Organizations looking to extend their directory service Microsoft® Active Directory® (AD) to the cloud may be considering Azure® Active Directory (Azure AD or AAD) or Ping Identity® as their next IAM provider.
For many, finding the ideal identity provider comes after strategizing what requirements are necessary to best serve an individual IT organization. As such, we will be discussing what admins commonly look for in a core identity provider (IdP) to securely manage their on-prem and cloud-based resources, as well as potential use cases for web application SSO solutions like Ping Identity and Azure AD.
What is Ping Identity?
Ping Identity introduced many to the concept of single sign-on (SSO) in the early 2000s by extending user identities from AD to web applications. Ping Identity was unlike many subsequent web application SSO solutions because it could be hosted on-prem or in the cloud. This optional approach may be ideal for organizations seeking to maintain their on-prem infrastructure.
Beyond web app SSO, Ping Identity has worked toward becoming a core identity provider, but gaps in its functionality lead most organizations to layer it on top of AD rather than use it as a standalone service.
What is Azure AD?
In a similar sense, Azure AD is most commonly used so organizations can extend their existing AD identities to Azure cloud infrastructure and select web applications.
Microsoft introduced AAD as an adjunct identity management solution to control Azure access, and it’s useful for organizations wanting to extend the reach of their existing on-prem AD identities to select SaaS applications. However, AAD is not a cloud-based replacement for on-prem directory services, and is more meant as a complementary service to AD, much like Ping Identity. AAD also suffers many of the pitfalls of its legacy predecessor in that it is (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Kayla Coco-Stotts. Read the original post at: https://jumpcloud.com/blog/aad-versus-ping-identity