Uncategorized

Optimizing Your Oracle Identity Governance Suite License

The Oracle Identity Governance Suite is licensed under two models:

  • Named User Plus Model: Licenses are required for each individual or device authorized to access the system. Each user is assigned a specific license cost.
  • Processor Metrics Model: This model considers the number of processors in the licensed server, with costs based on each licensed processor.

Oracle Identity Governance Suite License: An Overview

Oracle Identity Governance Suite License: An Overview

The Oracle Identity Governance Suite is a robust solution for managing an organization’s identities, access, and compliance.

To meet diverse deployment and operational needs, Oracle offers two licensing models for the suite: the Named User Plus (NUP) Model and the Processor Metrics Model. Each model is tailored to different environments, offering flexibility in how businesses license the suite.


Licensing Models

1. Named User Plus (NUP) Model

  • Definition: This model is based on the total number of users or devices interacting with the system.
  • Key Details:
    • Every individual or device accessing the system must be licensed.
    • Comprehensive user enumeration is required to ensure compliance.
  • Cost Structure:
    • Each named user incurs a license fee of $3,600.
  • Use Cases:
    • Best suited for environments with a fixed or predictable number of users.
    • Ideal for organizations with smaller user bases or limited system access points.

2. Processor Metrics Model

  • Definition: This model is based on the processing capacity of Oracle Identity Governance Suite servers.
  • Key Details:
    • Licensing is determined by the total number of processors in the server.
    • This approach is independent of the number of users accessing the system.
  • Cost Structure:
    • Each processor license costs $180,000.
  • Use Cases:
    • Ideal for high-user environments where tracking individual users or devices is impractical.
    • Commonly used in public-facing applications or systems with unpredictable user volumes.

Calculating Processor Licenses

To calculate the number of processor licenses required, organizations must consider the total number of cores in the server and the core factor assigned to each processor type. Oracle provides a core factor table that specifies the multiplier for different processor architectures.

Example Calculation:

The total cost for this configuration would be 2 licenses×$180,000=$360,0002 \text{ licenses} \times \$180,000 = \$360,0002 licenses×$180,000=$360,000.

Server Configuration: A server with 4 Intel cores.

Core Factor: The core factor for Intel processors is 0.5 (as per Oracle’s core factor table).

License Calculation:

Multiply the number of cores by the core factor:
4 cores×0.5 (core factor)=2 processor licenses4 \text{ cores} \times 0.5 \text{ (core factor)} = 2 \text{ processor licenses}4 cores×0.5 (core factor)=2 processor licenses.

What is Oracle Identity Governance Suite?

What is Oracle Identity Governance Suite

Oracle Identity Governance Suite is a comprehensive solution to complex identity and access management (IAM) needs.

It includes several integrated components that enable organizations to efficiently manage the identity lifecycle, enforce access policies, and ensure compliance.

1. Oracle Identity Manager (OIM)

Oracle Identity Manager is the core component of the suite, focusing on automating identity lifecycle processes.

  • Features:
    • User provisioning and de-provisioning across applications and systems.
    • Self-service identity requests and approvals.
    • Role-based access control (RBAC) for efficient user access management.
  • Use Cases:
    • Automating employee onboarding and offboarding.
    • Enforcing security policies and role governance.

2. Oracle Access Manager (OAM)

Oracle Access Manager provides secure access to applications and systems with advanced authentication and single sign-on (SSO).

  • Features:
    • Centralized authentication for multiple applications.
    • Adaptive access control using contextual information like location or device.
    • Multi-factor authentication (MFA) for enhanced security.
  • Use Cases:
    • Simplifying user login experiences.
    • Strengthening application security with MFA.

3. Oracle Unified Directory (OUD)

Oracle Unified Directory is the lightweight, scalable directory infrastructure for identity-related data.

  • Features:
    • High-performance LDAP directory services.
    • Synchronization and replication of identity data across environments.
    • Directory virtualization for unifying multiple data sources.
  • Use Cases:
    • Centralized storage of user identity attributes.
    • Real-time synchronization of user directories.

4. Oracle Identity Governance (OIG)

Oracle Identity Governance focuses on streamlining compliance and audit processes for identity and access management.

  • Features:
    • Identity analytics and reporting for visibility into access rights.
    • Certification campaigns to review and validate user access.
    • Policy enforcement for regulatory compliance.
  • Use Cases:
    • Ensuring compliance with industry standards like GDPR and HIPAA.
    • Identifying and remediating excessive or orphaned access.

5. Oracle Privileged Access Manager (OPAM)

Oracle Privileged Access Manager secures and controls access to privileged accounts across the IT infrastructure.

  • Features:
    • Password vaulting is used to store and rotate privileged credentials.
    • Session monitoring for privileged activities.
    • Temporary access workflows with just-in-time provisioning.
  • Use Cases:
    • Securing administrative accounts with strict access controls.
    • Monitoring high-risk activities for compliance and auditing.

6. Oracle Identity Cloud Service (IDCS)

Oracle Identity Cloud Service extends the suite to the cloud, providing hybrid identity management capabilities.

  • Features:
    • Identity federation and SSO for on-premises and cloud applications.
    • User identity synchronization across hybrid environments.
    • Integration with third-party cloud services for seamless identity management.
  • Use Cases:
    • Unifying identity management across cloud and on-premises systems.
    • Supporting remote workforces with secure cloud access.

7. Oracle Adaptive Access Manager (OAAM)

Oracle Adaptive Access Manager provides advanced fraud detection and prevention capabilities.

  • Features:
    • Risk-based authentication to detect anomalies in user behavior.
    • Real-time fraud monitoring and alerts.
    • Integration with Oracle Access Manager for adaptive security.
  • Use Cases:
    • Preventing unauthorized access attempts.
    • Reducing risks associated with credential compromise.

Oracle Identity Governance Suite Licensing Considerations

Oracle Identity Governance Suite License: An Overview

Licensing Oracle Identity Governance Suite involves understanding its components, integration capabilities, and associated restricted-use licenses. Careful evaluation ensures compliance and maximizes the value of the suite’s comprehensive identity management features.

Key Components Requiring Licensing

When licensing Oracle Identity Governance Suite, the following components are included in the overall package and must be considered for proper deployment and compliance:

  • Oracle Identity Manager (OIM): Core for automating identity lifecycle processes.
  • Oracle Identity Analytics (OIA): Provides tools for compliance, reporting, and certification campaigns.
  • Self-Service and Compliance Tools: Facilitate user access requests and ensure regulatory compliance.
  • Oracle Privileged Account Manager (OPAM): Manages privileged accounts and secures sensitive credentials.

Integration Capabilities

The suite’s connectors enhance its integration with various databases, directories, and applications, enabling streamlined identity and access management across diverse IT environments.

Restricted-Use Licenses Included

Certain Oracle products are licensed for restricted use as part of the Oracle Identity Governance Suite, limiting their use to specific functions.

These include:

  • Oracle Internet Application Server Enterprise Edition or WebLogic Enterprise Edition: These platforms host all components of the Identity Governance Suite.
  • Oracle Analytics Publisher: Used exclusively for generating and viewing reports related to identity analytics.
  • BPEL Process Manager: Restricted to workflows directly involving Oracle Identity Analytics for process automation and governance workflows.

Oracle Identity Governance Suite and Oracle Advanced Security

Oracle Identity Governance Suite licensing includes a restricted-use license to Oracle Advanced Security (OAS), which is subject to the following conditions:

  • Installation Requirements: OAS and DB EE are installed separately from the Oracle Identity Governance Suite, necessitating clear licensing agreements for each.
  • Transparent Data Encryption (TDE): The restricted license permits the use of TDE solely for encrypting passwords stored in Oracle Privileged Account Manager.
  • Separate Licensing Requirements:
  • Oracle Advanced Security (OAS): If additional features of OAS are needed, such as data encryption for other applications, a full license must be purchased.
  • Oracle Database Enterprise Edition (DB EE): While required for the suite’s functionality, DB EE is licensed separately and not included in the Identity Governance Suite.

FAQ: Oracle Identity Governance Suite License

What is the Oracle Identity Governance Suite?
Oracle Identity Governance Suite is a comprehensive identity management solution that automates identity lifecycle processes, access requests, and compliance tasks for organizations.

What licensing options are available for Oracle Identity Governance Suite?
The suite is licensed based on Named User Plus (NUP) or Processor metrics, depending on the deployment environment and number of users.

What is a Named User Plus license for Oracle Identity Governance?
Each individual accessing the system, including employees, contractors, and service accounts, must have a Named User Plus (NUP) license.

When is Processor-based licensing more suitable?
Processor-based licensing is ideal for environments with high or unpredictable user counts, such as in public-facing applications.

Does Oracle Identity Governance Suite require a database license?
Yes, the suite relies on an Oracle Database for its backend operations, and the database must be licensed separately.

What additional components are included in the Oracle Identity Governance Suite?
The suite includes Oracle Identity Manager, Oracle Access Manager, and Oracle Unified Directory, among other tools for managing identities and access.

Are any features exclusive to specific licensing types?
Certain advanced features, like adaptive access controls or integration with Oracle Cloud, may require specific configurations or licensing.

Can Oracle Identity Governance Suite be used in virtualized environments?
As per Oracle’s policies, licensing compliance must account for all virtual processor cores in the deployment.

Is Oracle Identity Governance Suite available in Oracle Cloud?
It can be deployed on Oracle Cloud Infrastructure (OCI), with licensing tied to the cloud service subscription.

What is the cost structure for Oracle Identity Governance Suite?
Costs vary based on the licensing model (NUP or Processor), deployment size, and additional components or services required.

Are there audit requirements for Oracle Identity Governance Suite licensing?
Yes, Oracle audits include verifying user counts or processor usage to ensure compliance with the licensing agreement.

How do Named User Plus licenses handle inactive users?
Inactive users with access to the system still count towards the NUP total unless their accounts are fully deactivated.

Does Oracle Identity Governance Suite integrate with third-party systems?
The suite supports integration with various third-party applications and platforms for identity and access management.

What support options are available for Oracle Identity Governance Suite?
Support is available through Oracle’s standard technical support contracts, which provide updates, patches, and assistance.

How can organizations optimize their Oracle Identity Governance licensing?
Conduct regular audits of user counts, assess processor usage, and consult with Oracle licensing experts to ensure compliance and cost-effectiveness.

Do you want to know more about our Oracle License Management Services?

Please enable JavaScript in your browser to complete this form.
Author
  • Fredrik Filipsson has 20 years of experience in Oracle license management, including nine years working at Oracle and 11 years as a consultant, assisting major global clients with complex Oracle licensing issues. Before his work in Oracle licensing, he gained valuable expertise in IBM, SAP, and Salesforce licensing through his time at IBM. In addition, Fredrik has played a leading role in AI initiatives and is a successful entrepreneur, co-founding Redress Compliance and several other companies.

    View all posts