Andre Durand

Discovering life, one mistake at a time.

Archive for January, 2007

PingFederate now Citrix Ready

January 29, 2007 By: Andre Category: Identity

The PingFederate Citrix Integration Kit extends the reach of SAML and
WS-Federation single sign-on (SSO) beyond Web applications to also
include any client/server applications that have been virtualized using
Citrix Presentation Server 4.0. It generates Kerberos sessions for
users when it receives federation assertions from Identity Providers
(i.e., enables SSO to Citrix Presentation Server applications as a
Service Provider).

CIO & CSO Magazine Partner with Digital ID World

January 26, 2007 By: Andre Category: Identity

From humble beginnings, I’ve been privileged to watch Phil and Eric build this event into a world-class venue for community interaction and learning. As my attention narrowed in years past to Ping Identity, I watched as these two put their heart and soul into the project, I couldn’t be more happy for their success and this outcome.

CIO and CSO Magazines Add Digital ID World Conference to Suite of
Security Events; Security Pros to Convene in San Francisco September
23rd-26th to Address Critical Identity Issues

IDG’s CXO Media, publisher of CIO
( and CSO ( magazines and events,
today announced a new partnership with Digital ID World
( whereby the two organizations will co- produce
the Digital ID World Conference, the identity industry’s primary gathering

Now in its sixth year, the Digital ID World conference convenes
700+ of the industry’s top leaders and enterprise implementers for an
intensive three days of networking and education. This year’s
conference, taking place September 23-26th at the San Francisco Hilton,
will cover the full spectrum of identity, including: the convergence of
physical and logical identity systems, securing SOA with identity,
identity-based network access control, application-layer identity
management, provisioning, virtual directories, federation, user-centric
identity and more.

Federations Tipping Point

January 24, 2007 By: Andre Category: Identity

I just returned from a Ping Identity customer summit held at the Keystone Resort here in Colorado. We met with several of our customers to discuss our 2007 roadmap and some of the challenges they were facing in the general realm of securing the extended enterprise.

While lots of great things were discussed, there were a few that stood out and I felt worth sharing:

  • From what I could gather, 99.9% of the cross-domain activity between companies and their partners was today ad-hoc, one-off and home grown. I was floored to say the least. Moreover, implementations were different with each partner. This was true for both SSO, user account provisioning and web services.
  • When asked where people thought we were as an industry with regards to ‘crossing the chasm’, the consensus appeared to be that we were right now actually in the chasm, but that within 8 to 14 months, we would be through it. Sheez, could this have taken any longer?
  • One company said that recently they had MANDATED that ALL go-forward partner SSO be done via SAML. From the sounds of it, a few of the companies also present were not too far behind in coming to the same decision.

…and then it occurred to me.

When a critical mass of companies mandate standards for cross-domain SSO, we will have hit the tipping point for federated SSO. Having seen a few companies already cross that line, there is a formula. What we need to do now is hone it down and then hit the repeat button.

Entrepreneurial Wisdoms

January 19, 2007 By: Andre Category: Identity

As I get older, I find myself more and more aware of the simple wisdom’s and insights of others with regards business and entrepreneurialism. In fact, I actually collect them, like baseball cards.

This week, I heard a great one from a guy who knew Warren Buffett… you don’t need to swing at every ball. Wait until you see a juicy one coming your way, and then pull out your big bat and go all-in.

I also have really come to appreciate why complexity is bad in business. It simply doesn’t scale. Of course, some businesses are inherently complex, and in those situations, the trick is to drive as much complexity out as possible, so that you can scale what works.

Focusing on what’s important.

January 11, 2007 By: Andre Category: Identity

Caveat: I can’t remember where I heard this, so I might not have my sources or the exact statements correct, but you’ll get the point.

  • When GM was recently asked, “…are you worried about losing the #1 spot as the worlds largest car manufacturer?” the answer was, “…we’re very concerned about maintaining our #1 position as the largest manufacturer of cars.”
  • When the same question was asked of Toyota, “…are you focused on becoming the #1 car manufacturer in the world,” the response was, “we’re concerned quality is slipping.”

Who do you think is destined to become the #1 car manufacturer in the world?

Simultaneously, I came across this manifesto of the Toyota way of innovation and breakthrough thinking. WOW. This is a must read.

Gotta love my wife…

January 03, 2007 By: Andre Category: Life

I received a holiday photo-card from an acquaintance who from the photo, I discovered has four children. My wife and I are thinking of expanding the Durand family, so I emailed him back, and discovered that he not only has four children, but his wife ran a full marathon 3 months pregnant, a half marathon at 6 months, and a 10k less than 24 hours before going into delivery.

I was so impressed; I forwarded the email to my wife.
Her response,I
only plan on running if I am being chased by someone and I believe I can’t kick
their ass.”

PingFederate 4.2 Now Available

January 03, 2007 By: Andre Category: Identity

PingFederate 4.2 is now available for immediate download. PingFederate continues
it’s leadership as the most advanced SAML & WS-Federation
federation server on the market with new features focused on enterprise production
deployment for logging and administration. Here’s the
shortlist of new feature enhancements:
  • Enhanced Transaction Logging Functionality
  • Attribute Masking
  • Distinct Admin Console Port
  • Display Filtering on Connection Management Screens
  • Adapter SDK enhancements to allow file download
  • Usability refinements to the certificate summary screen
  • Streamlined Certificate Selection Display
  • Allow configuration of multiple endpoints with the same binding
  • Improved Proxy Support
  • Transparent PF 2.x -> PF 4.2 Upgrade

We also released two new
turn-key integration kits this week for Integrated Windows Authentication (IWA) and WebLogic.

The new IWA IdP Integration Kit effectively enables “Desktop Federation”,
whereby a user logs into Windows / Active Directory and is then able to
open a browser and ‘federate’ to another domain using SAML single sign-on.
This kit replaces the older NTLM Integration Kit. This brings our total integration library to over a dozen, including:

Engineering like Clockwork

January 02, 2007 By: Andre Category: Identity

We ended 2006 strong. Sales increased 125% over last year and in the past two months, our run-rate is exceeding our plan for 2007. Federation became in 2006 a very real enterprise activity.

While I couldn’t be more pleased with our customer and sales growth, I’m simply in awe of our engineering team.  Without them, we wouldn’t have the worldclass products and reputation we do today. Quite frankly, I’ve never been associated with a company that has produced so much quality product without a hitch.

In 2006, the Ping Identity engineering team delivered 11 major releases of software across three product lines and was not a single day late. Even more impressive was the fact that these technologies spanned a wide range of technologies such as SAML, WS-Federation, SPML, WS-Trust and consumer strong authentication. We consider being agile one of our core competencies here at Ping Identity, and engineering has definitely set the bar high. The big don’t eat the small. The fast eat the slow. Here’s what engineering delivered in 2006.


  • v4.0: 25 May
  • v4.1 : 13 Oct
  • v4.2 : 22 Dec
  • SPML Engine Phase 1: 22 Dec


  • Core: March
  • v1.0: 28 July
  • v2.0: 22 Dec


  • v1.0: January
  • v1.1: May
  • v1.2: August
  • v2.0: Nov