMD-based server.

McAfee offers a long list of predefined connectors for commonly used cloud software, ­including Google Apps and Most cloud applications that support Security Assertion Markup ­Language 2.0 can retrieve ­authentication ­information from the platform. McAfee also includes APIs so organizations can incorporate custom cloud applications.


Implementing McAfee Cloud Identity Manager requires deep knowledge of server operating systems and directory services. It's possible for a skilled tech to implement, but McAfee recommends retaining professional services to ensure installation is done properly.