Sentinel provides an integration framework to identity management systems to track the identities of for each user account and what events those identities have performed.
This integration provides functionality on several levels:
The Identity Browser provides the ability to look up the following information about a user:
Contact information
Accounts associated with that user
Most recent authentication events
Most recent access events
Most recent permissions changes
The Identity Browser lets you do a lookup from events
Reports and Correlation rules provide an integrated view of a user's true identity, even across multiple systems on which the user has separate accounts. For example, accounts like COMPANY\testuser; > cn=testuser,ou=engineering,o=company, and TUser@company.com can be mapped to the actual person who owns the accounts.
By displaying information about the people initiating a given action or people affected by an action, incident response times are improved and behavior-based analysis is enabled.
NOTE:Only administrators can integrate Sentinel with identity management systems. For more information, see Integrating Identity Information
in the Sentinel Administration Guide.