Consolidated Infrastructure Blueprint

The second component of your reference architecture is a consolidated infrastructure blueprint (CIB). A sample blueprint, courtesy of Burton Group, is shown in Figure 19-1.

A consolidated infrastructure blueprint

Figure 19-1. A consolidated infrastructure blueprint


The blueprint in Figure 19-1 is a general-purpose view of what a company's identity infrastructure might look like. As you look at it, you should recognize many of the components and concepts we've discussed throughout the book.

There are two primary purposes for a consolidated infrastructure blueprint. The first is to show the actual components in your enterprise identity infrastructure and how they are connected to each other. To that end, the diagram shown in Figure 19-1 is only a starting point that must be customized to reflect reality in your organization. The general names given in the figure would be replaced by actual system and product names.

If your organization is like most, where identity infrastructure has been built in an ad hoc fashion over the years, the "as built" CIB may be quite messy and comprise multiple disconnected chunks. The "as built" CIB is used by system architects as they design their systems to determine how their system uses and connects to the enterprise identity infrastructure, and should thus be as accurate as possible.

Once you have an "as built" CIB, you can evaluate it against the maturity model that we introduced in Chapter 15. The CIB will show the state of identity storage, how authentication is done, and what infrastructure is in place to support authorization. Assign the CIB a maturity level. Don't hesitate to assign different maturity levels to different aspects of the CIB. Share the evaluation widely and be prepared to adjust it as necessary based on the input of others. The idea is to end up with a consensus opinion of the maturity level, not just one person's opinion.

The second purpose of the CIB is to show goals states. In this use, the CIB shows how the infrastructure must evolve to meet organizational goals. Using the maturity evaluation as a starting point, determine what changes must be made to the CIB to advance the maturity of the infrastructure.

This kind of upgrade doesn't happen as a single monolithic project, so infrastructure planners should create a series of "goal state" CIBs showing the roadmap that they envision for the infrastructure build-out. This roadmap is also useful to system architects as they make their plans so that they can design systems with the future in mind.

CIBs should be accompanied by documentation that describes in as much detail as necessary the information in the blueprint. This is the place to document requirements, reference policy, and point system architects to other detailed information.