Skip Headers
Oracle® Fusion Middleware Administrator's Guide for Oracle Adaptive Access Manager
11g Release 2 (11.1.2.0)

Part Number E27207-20
Go to Documentation Home
Home
Go to Table of Contents
Contents
Go to Index
Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

What's New in Oracle Adaptive Access Manager 11.1.2?

This chapter introduces the new and changed administrative features of Oracle Adaptive Access Manager 11.1.2. It contains these topics:

New Features for Oracle Adaptive Access Manager 11.1.2.0

Oracle Adaptive Access Manager 11.1.2.0 includes many important features and enhancements that were not available with Oracle Adaptive Access Manager 10g. The following is a list of the new features and enhancements:

Areas Features and Enhancements

Enhanced mobile security

Enhanced mobile security includes:

  • Better mobile browser UX

  • Mobile tuned security policies

  • REST services and SDK for mobile application developers

  • Hardened mobile device fingerprinting

  • Lost and stolen mobile device security

Transactional autolearning

New transactional autolearning includes:

  • Customizable patterning

  • Transaction rule conditions

Investigation tools

New investigation tools have been added to make investigations quicker and easier:

  • Improved case management

  • Utility panel quick search

  • Utility panel notes pane

  • Search transactions

  • Additional search filters for transaction and entity data, alert messages, geographic location, and IP addresses range

  • Transaction details

  • Compare transactions

  • Streamlined white/black listing

  • Multitenant access controls for customer service representative interface to allow protection of multiple application tenants with a single instance of OAAM

  • "Add to Group" feature in search sessions and details pages that enables entities to be added to groups easily

Entity enhancements

Enhanced entities includes:

  • Linked entities

  • Entity CRUD operations

  • Targeted purging

Access monitoring toolkit

The Access monitoring toolkit includes:

  • JMSQ interface

  • Database view generation


Feature Comparison Chart - Oracle Adaptive Access Manager 11.1.2.0 vs. Oracle Adaptive Access Manager 11.1.1.3.0

Features 10.1.4.5 11.1.1.3.0 11.1.2

Real-time and offline rules engine

X

X

X

Virtual authentication devices

X

X

X

Knowledge-based authentication

X

X

X

Adaptive device identification*

X

X

X

Base security policies (ongoing updates)

X

X

X

Real-time dashboard (improved)

X

X

X

Customer service module

X

X

X

Real-time access to activity data

X

X

X

Actions, alerts, and risk scoring

X

X

X

Rule conditions

X

X

X

Optimized log data management

X

X

X

Enhanced caching of rules data object

X

X

X

Expanded integration APIs

X

X

X

Investigation agent workflow

X

   

Rules authoring user interface

X

X

X

Transaction definition and mapping user interface

X

X

X

Data entity definition and mapping user interface

X

X

X

Behavior pattern configuration interface

X

X

X

Configurable actions

X

X

X

Server-generated one-time password

X (Native only)

X (All deployment types)

X (All deployment types)

Customizable reporting BI Publisher (bundled)

X

X

X

Tree-based navigation and policy browse

 

X

X

Tabular multitasking user interface

 

X

X

Customizable search screens

 

X

X

Common audit framework

 

X

X

Better mobile browser UX

   

X

Mobile tuned security policies

   

X

REST services and SDK for mobile application developers

   

X

Lost and stolen mobile device security

   

X

Customizable patterning

   

X

Transaction rule conditions

   

X

Improved case management

   

X

Utility panel quick search

   

X

Utility panel notes pane

   

X

Search transactions

   

X

Transaction details

   

X

Compare transactions

   

X

Streamlined white/black listing

   

X

Linked entities

   

X

Entity CRUD operations

   

X

Targeted purging

   

X

JMSQ interface

   

X

Database view generation

   

X

Integrated Oracle Identity Manager password management flows

 

X

X

Oracle Installer and Repository Creation Utility

 

X

X

Oracle Patch

 

X

X

Oracle Adaptive Access Manager Offline User Interface

X

X

X

Document Models

X

   

Globalization

X

X

X


Integrations 10.1.4.5 11.1.1.3.0 11g (11.1.2)

Oracle Access Management Access Manager integration

X

X

X

Oracle Identity Manager integration

 

X

X

Juniper SSL VPN integration

   

X


Concepts and Terminology Changes for Oracle Adaptive Access Manager 11g

Customers migrating from Oracle Adaptive Access Manager 10g to 11g will notice a few key conceptual and terminology changes. These changes are intended to align terminology used across the Identity Management suite products and simplify administration. Full definitions of these and many other terms can be found in the glossary.

General Term Changes

10g Term 11g Term

runtime

checkpoint

A checkpoint is a specified point in a session when Adaptive Access Manager collects and evaluates security data using the rules engine.

model

policy

Policies contain security rules and configurations used to evaluate the level of risk at each checkpoint.

manual override

trigger combination

Trigger combinations are additional results and policy evaluation that are generated if a specific sequence of rules trigger.

Application ID

Organization ID

From the administration perspective, each application or primary user group is translated into an "Organization ID." The term, "Application ID" has been renamed as "Organization ID," which represents the primary user group of a particular user.

For the OAAM Server side, the term "Application ID" remains the same as before. When communicating with proxies, OAAM Server passes the Applications ID, which uniquely identifies an application.


Concept Changes

Concepts changes are listed in the following table.

10g Concept 11gR1 Concept

OAAM Adaptive Risk Manager

The rules engine is now part of OAAM Server. The Administration Console is now a separate application named OAAM Admin.

OAAM Adaptive Strong Authenticator

The end-user flows including the virtual authentication devices, Knowledge-Based Authentication and One-Time Password authentication are now contained in OAAM Server.

rule template

The concept has been removed from product

policy type

The concept has been removed from the product


Web Applications

Oracle Adaptive Access Manager's deployed applications in 11g are:

Architecture and Deployment Changes

Architecture and deployment changes are listed as follows: