Identity Suite Concept & Configuration Guide

The Nevis Identity Suite Experience

Balancing Security and Customer Experience

In today's fast-paced digital world, businesses need to prioritize both security and customer experience to thrive. The Nevis Identity Suite offers a comprehensive solution that allows companies to manage digital identities and user access controls effectively. By implementing a Customer Identity and Access Management (CIAM) system like Nevis, you can enhance digital business processes through intuitive multi-factor authentication, such as biometrics, while ensuring a consistent and seamless customer experience across all channels.

This approach not only satisfies customer demands for speed and convenience but also meets strict GDPR compliance requirements for handling personal data. The Nevis Identity Suite helps companies achieve a balance between user experience and data protection, recognizing that positive customer experience is key to economic success.

Enhancing User Interactions with Nevis Identity Suite

The Nevis Identity Suite's capabilities extend beyond basic security measures, providing a range of functionalities to improve user interactions. With features like passwordless login, extensive self-service options, and biometric identification, Nevis Identity Suite enhances user experience without compromising security.

The suite also offers robust identity management, enabling the creation of user roles, groups, and guidelines to control access to resources. Nevis Identity Suite supports federation, single sign-on, and social login options for simplified digital access. By leveraging these features, companies can provide secure and convenient access while also ensuring that sensitive data is protected with multi-factor authentication and biometric procedures.

Security Features of Nevis Identity Suite

Nevis Identity Suite is not just about improving customer experience. It is also about enhancing your company's security posture, providing a secure entry gateway combined with a web application firewall, authentication service, and identity management. Nevis also includes features such as transaction confirmation, user behavior analytics, and consent management.

Additionally, with its support for various authentication standards like FIDO UAF, FIDO2, OAuth 2.0, OpenID Connect, and SAML, Nevis provides a complete and robust solution for modern identity and access management. Nevis Identity Suite makes security an experience, helping businesses across different industries provide their customers with secure, convenient, and cutting-edge online access.

Modular Architecture

Nevis offers a comprehensive library of patterns for configuring its components. These patterns are categorized into groups such as instance setup, application protection, authentication, and key management, among others. Generic patterns provide low-level configuration options for situations not covered by standard patterns. Further details and assistance are available within the nevisAdmin 4 graphical user interface (GUI). Experimental patterns are also included, subject to change in future releases.

Read more about the key elements of this documentation here:

• How to use Project Templates to quickly set up Nevis.
• How to configure common Nevis Use Cases.
• Browse the standard Pattern Library, to find patterns for your specific use-case.
• The Nevis Mobile Authentication and FIDO2 concept guides.
• How to use nevisFIDO Test Client library for load testing.

The Nevis Identity Suite includes various components, each with its own set of functionalities and configurations, all controlled through the nevisAdmin interface:

• nevisAdmin4, the configuration and deployment solution, that hold all the components together in a modular architecture.
• nevisProxy, a reverse proxy and web application firewall (WAF) that protects web applications.
• nevisAuth, which manages authentication flows, federation and self admin use cases.
• nevisIDM, our identity management system that stores users, including credentials and authorisations.
• nevisFIDO, which implements the FIDO UAF protocol for mobile authentication, and FIDO2 for passwordless authentication.
• nevisAdapt, which provides adaptive authentication by calculating risk scores.
• nevisDetect, a risk detection framework that correlates outputs from different detection technologies.
• nevisMeta, allows for dynamic client registration in the context of OAuth 2.0 and OpenID Connect.

The documentation is structured to guide you through the setup of the Nevis Identity Suite and covers the following key topics:

• Base Setup: Instructions for setting up the basic components required for the Nevis Identity Suite. This includes setting up virtual hosts, nevisProxy, nevisAuth, and nevisIDM.
• Application Protection: How to configure reverse proxy and WAF features using nevisProxy. This includes using patterns such as Web Application, REST Service, and SOAP Service.
• Authentication: Methods for configuring authentication using nevisAuth. This covers various authentication realms and steps, including LDAP Login and nevisIDM Password Login.
• Mobile Authentication: Setting up mobile device authentication and related use cases using nevisFIDO. This includes both in-band and out-of-band registration, as well as transaction confirmation. Also, the Nevis Authentication Cloud can be used as a fully managed cloud service for mobile authentication.
• Adaptive and Continuous Authentication: Implementing adaptive, context-aware authentication using nevisAdapt, either directly integrated with nevisAuth or through nevisDetect. This includes configuring risk profiles and feedback mechanisms.
• User Behavior Analytics: Utilizing nevisDetect for risk detection, including integrating technologies such as nevisAdapt and BehavioSec. It also covers custom risk score provider integration.
• SAML Configuration: Configuring SAML for single sign-on (SSO) between identity providers (IDP) and service providers (SP). This includes setting up SAML IDPs and SPs, as well as configuring SAML flows for authentication and logout.
• Key Management: Configuring key material and certificates for Nevis components. This includes automatic key management, PEM-based key management, and nevisKeybox-based key management.
• Monitoring: Implementing monitoring setups for Product Analytics using OpenTelemetry and other tools on different platforms.

The documentation also includes a variety of reports to help analyze and understand your configurations, including:

• Application Mapping Reports
• Key Management Reports
• Security Configuration Reports
• Pattern Library Reports

Each section provides detailed instructions and examples to guide you through the configuration process. The use of patterns in nevisAdmin 4 provides a standardized way to configure nevis Identity Suite.

Whether you are setting up a new Nevis environment or adapting an existing one, this documentation provides the necessary information to achieve your goals.

info

This guide applies to the latest version of the rolling release. If you are using an older rolling release version or an LTS version some features may not be available.