The SAML web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Lighthouse Introduces SaaS-Based Managed Enterprise Security Solution

Lighthouse Security Group introduced Lighthouse Gateway, a Software-as-a-Service (SaaS)-based platform that provides corporate identity and access management in a compliant, cost-effective, open solution. Based on IBM’s Tivoli identity and access management software, Lighthouse Gateway implements Web-based SaaS technologies, eliminating the risk and expenses associated with purchasing, deploying and maintaining an in-house security infrastructure.

On average, Lighthouse Gateway will cost an enterprise customer 30 - 60% less over the first three years of operation compared to full ownership costs. In addition to eliminating expenses, enterprises can significantly reduce the time associated with managing security.

“VantisLife was facing an initial cost of ownership investment in the hundreds of thousands of dollars, with a four- to six-month startup window, to meet enhanced security and regulatory compliance standards,” said Jim Lovelace, associate vice president of information technology of VantisLife. “Instead, with the Lighthouse Gateway solution, we have a state of the art security solution, at a fixed monthly service fee that will cost us less over three years than the cost of the initial stand-up of a wholly owned and operated infrastructure -- and we went from assessment to implementation in just six weeks.”

The Lighthouse Gateway provides enterprises with:

Access ManagementLighthouse Gateway manages comprehensive application and system access across the enterprise and supports numerous out-of-the-box authentication mechanisms. Simple GUI-driven, web-based administration allows non-technical client administrators to define their access control policies via intuitive point-and-click technology, while enforcement is provided by the Gateway (as users request access to URLs) or as part of an integrated Web application request via open standard authorization protocols.

Identity Management – Lighthouse Gateway integrates with existing identity management systems and synchronizes user identity and role information with existing user repositories, including out-of-the-box support for 52 common repository types. Lighthouse Gateway may also optionally serve as a company’s authoritative Identity Management system if there is not one currently in place.

Federated Identity and Access Management – Lighthouse Gateway provides both identity and service provider federation capabilities for clients to achieve integrated authentication-trust with business partners. The system supports leading open federation protocols such as Security Assertion Markup Language (SAML) and Web Services Federation (WS-Federation) while providing federated authentication at both the user-level and machine-level.

Perimeter Security – Lighthouse Gateway offers unsurpassed protection against growing Internet threats and provides in-depth protection with firewalls, intrusion detection and prevention services, sure-route access assurance, enhanced DNS protection, and Border Gateway Protocol (BGP) monitoring.

Integrated Self-Service To make the Lighthouse Gateway solution truly turnkey for many clients, integrated self service for Web Access Management (WAM) expands upon the system’s unique software innovations. Allowing clients to expose self registration, password reset, and other common self help tools to their users, the Gateway’s point-and-click self service configuration makes the task simple for even non-technical administrators. The tools, which allow for corporate branding of look-and-feel as well as behavior, require no code development, effectively eliminating the need to develop and maintain costly custom applications that typically serve these functions.

No Infrastructure to Build or Operate – The military-strength Lighthouse Gateway infrastructure is based on redundant gigabit and fiber with two independent grids supplying power and three independent ISPs providing connectivity. The highly available Tier 3, SAS70 Type II compliant datacenter ensures compliance and security as a top priority. In addition, Lighthouse Gateway offers surge protection, ensuring that additional capacity is “on tap” for surges in usage.

Managed Compliance – Lighthouse Gateway infrastructure services are audited by CISA and COBIT certified auditors to ensure compliance with industry regulations such as Payment Card Industry (PCI), Sarbanes-Oxley (SOX), HIPAA, Privacy Act, and others.

“As identity and access management becomes ever more critical due to heightened risks, regulatory compliance, and corporate responsibility, the costs and investment to keep up with these technologies are mounting for most companies,” said Eric Maass, Enterprise Security Solutions director at Lighthouse. “We strongly believe that the SaaS approach of the Gateway, built upon strong roots and our experience with similar challenges in the Department of Defense, will enable us to deliver a best-of-breed, turnkey solution for a fraction of the conventional cost-of-ownership.”

Formerly chief security architect of the Air Force’s Global Combat Support System (GCSS-AF), Maass ensured that the Gateway vision shares deep roots with the SaaS technologies brought to market originally by the Department of Defense. “The Lighthouse Gateway solution is built on a security model that has been proven in operational use for the U.S. Air Force,” said John Gilligan, former chief information officer of the Air Force, under whose direction the agency pioneered such SaaS concepts to dramatically reduce IT expenditures. Currently a member of the Cyber Security Commission that advises the President of the United States, Gilligan continued, “Providing this solution as a service permits any organization to maintain a robust security posture, while reducing cost and risk, making it an enormously attractive alternative to conventional approaches.”

Sharing that sentiment is Dr. Joseph Besselman, the retired Air Force program manager credited with leading the evolution of the Air Force’s multi-million user IT infrastructure to a SaaS model. “The Lighthouse Gateway is yet another wave in the commoditization of IT, encapsulating the lessons learned, experience, and derived services developed over a course of seven years securing and defending against the continuous and evolutionary attacks faced by the Air Force’s combat support community.”

The Lighthouse Gateway will be on display at the upcoming IBM Pulse 2009 show, taking place in Las Vegas, NV from February 8-12, in booth # E112.

About Lighthouse Security Group, LLC

Lighthouse Security Group, LLC, a wholly owned subsidiary of Lighthouse Computer Services, Inc., is a premier provider of enterprise IT security solutions, offering consulting, integration and maintenance services to a wide range of industries, including Financial Services, Healthcare, Retail, Manufacturing, Higher Education, and Department of Defense. Established in 2007, Lighthouse Security Group consists of a team of world-class enterprise IT experts with deep industry knowledge and DoD and intelligence agency clearance. With rigorous process-driven engineering and compliance-ready solutions, Lighthouse Security Group solves an enterprise’s security challenges, including: Identity and Access Management (IAM), Service Oriented Architecture Security, Federated IAM, Enterprise Audit and Compliance Management, and Network Perimeter Security.


Lighthouse Computer Services, Inc.
David Sylvestre, 401-334-0799 ext. 155 Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I