Quest One Authorization Policy Server for SharePoint

Fine-grained Authorization and Authentication Abstraction for SharePoint

Quest One Authorization Policy Server for SharePoint provides authorization services that bridge the gap between SharePoint’s own capabilities and the real-world demands of security-conscious enterprises. It delivers fine-grained authorization for multiple (possibly hundreds or thousands) SharePoint sites through run-time calls to any number of authorization sources containing user attributes, including:

  • Active Directory
  • Enterprise applications
  • An existing identity and access management (IAM) framework

Quest One Authorization Policy Server for SharePoint also delivers comprehensive and secure auditing, supports delegation of administration and enforces separation of duties (SoD).

Features

  • Entitlement Import – A powerful import tool enables you to effortlessly convert all existing SharePoint authentication and authorization attributes for use by Quest One Authorization Policy Server for SharePoint.
  • Directory Sync – SharePoint user attributes are always aligned with those from the originating directory or other identity store.
  • Federated Authentication – Quest One Authorization Policy Server for SharePoint easily handles cross-firewall access between SAML-enabled identity providers.
  • Federated Authorization – A patent-pending Web services security breakthrough speeds the performance of Web services by orders of magnitude, with increased security.
  • Single Sign-on – Quest One Authorization Policy Server for SharePoint enables clients not using SAML to achieve single sign-on between any number of authentication sources, while protecting the network from unauthorized access – only authorized resources are available.
  • Comprehensive Audit – An audit trail records every change from any source, including how the user authenticated, authentication provider used, source IP address and the exact nature of the transaction performed by the user.
  • Advanced Authorization – Support is provided for all levels of access control and authorization, from course to fine-grained. Quest One Authorization Policy Server for SharePoint supports dynamic rules, can easily handle complex attributes and offers support for groups and aggregated roles.
  • Support for Multiple Clients & Servers – Supported client operating systems include Microsoft Windows 2000