IBM Tivoli Access Manager for e-business 6.1.1 Administration/Deployment (ILO)

NOTE: This is a live, instructor-led online course. Do not make arrangements to travel. See the Student Machine Requirements section for the equipment required to participate in the lectures and hands-on labs. After you are confirmed in the class you will receive further instructions to access audio, video and remote labs. Instructor-led Online US courses start at 9:00 am Central time unless specified otherwise. Please enroll at least five business days prior to class start date to ensure course materials can be shipped in time. You must provide the mailing address where you wish to receive your course materials if it is different from the company address indicated in your enrollment request.
IBM Tivoli Access Manager is an authentication and authorization solution for corporate Web, client-server, and e-commerce applications. It controls access to business critical information and resources with centralized, flexible, and scalable access control.
Learn the skills necessary to install and configure each component, secure a Web infrastructure using WebSEAL, use common auditing to centralize reports, learn Web applications, create security policies, and manage user sessions. This course includes hands-on labs that reinforce the skills required to deploy and administer Tivoli Access Manager for e-business.
This course is also offered in a traditional classroom setting. See course IBM Tivoli Access Manager for e-business 6.1.1 Administration and Deployment (TW103) for additional information and class schedules.
Určeno pro
This intermediate course is for system administrators, security architects, application programmers, and identity developers who are responsible for maintaining large numbers of users, groups, and access to specific information resources.
Předpokládané znalosti
You should have basic Linux operating system skills and understand the fundamentals of Lightweight Directory Access Protocol (LDAP).
Cíl kurzu
• Describe the purpose and components of architecture of Tivoli Access Manager
• Install and configure the Tivoli Access Manager policy server, Web portal manager, and WebSEAL
• Create users, groups, access control lists, and protected object policies to manage the authentication and authorization of users
• Describe the authentication mechanisms used by WebSEAL
• Install and configure the session management server (SMS) to manage user sessions
• Use the common auditing service (CAS) and Tivoli Common Reporting (TCR) to generate reports about Tivoli
• Access Manager activity
• Integrate Tivoli Access Manager into a Java Enterprise Edition (JEE) application framework
Klíčová témata
Unit 1: Introduction and Overview
• IBM Tivoli Access Manager functions
• IBM Tivoli Access Manager for e-business
Unit 2: Installation
• Product prerequisites
• Supported platforms and the user registries
• Installing Tivoli Access Manager
Unit 3: Tivoli Access Manager and the LDAP User Registry
• Lightweight Directory Access Protocol overview
• Lightweight Directory Access Protocol entries
• Role the user registry in IBM Tivoli Access Manager
Unit 4: Managing Access Control
• pdadmin and the Web Portal Manager
• Managing users and groups
• Domain membership and multiple domains
• Defining access control lists (ACLs)
• Managing access control lists
• Protected object policies (POPs)
• Managing protected object policies
Unit 5: Introduction to WebSEAL
• Overview and architecture
• Protecting web resources
• WebSEAL authentication mechanisms
• WebSEAL junctions
• Web space scalability
Unit 6: WebSEAL Installation and Configuration
• WebSEAL installation components
• WebSEAL installation prerequisites
• Installation
• Configuration
• Management
Unit 7: WebSEAL Authentication
• Basic authentication
• Forms authentication
• Client-side certificate authentication
• HTTP header authentication
• Internet Protocol (IP) authentication
• Token authentication
Unit 8: WebSEAL Junctions
• Standard WebSEAL junctions
• Managing standard WebSEAL junctions
• WebSEAL link filtering
• Transparent path junctions
Unit 9: Single Sign-on
• Basic authentication single sign-on
• Global single sign-on (GSO)
• Forms single sign-on
Unit 10: Session Management Server (SMS)
• Server Redundancy
• Using SMS to support redundancy between WebSEAL instances
• Session management using SMS
Unit 11: Logging and Auditing
• TAMeB and WebSEAL logging capabilities
• Difference between logging and auditing in a TAMeB context
• Configuring logging
• Configuring auditing
Unit 12: Producing Reports
• Common Audit Service (CAS) installation
• Tivoli Common Reporting (TCR) installation
• Configuring Tivoli Access Manager components to send audit information to CAS.
• Generating audit reports
Unit 13: Protecting JEE Applications
• Java authorization contract for containers (JACC) and TAM interaction
• Configuring authorization and user mapping to secure Java Enterprise Edition (JEE) applications
Požadavky na technické vybavení
To participate in both the lectures and labs for this course, the student workstation must meet the following hardware requirements:
• Minimum of 256 MB of memory
• Windows 98 or higher
• Headset with microphone, or separate microphone and speakers
• Internet Explorer 5.5 or higher
• 128-bit encryption (Versions of Internet Explorer prior to version 6.0 and Windows 98, NT 4.0, and 2000 must have the High Encryption Packs installed)
• Citrix™ ICA Client (Installed when you access e-lab during class)
• High speed internet (56K bps or higher)
NOTE: The Citrix™ application (web client or full package) requires access to port 443 (https). Please ensure personal and corporate firewalls have this port open.