Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
1105 Views 7 Replies Latest reply: Feb 21, 2013 3:27 PM by mike_cc RSS
mike_cc Newcomer 19 posts since
Oct 15, 2012
Currently Being Moderated

Feb 21, 2013 12:56 PM

MWG and SAML/SSO?

I am looking into SAML/SSO solutions for logging in to 3rd party/partner web sites.

 

Does McAfee have anything or are there solutions that I can tie into MWG? Since all Internet traffic will be passing through the proxy, this seems to be where I would want to integrate SAML. If I'm incorrect or if there are better solutions, please let me know.

 

Thanks,

Mike

  • sroering McAfee SME 458 posts since
    Feb 10, 2011
    Currently Being Moderated
    1. Feb 21, 2013 1:00 PM (in response to mike_cc)
    Re: MWG and SAML/SSO?

    Hello Mike,

     

    Not currently.  McAfee does offer an SSO solution called McAfee Cloud Idenitty Manager, but isn't currently integrated with MWG. 

  • Sven Welschen McAfee SME 10 posts since
    Feb 15, 2013
    Currently Being Moderated
    2. Feb 21, 2013 1:15 PM (in response to sroering)
    Re: MWG and SAML/SSO?

    One small correction. MCIm is the right tool for single sign on and even better, it does integrate with MWG. If you use authentication on MWG today, you can have seamless integration with MCIM.

     

    Cheers

    sven

  • sroering McAfee SME 458 posts since
    Feb 10, 2011
    Currently Being Moderated
    4. Feb 21, 2013 2:54 PM (in response to mike_cc)
    Re: MWG and SAML/SSO?

    Which cloud services do you want to integrate with?

     

    MCIM would typically sit in your corporate intranet or DMZ.   here is the product webpage.

    http://www.mcafee.com/us/products/cloud-identity-manager.aspx

     

     

    Here is a power-point slide I made that sort of summarizes one example of how MCIM is deployed.  The services listed are just examples since MCIM can integrate with hundreds of services.

    mcim_summary.png

  • sroering McAfee SME 458 posts since
    Feb 10, 2011
    Currently Being Moderated
    6. Feb 21, 2013 3:18 PM (in response to mike_cc)
    Re: MWG and SAML/SSO?

    That is exactly the problem MCIM solves.  It depends on which sites you want to integrate with regarding the features.  For example, Box.net can do SAML authentication, so MCIM would give you complete control over the identity management.  Other sites such as this McAfee Community website don't do SAML, so you would need to use a generic HTTP Post connector, which means you cannot prevent users from using weak passwords, but they could still use MCIM as a convenience method for doing the authentication.  It's also a better solution than storing credentials in a browser, which is insecure.

     

    Keep in mind that if you don't see a connector for the service you want to integrate with, it doesn't mean it isn't supported. MCIM can work seamlessly with any SAML 1.1 or 2.0 service provider. I've also integrated with Shiboleth services.  We can also work with most sites that do HTML forms based authentication.  The pre-built connectors just ease the deployment, but we are always adding connectors.  The last 2 releases have added over 100 connectors each.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points