This intermediate course is for system administrators, security architects, application programmers, and identity developers who are responsible for maintaining large numbers of users, groups, and access to specific information resources.
IBM Tivoli Access Manager is an authentication and authorization solution for corporate Web, client-server, and e-commerce applications. It controls access to business critical information and resources with centralized, flexible, and scalable access control. Learn the skills necessary to install and configure each component, secure a Web infrastructure using WebSEAL, use common auditing to centralize reports, learn Web applications, create security policies, and manage user sessions. This course includes hands-on labs that reinforce the skills required to deploy and administer Tivoli Access Manager for e-business. This course is also offered as an Instructor-Led Online (ILO) class. See course 8W103 for further information and class schedules.
Unit 1: Introduction and Overview IBM Tivoli Access Manager functions IBM Tivoli Access Manager for e-business Unit 2: Installation Product prerequisites Supported platforms and the user registries. Installing Tivoli Access Manager Unit 3: Tivoli Access Manager and the LDAP User Registry Lightweight Directory Access Protocol overview Lightweight Directory Access Protocol entries Role the user registry in IBM Tivoli Access Manager Unit 4: Managing Access Control pdadmin and the Web Portal Manager Managing users and groups Domain membership and multiple domains Defining access control lists (ACLs) Managing access control lists Protected object policies (POPs) Managing protected object policies Unit 5: Introduction to WebSEAL Overview and architecture Protecting web resources WebSEAL authentication mechanisms WebSEAL junctions Web space scalability Unit 6: WebSEAL Installation and Configuration WebSEAL installation components WebSEAL installation prerequisites Installation Configuration Management Unit 7: WebSEAL Authentication Basic authentication Forms authentication Client-side certificate authentication HTTP header authentication Internet Protocol (IP) authentication Token authentication Unit 8: WebSEAL Junctions Standard WebSEAL junctions Managing standard WebSEAL junctions WebSEAL link filtering Transparent path junctions Unit 9: Single Sign-on Basic authentication single sign-on Global single sign-on (GSO) Forms single sign-on Unit 10: Session Management Server (SMS) Server Redundancy Using SMS to support redundancy between WebSEAL instances Session management using SMS Unit 11: Logging and Auditing TAMeB and WebSEAL logging capabilities Difference between logging and auditing in a TAMeB context Configuring logging Configuring auditing Unit 12: Producing Reports Common Audit Service (CAS) installation Tivoli Common Reporting (TCR) installation Configuring Tivoli Access Manager components to send audit information to CAS. Generating audit reports Unit 13: Protecting JEE Applications Java authorization contract for containers (JACC) and TAM interaction Configuring authorization and user mapping to secure Java Enterprise Edition (JEE) applications
Describe the purpose and components of architecture of Tivoli Access Manager Install and configure the Tivoli Access Manager policy server, Web portal manager, and WebSEAL Create users, groups, access control lists, and protected object policies to manage the authentication and authorization of users Describe the authentication mechanisms used by WebSEAL Install and configure the session management server (SMS) to manage user sessions Use the common auditing service (CAS) and Tivoli Common Reporting (TCR) to generate reports about Tivoli Access Manager activity Integrate Tivoli Access Manager into a Java Enterprise Edition (JEE) application framework