The Schwartz Report

Blog archive

Okta Extends Security Capabilities of Cloud Directory Service

Building on its goal to extend the single-sign on capability of its cloud-based directory service, Okta has added native LDAP support to its Okta Universal Directory and has extended its multifactor authentication (MFA) offering to bypass on-premises ADFS servers, among other services. The moves are among several upgrades to its SSO portfolio announced at the company's annual Oktane gathering, held last week in Las Vegas.

Until now, Okta has connected to LDAP directories, which are often found on legacy on-premises applications, security and network systems, by using replication. Now Okta's directory supports the LDAP protocol natively, allowing LDAP-based applications to authenticate against it directly, which the company said eliminates the need for multiple on-premises directories tied to specific systems and applications, including VPNs.

"You just point [applications] at the Okta Universal Directory, and it speaks the protocol, and you're integrated and on your way," said Okta CEO Todd McKinnon. "You can now retire those legacy directory workloads, make it much easier for you and more cost effective." By adding LDAP support, organizations can eliminate multiple on-premises directories, IDC Analysts Tom Austin and Frank Dickson, noted in a research note.

Okta said it is also responding to the growing push to bring multifactor authentication (MFA) into broader use. The company said basic two-factor authentication will be a standard feature for all customers. "Every company using our SSO product gets basic multifactor authentication for free," McKinnon said. "We think it pushes the industry forward. It makes it incredibly easy to deploy multifactor authentication in a usable, scalable way across your entire ecosystem and we think this will push the security industry forward."

The company has added new functionality to its Adaptive MFA (AMFA) offering, which provides context-based security capabilities. Among them is a new capability that will prevent its users from using common passwords or those already exposed from known breaches. Okta has also added IP blacklisting to protect against DDoS attacks. "AMFA can also detect anomalies based on user location and client, and determine whether authentication event is using a trusted/untrusted device," Austin and Dickson noted.

AMFA can also now be used with LDAP as well as a broader set of on-premises custom applications, including ADFS, Web apps, RADIUS and other SSO products such as CA SiteMinder, Oracle Access Manager and IBM's Tivolli Access Manager, among others.  "We've now extended our Adaptive MFA offering, enabling you to connect to anything behind an ADFS server, also to connect directly to anything speaking the remote desktop protocol," McKinnon said. "What you are seeing here is a broadening and a deepening of this integration and this product. It's not about applications, it's about being securely connected to everything. This is critical as you manage and secure your extended enterprise."

Okta, which said it now has 3,000 customers using the Okta Identity Network and 5,000 native connections, also announced a new developer toolkit and integrations with a number of providers including ServiceNow, Workato, Palo Alto Labs, Cisco, F5 Networks, Citrix (Netscaler), Akamai, Box, Google (G Suite and Google Cloud), Sumo Logic, Splunk, Skyhigh, Netskope, MuleSoft, IBM (DataPower and Radar) and Amazon Web Services.

Okta is regarded as a leading provider of SSO providers to large enterprises and one whose business is now easier to gauge than others, thanks to the fact that it went public earlier this year. While the Andreesen-Horowitz-backed company is still quite in the red, Okta surprised Wall Street yesterday by beating revenue estimates and upping its forecast for the rest of the year. Revenues of $61 million during its second FY18 quarter rose 63% over the same period last year. The company showed incremental progress on its road to profitability, reporting a net loss of $27.2 million, or 44.5% of total revenue, compared with $20.6 million, or 54.9% of revenues, year-over year.

Posted by Jeffrey Schwartz on 09/08/2017 at 10:18 AM


comments powered by Disqus

Subscribe on YouTube