Directory Services

Consumer demand can spike unexpectedly. You need to be prepared to scale in order to support rapid growth and user demand with consistent and reliable data. ForgeRock Directory Services helps you handle massive transaction volumes and millions of identities at thousands of transactions per second.

With Directory Services, you can:

• Deliver industry-leading performance with sub-millisecond response times and low-latency throughput of up to hundreds of thousands of operations per second.

• Support WAN-optimized replication to improve bandwidth efficiency in geographically distributed environments.

• Provide load-balancing and horizontal scalability with Directory Proxy. 

• Address data sovereignty and GDPR requirements through discrete regional directory services.

Organizations need continuous protection against malicious attacks and potential breaches. ForgeRock Directory Services provides the necessary encryption to protect the confidentiality and integrity of data at rest and in transit for your customers and workforce anytime, anywhere.

ForgeRock gives you the power to:

• Use database-level encryption to secure user identities on disk and index confidentiality.

• Safeguard user identities in transit with the latest security protocols available through the Java platform (TLS1.3).

• Support mutual TLS for all types of accounts.

• Restrict access to user identities and personally identifiable information (PII) through fined-grained access control rules and enable PII data masking from logs.

• Strengthen security with extensive password policies and specialized password hashing schemes like BCrypt and PBKDF2.

Most organizations delay upgrades because they cannot afford downtime, especially if they have a secured environment. This comes at the cost of keeping up with the latest standards and technologies. Directory Services runs continuously without interruption during maintenance operations, service upgrades, network outages, and system failures. 

With Directory Services, you can:

• Support zero downtime upgrades with replication.

• Perform real-time monitoring with operational dashboards via Prometheus or Graphite.

• Mitigate risk of DDoS attacks by limiting resource consumption.

• Support backup automation with full, incremental, signed, or encrypted backups.

The ForgeRock Identity Platform is cloud-ready and DevOps-ready, so you can accelerate business results at a global scale. ForgeRock recognizes that each organization has unique needs for deployment patterns. Directory Services is deployable in a variety of ways: on premises, hybrid, or in the cloud (including containers such as VMware, AWS, Azure, Google Cloud, Docker, and Kubernetes). Directory Services supports flexible REST, LDAP, SDK, and Web Services protocols to make integration simple for developers.

With Directory Services, you can:

• Optimize operations and development with performance testing tools. 

• Store, search, and retrieve structured data (LDAP) and unstructured data (such as JSON attributes).

• Integrate with logging systems like Syslog, Elastic Search, Splunk, and REST. 

• Eliminate dependencies on password synchronization by easily integrating with Microsoft Active Directory.