Providing employees with the right access to business-critical information should be managed by the business and not IT. Quest One Identity Solutions provide a simpler way to manage identities and govern access – one that makes your business more agile and secure, while reducing the burden on IT. With Quest One, governance activities are simplified so that IT isn’t spending limited time, staff and budget preparing for audits. Quest One also monitors and controls privileged access to significantly reduce your organization’s exposure.
No, it’s not too much to ask for an identity and access management (IAM) solution that benefits both IT users and business users. With Quest One Identity Solutions, you will reduce security risks, increase IT efficiency and minimize the pain and cost associated with audits – all while empowering your business to govern the access necessary to operate in today’s fast-paced, data-driven world.
Quest One offers powerful solutions for:
Already know which product will simplify your work? Review this list to find it – and browse related products.
Review the capability categories below to find a solution for your specific IT challenges.
Quest One is the only solution offering with a full spectrum of single sign-on (SSO) – from “true” SSO to enterprise SSO – no matter which systems, applications or databases you use. Learn more »
Quest One enables automated, codeless, business-driven provisioning of user identities and access privileges enterprise-wide. Quest One adds identity intelligence to provisioning to overcomes the typical security, cost, deployment, and complexity limitations of “traditional” IAM frameworks at a fraction of the cost and deployment burden. Learn more »
Quest One helps you control access by providing an optimized structure with automation to address all of your enterprise role management needs. Quest One enables you to granularly define and administer roles, as well as attach business-driven access control, policy, workflows and attestations to roles to meet security, efficiency and compliance objectives. Learn more »
Quest One consolidates all roles, actions, policies, rights and resources into a single, well-controlled, and flexible IAM structure that adjusts as needs and systems evolve. Quest One provides you with control and a clear view of all IAM components, enabling you to make sound decisions based on real-time intelligence, reducing risk. Learn more »
Quest One delivers strong alternatives to traditional username/password authentication. The Quest One solution for multifactor authentication builds on your existing investments to deliver all the security and control you need, without requiring additional infrastructure and redundant management tools and practices. Learn more »
Quest One addresses many of the most pressing password management issues facing complex heterogeneous enterprises, such as the high cost of password resets, inconsistency of password policy across platforms and applications, and the problems of multiple, disparate passwords. Learn more »
Quest One helps you control administrative (or “super user”) access with granular delegation, policy-based control and secure and automated workflows for issuing privileged credentials as well as enhancements to the popular open-source Sudo project. This approach enhances security and compliance while improving efficiency as administrators are granted only the rights they need and all activity is tracked and audited across the entire diverse enterprise. Learn more »
Quest One integrates with existing identity and access management frameworks to reduce complexity and accelerate time-to-value by unifying disparate systems and identities, improving visibility and control through identity intelligence, and providing advanced IAM fucntionality the framework may lack. Learn more »
Reduce the stress and pressure on your IT organization by using Quest to meet the requirements of an ever-increasing number of internal policies and external regulations. Quest’s solutions help you eliminate distractions, remove complexity and be proactive. React to compliance problems quickly with regulation-specific auditing, reporting, retention and alerting. Proactively protect critical data and control usage in Windows and beyond.
Browse the technology platform categories below to find solutions for your unique IT challenges.
Quest delivers secure management tools for Active Directory and unique solutions for identity management, provisioning, security, and directory consolidation with Unix, Linux, Mac, Java and certain business applications.
Quest One provides secure identity and access management for SAP.
Quest One provides secure identity and access management for Siebel.
Quest One provides secure identity and access management for DB2.
Quest One provides secure identity and access management for Oracle.
Quest One provides secure identity and access management for Unix and Linux systems by unifying and consolidating identities, as well as controlling and auditing the Unix root account.
Quest One provides secure identity and access management for Mac.
Quest delivers unique identity management solutions for Java applications.
Quest One provides secure identity and access management for Samba.
Quest One provides secure identity and access management for PuTTY.
Quest One provides secure identity and access management for SSH.
Enterprise Single Sign-on from Quest Software, the industry’s leading enterprise single sign-on solution that bases all logins on a user’s existing Active Directory identity, requires no cumbersome infrastructure and streamlines both end-user management and enterprise-wide administration of single sign-on.
Achieve secure SSO for any login-based application or system with Quest’s industry-leading enterprise single sign-on solution. This login automation solution uses AD as the central identity repository and integrates with the full range of IAM solutions (from Active Directory bridge to multifactor authentication).
Strengthen any login activity with multifactor authentication in conjunction with Quest One single sign-on solutions.
For those situations where “true” SSO is not possible and enterprise SSO is not practical, Quest One can provide traditional password synchronization (or same sign-on).
Integrate standards-based systems and applications with Active Directory (AD) to achieve the “holy grail” of identity and access management. Quest One enables many systems to leverage AD’s Kerberos SSO capabilities for a unified approach that actually enables them to act as “full citizens” in the AD-trusted realm.
Webthority is an integrated security solution that enables you to provide employees, customers and partners with secure, browser-based access to essential information without adding infrastructure or complexity.
Implement a secure reverse proxy architecture that protects important resources to ensure only appropriate remote access using AD-based SSO.
ActiveRoles Server provides out-of-the-box user and group account management, strictly enforced administrator-based role security, day-to-day identity administration and built-in auditing and reporting for Windows-centric environments.
Quest One enables you to provision, reprovision and deprovision user accounts and group membership access to any system, platform or application within the enterprise (physical or virtual) with an emphasis on configuration rather than customization.
Quest One extends Active Directory-based provisioning actions to many non-Windows systems that have “joined” Active Directory through its identity unification technologies. Quest One eliminates the need to separately administer identities on Unix, Linux, Java, Mac and other systems.
Quest One’s provisioning capabilities are driven by user-centric interfaces, that empower end users and line-of-business personnel (as opposed to IT staff) to manage much of the identity lifecycle process. These interfaces are customized based on the user’s role and preferences, and are optimized to the needs of the individual.
Quest One moves provisioning from a requirement constrained by technical limitations to one driven by business needs and existing organizational strengths and processes.
Quest One integrates with existing identity and access management frameworks to reduce the complexity of provisioning by unifying multiple systems with the expanded Active Directory environment, and providing 360 degree visibility and control with identity intelligence.
Quest One enables end users and line-of-business personnel to manage much of the identity lifecycle by extending the reach of roles, rules, policies, workflows, and attestation to ensure provisioning actions occur correctly, in a timely manner, with all of the right people involved.
Quest enables you to deliver virtual desktops and provision new users quickly and centrally, without having to visit individual desktops.
Quest One enables you to build access control based on defined and established roles correlated with business processes and needs. This flexible approach enables you to implement the amount of control that best fits your organization’s culture, regulatory burden and environment.
Quest One provides the structure and automation that enables you to unify roles enterprise-wide and use them to control access, improve security and maintain compliance. A simple and familiar interface streamlines and automates the tedious and error-prone process of managing roles manually or with traditional IAM framework solutions.
Quest One helps you implement role-based access control (RBAC) enterprise-wide through the establishment, execution and administration of strong role management principles. Quest One’s automation, structure and business-driven focus moves role-based access control from a difficult-to-achieve objective to a functional reality.
Quest One automates and provides structure for the entire lifecycle of enterprise roles. You can easily and accurately create and modify roles, change their associations with specific access points and assign them to individuals.
Quest One provides an abstraction layer that enables you to automatically use identities and their access rights to establish the appropriate roles. These automated role mining capabilities can define roles using statistical analysis, assign them to the correct individuals and even address necessary exceptions.
Quest One overcomes the major challenge of enterprise role management – the process of defining and executing roles – by delivering a powerful and extremely flexible structure upon which roles can be defined, correlated with user identities, tied to business-driven workflows and controlled through business-defined attestations.
Quest One identity intelligence capabilities deliver a complete 360-degree view of all components of IAM, their relationships to each other, the policies and rules that affect them and the impact of changes to present and future IAM operations. With Quest One, business managers gain complete visibility into what their employees have access to – in terms they understand.
Quest One enables you to implement an IAM strategy that best suits your organization. Quest One identity intelligence capabilities take into account your organizational structure and culture, operational requirements as well as existing (or new) roles, rules and policies.
Quest One provides a unifying model to establish and implement enterprise-wide policies and roles to ensure they are applied consistently and efficiently. This means that all IAM operations, such as provisioning, occur according to established rules and policies defined by the organization. A single set of controlling factors influences all of IAM enterprise-wide.
Quest One improves virtually any IAM operation by infusing a layer of identity intelligence, enabling you to optimize IAM for your environment, organizational needs and objectives. For example, enterprise provisioning is controlled by a common set of roles and policies that adjust dynamically to changes.
Quest One supports your continually evolving identity, policy and access requirements. The solutions' identity intelligence capabilities dynamically adjust with any change to your IAM environment. Access rights are automatically updated as roles evolve, new systems come online or new personnel are introduced into the IAM mix.
Quest One enables you to easily and accurately correlate user identities, roles and policies to access requirements, systems and regulations. By establishing relationships between IAM components, access rights are automatically updated as roles evolve, new systems come online or new personnel are added.
Quest One offers a powerful Active Directory-based, one-time password (OTP) solution that leverages AD rather than requiring additional, proprietary infrastructure. Our standards-based solutions enable organizations to use a wide-range of token types (hardware, software, SMS, phone-based, etc.) from any standards-based vendor.
When combined with vWorkspace, Quest One’s multifactor authentication provides secure user and administrator access across a diverse virtual desktop environment.
The Quest One identity and directory unification technologies (often called AD bridge technologies) empower organizations with an existing investment in Windows smart cards to extend multifactor authentication to Unix, Linux, Java and Mac resources.
Quest One lets you add a second factor to authentication for privileged account management, including delegation of rights, session audit and password vault capabilities.
The Quest One enterprise single sign-on solution enables organizations to initiate an SSO session with ANY multifactor authentication option, including smart cards, OTP and biometrics. This ability improves the security of SSO and leverages existing investments in strong authentication.
Quest One provides a more granular definition of password policy than natively available in Active Directory, even to the level of requiring different password complexity, expiration or re-use policies for employees or resources that require a higher level of security. Quest One also extends that stronger policy to many non-Windows systems whose native capabilities make enforcing security difficult.
Quest One helps you automate and streamline the day-to-day administration of passwords for IT and help-desk personnel.
Quest One eliminates the need for individual passwords on many non-Windows systems by enabling those systems to “join” Active Directory under one identity. The result is a single, secure, well-controlled password in AD that authenticates users to Windows resources, as well as to Unix, Linux, Mac and Java.
Quest One helps you overcome the inherent weakness of password-based logons by requiring a second factor to grant access across Active Directory and AD-joined systems.
Quest One synchronizes passwords from Active Directory or Quest One Identity Manager to many systems, platforms and applications to take advantage of self-service password reset capabilities.
Quest One removes the burden of managing and memorizing multiple passwords by implementing a single sign-on strategy, including “true” SSO and enterprise SSO.
Quest One enables users to reset forgotten passwords securely without IT involvement from a convenient self-service website. This capability applies to Active Directory, AD-joined systems and systems that have been synchronized through Quest One technologies.
Streamline administration and easily provide access control reporting for sudo. The Quest One solution enhances sudo 1.8.1 (and newer) with a central policy server, centralized management of sudo and the sudoers policy file, centralized reporting on sudoers access rights and activities, as well as keystroke logging of activities performed through sudo.
Improve security and achieve compliance by implementing agent-based granular delegation of administrative access on Unix and Linux systems, as well as Active Directory and virtual desktops. Quest One also provides proxy-based command control for multiple operating systems, including Windows, Unix, Linux and Mac, as well as a variety of devices. The Quest One approach enables organizations to provide only the appropriate amount of access required for administrators to do their jobs across the widest range of systems and applications.
Gain comprehensive audit of activities performed with elevated privileges across a variety of systems. Capabilities include keystroke logging for delegated root access, including through Sudo, proxy-based session audit of activities on Windows, Unix, Linux, Mac, Web applications, databases, mainframes and devices, and complete tracking of policy and activities associated with the password vault.
Strengthen administrative access security with multifactor authentication for pre-determined actions, roles or systems. Quest One integrates its multifactor authentication solutions with Active Directory (and AD-based role management solutions), non-Windows systems and platform-specific privileged account delegation tools.
Base elevated access on strong policy and group membership within Active Directory—including support for Unix and Linux—and on dedicated, platform-specific policies within the delegation tools themselves. This strategy eliminates ad-hoc, box-by-box authorizations across the entire population of non-Windows systems.
Automate and secure the request, approval, issuance, return and automatic changing of administrative credentials across the entire diverse enterprise with a comprehensive audit trail of the process. Delivered via a secure, hardened appliance, the Quest One solution also overcomes the security concerns of passwords hard-coded into scripts as applications communicate with other applications or databases.
Lock down and gain full control over perhaps the largest identity store in your enterprise: Active Directory. Quest One delivers powerful codeless account management, role-based security and automated group management for Active Directory identities, including non-Windows systems and platforms that have become "full citizens" in Active Directory through Quest One technologies.
Reduce the number of custom connectors and custom coding required to get your framework up and running by bringing Unix, Linux, Mac and Java systems into Active Directory for single sign-on, centralized management and optimized identity administration.
Increase the flexibility of an IAM framework while achieving 360-degree visibility and business-driven control without relying on cumbersome, inflexible and expensive custom coding. Quest One’s identity intelligence capabilities improve and accelerate the time-to-value of any IAM framework deployment.
Bring disparate identities together under a common identity namespace, including Kerberos single sign-on.
Enhance your IAM framework by overcoming the inherent weakness of password-based logons by requiring a second factor to grant access across Active Directory and AD-joined systems.
Fill the gap in access control and separation of duties inherent in most IAM frameworks by implementing targeted delegation and audit solutions for important shared superuser credentials and secured automation for issuing full administrative passwords.
Augment your IAM framework by removing the burden of multiple passwords or password synchronization by implementing a Quest One-based single sign-on strategy, including “true” SSO and enterprise SSO.
InTrust securely collects, stores, reports and alerts on event data from Windows, Unix and Linux systems, helping you comply with external regulations, internal policies and security best practices.
Quest helps you protect your valuable data, as well as achieve and maintain compliance with products that inventory your infrastructure, prevent rogue changes and unauthorized access in real time, report on all change activity from a single interface and secure logons with multifactor authentication.
Learn more »
Quest One makes it easy to certify user access across the entire range of systems and applications in your enterprise. Through identity intelligence, the task of gathering access rights and certifying those rights moves from a tedious, IT-driven chore to a seamless, business-driven benefit.
Quest One delivers strong, affordable and flexible alternatives to traditional username/password authentication. The Quest One solution for multifactor authentication builds on your existing investments to deliver all the security and control you need, without requiring additional infrastructure, proprietary solutions or redundant management tools and practices.
Quest One consolidates all roles, actions, policies, rights and resources into a single, well-controlled and flexible IAM structure that adjusts as needs and systems evolve. Quest One provides you with control and a clear view of all IAM components, enabling you to make sound decisions based on real-time intelligence, thus reducing risk.
Quest One improves the ability to control user access across the entire enterprise. Our solutions enable non-Windows systems to leverage the built-in security and compliance of Active Directory, to more granularly define and enforce access policy, as well as the power to unify key identity components that control access (such as roles, policy and workflows).
Quest One helps you control administrative (or “super user”) access with granular delegation, policy-based control and secure and automated workflows for issuing privileged credentials as well as enhancements to the popular open-source Sudo project. This approach enhances security and compliance by enforcing individual accountability while improving efficiency as administrators are granted only the rights they need and all activity is tracked and audited across the entire diverse enterprise.
Quest One helps you enforce the critical compliance principle of separation of duties by enforcing granular delegation of access rights, role-based access control and complete visibility into the rights and activities of individual users and administrators.
Improve on the native capabilities of AD to achieve role-based delegation of groups of administrators with varying responsibility levels in AD, AD LDS, and DNS. Administrator access is dynamically controlled by the role to the administrator is assigned.
Identity intelligence delivers a 360° view of all IAM components (for example: identities, roles, rules, policies, workflows, and attestations) for Windows, Unix/Linux, Mac, and any other OS, including platforms that have been unified through Quest One technologies.
Quest One builds multifactor authentication based on existing investments in Active Directory, eliminating the need for additional directories, proprietary identity stores, and additional management overhead. Quest One provides one-time password (OTP) authentication that leverages AD as the authoritative identity store.
Quest One delivers self service password resets, granular policy definition and enforcement, and automation.
Quest One offers automated, codeless provisioning for AD including Exchange, group membership, distribution lists and more, based on established workflows and attestations, and controlled by secure policies and rules.
Quest One enables you to achieve flexible, granular access controls for Active Directory with role-based delegation, command control and session audit to ensure that all administrative actions are consistent with your organization's security standards. Business rules can be created to trigger approvals or constraints on role-based controls. In addition, password vault functionality can secure and control use of full administrative credentials.
Achieve "true" SSO for SAPgui- and SAP NetWeaver-based applications. A single login to AD and the single AD password provides seamless access to the full range of SAP applications
Impose a comprehensive structure and control on unified enterprise roles, which can then be leveraged to enforce access control, security and compliance objectives driven by business needs and identity intelligence.
Identity intelligence provides complete visibility into controlling IAM factors on SAP to ensure efficient administration, as well as secure and compliant access control.
Any application included in a Quest One enterprise single sign-on implementation can initiate the SSO session through any type of multifactor authentication (smart card, OTP, biometrics, etc.)
Quest One unifies identities with AD and eliminates SAP passwords entirely. AD-based password policies and self-service resets automatically affect SAPgui and SAP NetWeaver.
Quest One enables you secure and control use of full administrative credentials across the entire enterprise including platforms, operating systems, applications and devices. It also eliminates the security holes of administrative passwords hard-coded into scripts as applications communicate with each other and databases.
With Quest One, you can implement codeless provisioning for SAP resources that is influenced by identity intelligence and leverages unified identities driven by business needs rather than technology limitations.
Achieve AD-based reduced sign-on to Siebel applications without managing separate logins, passwords, and authentication between AD and Siebel.
Impose a comprehensive structure and control on unified enterprise roles, which can then be leveraged to enforce access control, security and compliance objectives driven by business needs and identity intelligence
Identity intelligence provides complete visibility into controlling IAM factors on Siebel to ensure efficient administration, as well as secure and compliant access control.
Quest One unifies identities with AD and eliminates Siebel passwords entirely. AD-based password policy and self-service resets automatically affect Siebel.
With Quest One, you can implement codeless provisioning for Siebel that leverages unified identities and identity intelligence to drive IAM by business needs rather than technology limitations.
Access DB2 through an AD-based "true" SSO scenario that eliminates the need to manage and maintain separate login mechanisms.
Identity intelligence provides complete visibility into controlling IAM factors on DB2 to ensure efficient identity administration activities and secure and compliant control over access.
When DB2 is included in a Quest One enterprise single sign-on or AD bridge-enabled implementation, it can be secured with multifactor authentication.
Quest One streamlines password management for DB2 by eliminating the DB2 password in favor of a single, ubiquitous AD password or by synchronizing the AD password with DB2.
With Quest One, you can implement codeless provisioning for DB2 resources that leverages unified identities and identity intelligence to drive IAM by business needs rather than technology limitations.
Achieve AD-based enterprise SSO for Oracle applications.
Identity intelligence provides complete visibility into controlling IAM factors on Oracle to ensure efficient administration, as well as secure and compliant access control.
Any application included in a Quest One enterprise single sign-on implementation can initiate the SSO session through any type of multifactor authentication (smart card, OTP, biometrics, etc.).
Quest One synchronizes passwords between AD and Oracle.
With Quest One, you can implement codeless provisioning for Oracle resources that is based on identity intelligence and driven by business needs rather than technology limitations.
Quest One enables Unix and Linux systems to "join" AD for "true" SSO, without synchronization or login automation. A single identity in AD and a single AD credential grants appropriate access to the full range of Unix-based systems.
Leverage Active Directory roles and their management for Unix and Linux users as those systems "join" AD using Quest One technologies.
Quest One OTP authentication extends seamlessly to all AD-bridge supported Unix and Linux platforms to leverage the single AD identity and a single OTP token for multiple, previously disparate systems.
Quest One extends existing Windows smart cards to non-Windows systems that participate as “full citizens” in Active Directory through the Quest One AD bridge technologies.
Unify identities with AD and eliminate Unix and Linux passwords entirely. AD-based password policy and self-service resets automatically affect Unix and Linux systems.
Define a security policy that stipulates who has access to which root function, as well as when and where individuals can perform those functions. In addition, track all activities performed using elevated access (even down to the keystroke level). Password vault functionality also secures those instances where root must be used. Options are available for enterprise-level root delegation as an agent-based solution for the most compliance-demanding servers, proxy-based command control and session audit or as enhancements to Sudo.
Unify systems with Active Directory for a single identity and point-of-provisioning, automated and controlled by the Quest One AD-centric provisioning solution.
Quest One unifies identities and enables Macs to "join" AD for "true" SSO, without synchronization or login automation. A single identity in AD and a single AD credential grants appropriate access to Mac systems.
Leverage Active Directory roles and their management for Mac users as those systems “join” AD using Quest One technologies.
Quest One OTP authentication extends seamlessly to all AD-bridge supported Mac platforms to leverage the single AD identity and a single OTP token for multiple, previously disparate systems.
Unify identities with AD and eliminate Mac passwords entirely. AD-based password policy and self-service resets automatically affect Mac systems.
Enable Java applications to participate as full citizens in Active Directory for “true” SSO using the AD Kerberos credential for authentication without duplicate identities and authentication practices.
Identity intelligence provides complete visibility into controlling IAM factors on Java-based applications to ensure efficient administration, as well as secure and compliant access control.
Any Java application that has “joined” AD through the Quest One AD bridge technology can enjoy a unified multifactor authentication experience as well.
Unify identities with AD and eliminate Java passwords entirely. AD-based password policy and self-service resets automatically affect Java systems.
Implement codeless provisioning that is influenced by identity intelligence and unified identities, requires configuration and less customization, and is driven by business needs rather than technology capabilities.
Achieve AD-based "true" SSO for Samba.
Identity intelligence provides complete visibility into controlling IAM factors on Samba to ensure efficient administration, as well as secure and compliant access control.
Unify identities with AD and eliminate passwords on standards-based applications entirely. AD-based password policy and self-service resets automatically affect Unix, Linux, and Mac systems.
Achieve AD-based "true" SSO for PuTTY.
Identity intelligence provides complete visibility into controlling IAM factors on PuTTY to ensure efficient administration, as well as secure and compliant access control.
Achieve AD-based "true" SSO for SSH.
Identity intelligence provides complete visibility into controlling IAM factors on SSH to ensure efficient administration, as well as secure and compliant access control.
Get the most from your investment with help from our highly rated support team, training programs, and implementation services.