On 9/23/2017 11:44 AM, NPavlinic wrote:
>
> Hello!
>
> Is anyone using IDM or Access Manager and have recently migrated to a
> private/public/hybrid cloud scenario?
>
> If yes, any lessons learned or recommendations related to managing
> latency, availability, risk? Any servers/roles kept on premise or split
> between cloud providers for availability or latency considerations?
>
> Did your cloud migration affect the geographical location of your IDM
> services (ex. did you centralize your services in one region that was
> previously distributed across different regions/countries)?
>
> For those services most to a private/public cloud service, was your
> migration IaaS only (ex. Amazon EC2) - or was it a combination of
> IaaS/PaaS (ex. for databases)?
>
> We are considering to moving our IDM ecosystem to the cloud and are
> quickly noticing the complexity to do so compared to the on-premise
> hosting model from the past.


NAM (appliance) can run in AWS on the SLES AMI's available. Not sure about support though. One of the challenges though if you want to use Kerberos
auth is the SPN. If you host the whole thing without AWS Direct Connect establishing a SSO with Kerberos would be very challenging.

Latencies for NAM, i guess it comes down on how you use it. If you use it for proxying sessions to web servers and if the webserver sits elsewhere in
the world you definitely going to get some latency. If the webserver are in the same geo location it could be ok.

For IDM, best to ask in the IDM forums.


--
Cheers,
Edward