English   Deutsch   Русский   中文    

Felix Gaehtgens: Sun unveils new models for OpenSSO

Sun unveils new models for OpenSSO
by Felix Gaehtgens
fg@kuppingercole.com

Sun has now changed its model for OpenSSO and Access Manager. Customers with a valid contract will now receive the same support for either OpenSSO stable builds or the commercial Access Manager software. Both are the identical code base – as was already the case previously – but have different release cycles: whereas the OpenSSO stable builds are release every three months, Access Manager has a release cycle of not more than once per year. This allows customers to choose freely whether to opt for innovation or commercial release – or even a mixture of both.

Kuppinger Cole was briefed last Tuesday by Sun’s Daniel Raskin who talked about how customers are using a mixture of OpenSSO and Access Manager in current environments to stay ahead of the innovation curve, and how they now benefit from support for both versions. In order to receive support, customers must either purchase a perpetual license, a Sun Identity Management Suite subscription or a Java Enterprise subscription.

As the saying goes, the only constant thing is change – and with Sun that is even more true with the names of their products. OpenSSO stable build will now be called “OpenSSO Express” and rumour has it that some more renaming exercises are coming up. Sun has also made an announcement regarding its “Fedlet” – a small, light-weight federation solution for endpoints (also called “service providers” or “resource partners”). Fedlet will be fully supported for all partner organizations as long as they are connecting to a supported OpenSSO Express/ Access Manager. For example, if an enterprise has a supported version of OpenSSO Express or Access Manager, then Sun will support all partners that use Fedlet for connecting back to that access manager without extra charge.

The development of OpenSSO is lively, and the product has improved dramatically over the years. When Sun yanked out the access management part from its portal server to release it as a separate product, Access Manager was still very rough around the edges. Continuous improvements and investment especially on the federation side enabled Sun to narrow the gap to other access management vendors. Sun eventually decided to open source the development of access manager through OpenSSO. Released under the Sun community license, this was planned as an effort to entice other developers to participate in the OpenSSO effort.

The initial teething problems have long been overcome - specifically the limited amount of “committers” – i.e. trusted people that revise code changes and contributions received from contributors and either reject or commit those changes to the code base. In the beginning, all committers where Sun employees who did the “committing” in their rare spare time, which meant that it could take a long time for bug fixes and code contributions from external sources to be approved. Nowadays, the OpenSSO project has around 60 committers, 10 of them being external, i.e. non Sun-employees. The community and Sun engineers now have a reputation for being quite responsive in helping community members while in development.

Kuppinger Cole believes that in principle, open-sourced development has large advantages for customers. The hybrid approach of an innovative version with a short release cycle in parallel to a commercial release with a longer release cycle works very well when both are supported equally and enterprises can choose freely. The number of developers and the ability to contribute also gives enterprises peace of mind. Last but not least, several large enterprises have made very positive experience with a bottom-up approach to access management with OpenSSO. We therefore consider OpenSSO Express/Access Manager to be a safe product investment, when the features match the specific business needs.

So what’s the catch with this new model? The change brings large benefits for customers that have invested into the technology as they can now choose to be more innovative through OpenSSO and even contribute directly. It also makes it easy for companies willing to experiment with the products as they can use and even deploy them free of charge – even in production environments. Once official Sun support is required, the products can then be licensed. If companies decide to rely on the community support instead, there is no charge. So what about the price if a company wants professional support for OpenSSO? There are several modalities available from Sun, either through subscriptions or perpetual licenses.

Here is however where we believe lays a potential issue that Sun must address. Since the use of the software is free, what are companies paying for? If it is only support, then the cost for the support must be in relation to what is being delivered (namely, support, and nothing else). If a company must pay on a per-employee basis for a license or a subscription, then the real cost of the support can easily be significantly higher than what another company pays for exactly the same support. It is therefore now up to Sun to clarify and justify the pricing model for its access management product line. Otherwise in the future, other companies might even compete with Sun by offering third-party support for OpenSSO.

According to Sun, the OpenSSO community primarily consists of enterprises or large organisations that are implementing enterprise scale solutions. When it comes to price those organisations weigh the cost of buying a license versus the cost of hiring internal resources to manage their deployment without Sun support. Sun claims that its pricing is less expensive then the alternative of doing it on their own.

This new announcement is a very good step forward for Sun’s customers. Sun itself is likely to capitalise on the new market share that will be generated as customers are enticed by this new model. Customers have the best of both worlds – a very innovative product with a large and active engineering base, together with professional support. Sun now needs to demonstrate that the pricing options for professional OpenSSO Express/Access Manager support are in line or better than what organisations would pay when using similar products from other vendors.

Created: 24.07.08, modified: 30.09.08

top
KuppingerCole Select
Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.
Register now
Spotlight
Real-time Security Intelligence
Over the last couple of years, challenges in the IT industry have led to the emergence of a new technology called Real-time Security Intelligence. The biggest technological breakthrough that made these solutions possible is Big Data analytics. The industry has finally reached the point, when business intelligence algorithms for large-scale data processing have become commoditized. This makes it possible to combine real-time and historical analysis and identify new incidents as being related to others that occurred in the past, which can greatly facilitate identification of ongoing APT attacks on the network.
KuppingerCole Analyst Services
KuppingerCole offers clients a wide range of reports, consulting options and events aimed at providing companies and organizations with a clear understanding of both technology and markets, enabling them to fine-tune their own strategies and projects avoid costly mistakes in choosing vendors and solutions.
Links
 KuppingerCole News

 KuppingerCole on Facebook

 KuppingerCole on Twitter

 KuppingerCole on Google+

 KuppingerCole on YouTube

 KuppingerCole at LinkedIn

 Our group at LinkedIn

 Our group at Xing

 GenericIAM
Imprint       General Terms and Conditions       Terms of Use       Privacy policy
© 2003-2014 KuppingerCole