IBM Rational AppScan and IBM Rational Policy Tester help users assess security and compliance of Web sites and Web applications

IBM United States Software Announcement 207-296
November 13, 2007

ENUS207296.PDF (46KB)

Table of contents Document options

TOC link At a glance Technical information

Overview Software Services

Key prerequisites Ordering information

Planned availability dates Terms and conditions

Description Prices

Offering Information Order now

Publications

Printable version

At a glance

IBM Rational AppScan products provide:

Automated Web application scanning and testing for common Web application vulnerabilities including Web Application Security Counsel (WASC) threat classification (such as SQL-Injection, Cross-Site^® Scripting, and Buffer Overflow) and intelligent fix recommendations to ease remediation
Broad application coverage including integrated Web services scanning, Java™-Script execution (including AJAX), and parsing
Advanced remediation capabilities including a comprehensive task list necessary to fix vulnerabilities disclosed by the scan
Over 40 out-of-the box security compliance reports including PCI Data Security Standard, ISO 17799 and ISO 27001, HIPAA, GLBA, and Basel II
Multi-user application vulnerability testing and reporting solution used to distribute application security testing across the organization
Scalable, enterprise architecture that enables scanning for multiple applications simultaneously
Sophisticated dashboards and flexible reporting views to provide enterprise-wide visibility of risks and remediation progress
Role-based reporting access and scan permissions to help enforce test polices and to centralize vulnerability scanning
Integration across other product lines, including IBM Tivoli^® and ISS, which improves security and compliance processes by bringing Web application security more fully into the systems development life cycle

IBM Rational Policy Tester products can:

Assess Web sites for quality, privacy, accessibility and compliance issues
Improve accuracy and reliability of privacy policy management, PII discovery, leak prevention, and privacy compliance assessments
Uncover issues impacting site usability such as spelling errors, broken links, and accessibility issues
Drive significant cost out of online operations by automating manual processes, and identifying and prioritizing issues for immediate remediation

For ordering, contact:

Your IBM representative or IBM Americas Call Centers at 800-IBM-CALL (Reference: YE001).

Back top Back to top

Overview

While Web sites streamline access to information, they are vulnerable, potentially exposing critical corporate information and consumer data or otherwise compromising enterprise IT. Online security breaches lead to a number of damaging consequences. Federal and state laws may require companies to disclose when their customer information has been compromised, and industry groups are recommending or requiring periodic assessments of Web application risks. Hackers can compromise vital corporate data, or they can use corporate Web sites as a way to take over the computers of Web site visitors.

Vulnerabilities can lead to bad press, resulting in negative impressions, eroded brands and lost business. And in the most extreme of these cases, a Web site can be shut down for good. Executives need to understand these risks and put processes and technology in place to understand, assess, and rectify these online issues.

IBM Rational^® AppScan delivers Web application security testing, and IBM Rational Policy Tester delivers Web site privacy, quality, and accessibility compliance assessments. These solutions offer IT security, development, and On Demand Business and compliance professionals the ability to automate the process of identifying vulnerabilities and compliance-related issues that exist in Web applications and corporate Web properties.

Left unchecked, these issues expose organizations to the risk of issues such as data breaches due to vulnerable applications, Web sites that restrict access to users with disabilities, quality problems that impact site usability and privacy practices that may be out of synch with stated policies.

IBM Rational AppScan

IBM Rational AppScan helps users manage Web application security throughout the software development life cycle. Named a worldwide market-share leader, AppScan offers a time-saving solution for all types of security testing-outsourced, individual and enterprise-wide analysis-and for all types of users-application developers, quality assurance (QA) teams, penetration testers, security auditors, and senior management.

AppScan operates by traversing an application, analyzing, and testing the application, validating the findings and then reporting results. The reports generated include recommendations to address the problems. These advanced fix recommendations deliver unmatched accuracy and efficiencies for developers and security auditors to help address and remediate the vulnerabilities identified during the scan.

AppScan editions include:

AppScan Standard Edition is the desktop solution for automating Web application security testing. Used by penetration testers and security auditors, as well as QA and development.
AppScan Tester Edition integrates security testing into the QA process supports software QA and software quality management.
AppScan Enterprise Edition is a Web-based, multi-user solution that provides centralized application security scanning, data consolidation and reporting, remediation capabilities, executive dashboards, compliance reporting, and seamless integration with AppScan Standard Edition.

IBM Rational Policy Tester

IBM Rational Policy Tester is an industry-leading, compliance management solution used to assess Web sites for issues related to compliance and site effectiveness. Policy Tester helps users drive significant cost out of the online operation by automating manual processes and identifying and prioritizing issues for immediate remediation.

This Web-based system handles scanning, database storage, administration, and reporting. It automates Web site reviews and manual tracking by scanning Web site content, storing the findings in a relational database (MSSQL Server)1 and generating actionable reports. Its flexible, thin-client architecture supports multiple enterprise user roles and access permissions. A key feature of Policy Tester, issue management, prioritizes critical issues. Policy Tester's executive dashboards track online metrics across the enterprise, including quality, privacy, accessibility, and compliance-related issues.

The open architecture enables on demand and compliance executives to incorporate data from other management tools, providing an enterprise view into the online channel, enabling faster remediation of issues, more informed decision-making, and process improvements. Policy Tester creates actionable reports for all levels of the organization, from high-level summary dashboard views for executives to detailed reports for QA teams and Web developers.

Policy Tester editions include:

IBM Rational Policy Tester Privacy Edition is used to uncover and report oversights that may expose the organization to undue risk or issues including missing privacy statements, pages collecting personally identifiable information, insecure data collection forms, and cookie presence, that are critical information related to privacy regulations such as COPPA, GLBA, HIPAA, and California SB1386 and AB1950.
IBM Rational Policy Tester Quality Edition generates reports on issues that impact Web site effectiveness (issues such as spelling errors, broken links, and outdated content) to enhance site usability and employee productivity by making information accurate and easier to find.
IBM Rational Policy Tester Accessibility Edition helps the user to ensure the accessibility of the Web site to all users, including those accessing the site via assistive devices. It does so by monitoring for over 170 comprehensive accessibility checks such as appropriate text and background color contrast or the presence of text equivalent "alt" tags on images. It helps users identify potential compliance-related issues on their site regarding government standards, including the U.S. government's Section 508 and guidelines such as the W3C's WCAG and France's AccessiWeb.

Key prerequisites

Refer to the Hardware requirements and Software requirements sections.

Back top Back to top

Planned availability dates

November 19, 2007 (electronic software delivery)
November 26, 2007 (electronic software delivery) — IBM Rational AppScan Tester Edition V7.7
November 30, 2007 (media and documentation)
December 7, 2007 (media and documentation) — IBM Rational AppScan Tester Edition 7.7

Description

IBM Rational AppScan

IBM Rational AppScan products automate Web application security reviews to help ensure the security and compliance of Web applications throughout the software development life cycle. These products are designed for the broadest range of users (from non-security professionals to advanced power users) who can utilize the added tools and extensions to create a customized scanning environment.

IBM Rational AppScan Enterprise Edition V5.4 is a new Web application security scanning solution for organizations interested in finding the most cost-effective way to distribute application security testing across the organization, or for those who need the power to scan hundreds of applications simultaneously. AppScan Enterprise helps customers to understand their overall security posture with executive security metrics, dashboards, and key regulatory compliance reporting.

AppScan Enterprise Edition includes integrated computer-based training to accelerate the adoption of security testing by QA and development teams. Features of AppScan Enterprise Edition include:

Granular access controls to help manage reports and scan permissions
Administrator defined scan templates to help organizations control scan parameters
Interoperability with AppScan licenses to control scanning rights at the desktop level
Web-based architecture, to easily distribute report access and scan permissions across the software development life cycle
Capabilities to simultaneously analyze multiple applications across the enterprise
Features to retest multiple Web applications frequently
Consolidation capabilities to gather all test results in one repository of application security data
Integration with third-party vulnerability testing tools, including Fortify software
Capabilities to segment and trend vulnerabilities by business unit, geography, and third-party provider
Executive-level dashboard reporting for management oversight
Advisories, fix recommendations, and educational material written in language non-security professionals can understand to be provided with all reported security issues
Issue management that classifies security issues as "open," "in progress" or "closed," providing a convenient means to focus and fix critical issues
A developer task list report to help improve developer productivity by identifying the exact items within the application that need to be fixed
A Web-based architecture that efficiently facilitates communication of issues

IBM Rational AppScan Standard Edition is an automated Web application security testing engine that continuously and automatically reviews Web applications, tests for security issues, and generates actionable reports with fix recommendations to simplify the remediation process.

New and updated features in V7.7 are designed to streamline and simplify the processes of application security testing to help enable more users across the organization. Enhancements to this product include:

Scan Expert feature builds security intelligence directly into the product to help non-security professionals executive successful vulnerability assessments.
Microsoft^® Word Template-based reporting, which provides a customizable framework for results reporting and helps improve the most time-consuming element of Web application security testing.
State Inducer feature supports multi-step sequences (such as online shopping carts) to successfully automate the scanning of custom business logic.

IBM Rational Policy Tester

IBM Rational Policy Tester products are the industry's only automated online compliance management solution that reviews quality, privacy, brand, accessibility, and compliance issues across corporate Web properties.

IBM Rational Policy Tester Accessibility Edition V.5.4 helps ensure that Web sites are accessible to all employees, including those using assistive devices, by monitoring for over 170 comprehensive accessibility checks such as appropriate text and background color contrast, or the presence of text equivalent "alt" tags on images. It helps determine the site's level of compliance with government standards, including the U.S. government's Section 508 and the UK's DDA, and guidelines such as the W3C's WCAG and France's AccessiWeb.

IBM Rational Policy Tester Quality Edition V 5.4 scans and reports on issues that impact the effectiveness of Web site issues (such as spelling errors, broken links, and outdated content) to enhance site usability and employee productivity by making information accurate and easier to find.

IBM Rational Policy Tester Privacy Edition V5.4 uncovers and reports oversights that may expose organizations to undue risk — issues including missing privacy statements, insecure data collection forms, cookie presence and third-party links. This is critical if you need to comply with privacy regulations such as COPPA, GLBA, HIPAA, and California SB1386 and AB1950.

Features of IBM Rational Policy Tester are:

Patented scan engine for enterprise wide assessment and analysis
Issue management to help prioritize and filter issues for immediate remediation
Web-based executive dashboards and actionable reports to quickly drill down into issues and share results across business units

IPLA and Subscription and Support considerations

IPLA licenses can be transferred from one machine to another within, but not limited to an enterprise. You may aggregate the capacity for all the processors the product is operated on to achieve a more economic price. This will result in a single proof of entitlement (PoE). It is your responsibility to manage the distribution of Value Units within the limits of the entitlement of the product license.

Subscription and Support must cover the same capacity as the product license entitlement. Subscription and Support will be available in the country in which the agreement is made.

Trademarks

: Rational, Cross-Site, and Tivoli are registered trademarks of International Business Machines Corporation in the United States or other countries or both.
: Microsoft is a registered trademark of Microsoft Corporation.
: Java is a trademark of Sun Microsystems, Inc.
: Other company, product, and service names may be trademarks or service marks of others.

Offering Information

Product information is available via the Offering Information Web site

http://www.ibm.com/common/ssi

Also, visit the Passport Advantage^® Web site

http://www.ibm.com/software/passportadvantage

Publications

No publications are shipped with these products.

The IBM Publications Center

http://www.ibm.com/shop/publications/order

The Publications Center is a worldwide central repository for IBM product publications and marketing material with a catalog of 70,000 items. Extensive search facilities are provided. Payment options for orders are via credit card (in the U.S.) or customer number for 20 countries. A large number of publications are available online in various file formats, and they can all be downloaded by all countries.

Back top Back to top

Technical information

Specified operating environment

Hardware requirements

IBM Rational^® AppScan Enterprise Edition and IBM Rational Policy Tester

Processor: 3.0 GHz Pentium^® IV-compatible processor; faster processor or multiple processors recommended
Memory: 2 GB of RAM or more recommended
Hard Disk: Approximately 200 MB of available hard-disk space for the recommended installation
Approximately 10 GB of available hard-disk space for scan logs on Agent Server
Approximately 200 GB of available hard-disk space on the system hosting the database

IBM Rational AppScan Standard Edition — Intel^® Pentium 4, 1 GB of RAM, 10 GB free space

IBM Rational AppScan Tester Edition

3 GHz Intel Pentium 4
2 GB RAM
200 MB available hard-drive space for application
10 GB available hard-drive space for scan logs on agent server
200 GB available hard-drive for system hosting the database

Additional recommended hardware requirements

The following recommendations will increase the performance and are highly recommended for scanning large Web applications and sites:

The agents should be installed on a separate server from the database server.
The Control Center (Web application) performs better when installed on the database server.
The Agents require significant processing from the database server while running scan jobs and report packs. Configure database server as a server class machine, with multiple processors and a SCSI disk array configured as RAID(0) for fast disk I/0. 4 GB of RAM recommended if database and agents share one machine.

For a full discussion of sizing system hardware to meet your needs, refer to the Planning and Installation Guide .

Software requirements

IBM Rational AppScan Enterprise Edition and IBM Rational Policy Tester

Operating systems

Microsoft^® Windows^® Server 2003 with Service Pack 1, or later
Microsoft Windows XP with Service Pack 2, or later for demonstration purposes only

It is highly recommended that latest critical updates from Microsoft for your operating system be installed.

Database

SQL Server 2005 Service Pack 1 Standard Edition or better
SQL Server 2005 Express Edition Service Pack 1 for demonstration purposes only
SQL Server system requirements available from this Microsoft Web Site

Other prerequisites

Before installing AppScan Enterprise Server or AppScan Reporting Console, you must have IIS 5.1, or later installed (not required for servers running agents only).
Before installing AppScan Enterprise Server or AppScan Reporting Console, you must download and install the .NET Framework 2.0 from this Microsoft Web site.
You must ensure that ASP.Net is installed and enabled in IIS.

Supported browsers

Microsoft Internet Explorer 6.0 Service Pack 1 or later
Mozilla Firefox 1.5, or later

IBM Rational AppScan Standard Edition

Operating systems: Windows 2000/2003, Windows XP, or Windows Vista^®
.NET framework 2.0 — Must be downloaded
IE 6.0, or later

IBM Rational AppScan Tester Edition

Windows Server 2003 SP1, or later
SQL Server 2005 SP1 Standard Edition, or later
IIS 5.1, or later
.NET framework 2.0
IE 6.0 SP1, or later

Planning information

Customer responsibilities: Software Maintenance is included with licenses purchased through Passport Advantage and Passport Advantage Express. Product upgrades and technical support are provided by the Software Maintenance offering as described in the Agreements. Product upgrades provide the latest versions and releases to entitled software and technical support provides voice and electronic access to IBM support organizations, worldwide.

IBM includes one year of Software Maintenance with each program license acquired. The initial period of Software Maintenance can be extended by the purchase of a renewal option, if available.

Packaging

IBM Rational AppScan Standard Edition V7.7

License key notification
IBM Rational AppScan Standard Edition Quick Start Guide
IBM Rational AppScan Standard Edition CD

IBM Rational AppScan Tester Edition V7.7

License key notification
IBM Rational AppScan Tester Edition Quick Start Guide
IBM Rational AppScan Tester Edition CD

IBM Rational AppScan Enterprise Edition V5.4

License key notification
IBM Rational AppScan Enterprise Edition Quick Start Guide
IBM Rational AppScan Enterprise Edition CD

IBM Rational Policy Tester Accessibility Edition V5.4

License key notification
IBM Rational Policy Tester Accessibility Edition Quick Start Guide
IBM Rational Policy Tester Accessibility Edition CD

IBM Rational Policy Tester Privacy Edition V5.4

License key notification
IBM Rational Policy Tester Privacy Edition Quick Start Guide
IBM Rational Policy Tester Privacy Edition CD

IBM Rational Policy Tester Quality Edition V5.4

License key notification
IBM Rational Policy Tester Quality Quick Start Guide
IBM Rational Policy Tester Quality Edition CD

Security, auditability, and control

The customer is responsible for evaluation, selection, and implementation of security features, administrative procedures, and appropriate controls in application systems and communication facilities.

Back top Back to top

Software Services

IBM Software Services has the breadth, depth, and reach to manage your services needs. You can leverage the deep technical skills of our lab-based, software services team and the business consulting, project management, and infrastructure expertise of our IBM Global Services team. Also, we extend our IBM Software Services reach through IBM Business Partners to provide an unmatched portfolio of capabilities. Together, we provide the global reach, intellectual capital, industry insight, and technology leadership to support any critical business need.

To learn more about IBM Software Services or to contact a Software Services sales specialist, visit

http://www.ibm.com/software/sw-services/

To locate an IBM Business Partner, visit:

http://www.ibm.com/software/solutions/isv

Ordering information

This product is only available via Passport Advantage. It is not available as shrinkwrap.

Product information

                                                    Product
Licensed function title             Product group   category
 
IBM Rational AppScan Enterprise     Software        Software
 Edition                             Quality         Quality
IBM Rational AppScan Standard Ed    Software        Software
                                     Quality         Quality
IBM Rational AppScan Tester         Software        Software
 Edition                             Quality         Quality
IBM Rational Policy Tester          Software        Software
 Accessibility Edition               Quality         Quality
IBM Rational Policy Tester Privacy  Software        Software
 Edition                             Quality         Quality
IBM Rational Policy Tester Quality  Software        Software
 Edition                             Quality         Quality
 
 
                                      PID        Charge unit
Program name                          number     description
 
IBM Rational AppScan Enterprise       5724-T52   Authorized
 Edition                                          user
IBM Rational AppScan Enterprise       5724-T52   Server
 Edition
IBM Rational AppScan Enterprise       5724-T52   Authorized
 Edition                                          user
IBM Rational AppScan Enterprise       5724-T52   Server
 Edition
IBM Rational AppScan Standard Ed      5724-T59   Floating user
IBM Rational AppScan Standard Ed      5724-T59   Floating user
IBM Rational AppScan Tester Edition   5724-T51   Authorized
                                                  user
IBM Rational AppScan Tester Edition   5724-T51   Server
IBM Rational AppScan Tester Edition   5724-T51   Authorized
                                                  user
IBM Rational AppScan Tester Edition   5724-T51   Server
IBM Rational Policy Tester            5724-T53   Resource Value
 Accessibility Edition                            Unit
IBM Rational Policy Tester Privacy    5724-T57   Resource Value
 Edition                                          Unit
IBM Rational Policy Tester Quality    5724-T58   Resource Value
 Edition                                          Unit

Charge metrics definitions

Server

A server is a computer system that executes requested procedures, commands, or applications to one or more user and/or client devices. A PoE must be obtained for each server regardless of the number of processors and partitions in the server on which the program runs or for each server managed by the program. Where blade technology is employed, each blade is considered a separate server.

Authorized user

An authorized user is one and only one individual (named or unnamed) within or outside your enterprise. A PoE must be obtained for each individual user accessing the program in any manner. A program licensed under an authorized user PoE may be installed on a single computer or server, and accessed by multiple users, provided that a PoE has been obtained for each individual user accessing the program either directly or indirectly (via a multiplexing program, device, or application server) through any means on behalf of the user.

Floating user

You may utilize the program, including installation of the program on multiple servers, provided that use of the program occurs via a license server, and the total number of concurrent users does not exceed the total number of floating user licenses obtained for the program.

Resource Value Unit

A measure of the number of pages being tested by the product.

Passport Advantage program licenses

                                                 Part
Part description                                 number
 

IBM Rational AppScan Enterprise Edition

 
IBM Rational AppScan Enterprise Edition
Ratl AppScan Enterprise Ed for                   E047DLL
 System z(TM) Auth User ANNUAL SW MAINT RNWL
Ratl AppScan Enterprise Ed for                   D61V3LL
 System z Auth User LIC+SW MAINT 12 MO
Ratl AppScan Enterprise Ed for                   D61V5LL
 System z Auth User SW MAINT REINSTATE 12 MO
Ratl AppScan Enterprise Edition                  E047CLL
 Authorized User ANNUAL SW MAINT RNWL
Ratl AppScan Enterprise Edition                  D61V2LL
 Authorized User LIC+SW MAINT 12 MO
Ratl AppScan Enterprise Edition                  D61V4LL
 Authorized User SW MAINT REINSTATE 12 MO
Ratl AppScan Enterprise Edition                  E047ALL
 Server ANNUAL SW MAINT RNWL
Ratl AppScan Enterprise Edition                  D61UYLL
 Server LIC+SW MAINT 12 MO
Ratl AppScan Enterprise Edition                  D61UZLL
 Server SW MAINT REINSTATE 12 MO
Ratl AppScan Enterprise Edition                  E047BLL
 for System z Srvr ANNUAL SW MAINT RNWL
Ratl AppScan Enterprise Edition                  D61V0LL
 for System z Srvr LIC+SW MAINT 12 MO
Ratl AppScan Enterprise Edition                  D61V1LL
 for System z Srvr SW MAINT REINSTATE 12 MO
 

IBM Rational AppScan Standard Edition

 
IBM Rational AppScan Standard Ed
Ratl AppScan Standard Edition                    E046DLL
 Floating User ANNUAL SW MAINT RNWL
Ratl AppScan Standard Edition                    D61SYLL
 Floating User LIC+SW MAINT 12 MO
Ratl AppScan Standard Edition                    D61SZLL
 Floating User SW MAINT REINSTATE 12 MO
Ratl AppScan Std Ed for Sytem z                  E046ELL
 Floating User ANNUAL SW MAINT RNWL
Ratl AppScan Std Ed for Sytem z                  D61T0LL
 Floating User LIC+SW MAINT 12 MO
Ratl AppScan Std Ed for Sytem z                  D61T1LL
 Floating User SW MAINT REINSTATE 12 MO
 

IBM Rational AppScan Tester Edition

 
IBM Rational AppScan Tester Edition
Ratl AppScan Tester Ed for                       E046BLL
 System z Authorized Usr ANNUAL SW MAINT RNWL
Ratl AppScan Tester Ed for                       D61SULL
 System z Authorized Usr LIC+SW MAINT 12 MO
Ratl AppScan Tester Ed for                       D61SVLL
 System z Authorized Usr SW MAINT
 REINSTATE 12 MO
Ratl AppScan Tester Edition                      E046ALL
 Authorized User ANNUAL SW MAINT RNWL
Ratl AppScan Tester Edition                      D61SSLL
 Authorized User LIC+SW MAINT 12 MO
Ratl AppScan Tester Edition                      D61STLL
 Authorized User SW MAINT REINSTATE 12 MO
Ratl AppScan Tester Edition                      E046FLL
 Server ANNUAL SW MAINT RNWL
Ratl AppScan Tester Edition                      D61T2LL
 Server LIC+SW MAINT 12 MO
Ratl AppScan Tester Edition                      D61T3LL
 Server SW MAINT REINSTATE 12 MO
Ratl AppScan Tester Edition for                  E046CLL
 System z Server ANNUAL SW MAINT RNWL
Ratl AppScan Tester Edition for                  D61SWLL
 System z Server LIC+SW MAINT 12 MO
Ratl AppScan Tester Edition for                  D61SXLL
 System z Server SW MAINT REINSTATE 12 MO
 

IBM Rational Policy Tester Accessibility Ed.

 
IBM Rational Policy Tester Accessibility Edition
Ratl Policy Tester Accessibility                 E047ELL
 Edition RVU ANNUAL SW MAINT RNWL
Ratl Policy Tester Accessibility                 D61V6LL
 
 Edition RVU LIC+SW MAINT 12 MO
Ratl Policy Tester Accessibility                 D61V7LL
 Edition RVU SW MAINT REINSTATE 12 MO
 

IBM Rational Policy Tester Privacy Edition

 
IBM Rational Policy Tester Privacy Edition
Ratl Policy Tester Privacy                       E047GLL
 Edition RVU ANNUAL SW MAINT RNWL
Ratl Policy Tester Privacy                       D61VALL
 Edition RVU LIC+SW MAINT 12 MO
Ratl Policy Tester Privacy                       D61VBLL
 Edition RVU SW MAINT REINSTATE 12 MO
 

IBM Rational Policy Tester Quality Edition

 
IBM Rational Policy Tester Quality Edition
Ratl Policy Tester Quality                       E047FLL
 Edition RVU ANNUAL SW MAINT RNWL
Ratl Policy Tester Quality                       D61V8LL
 Edition RVU LIC+SW MAINT 12 MO
Ratl Policy Tester Quality                       D61V9LL
 Edition RVU SW MAINT REINSTATE 12 MO

Passport Advantage supply

                                                         Part
Program name/description                                 number
 
Rational AppScan Std Ed V7.7.0
Ratl AppScan Standard Edition, v7.7 English Media Pack   BT002EN
Rational AppScan Tester Ed V7.7.0
Ratl AppScan Standard Edition, v7.7 English Media Pack   BT003EN
Ratl AppScan Enterprise Ed.  V5.4.0
Ratl AppScan Enterprise Edition, v5.4 English Windows    BT004EN
 Media Pack
Ratl Pol Tester Privacy Ed.  V5.4.0
Ratl Policy Tester Privacy Ed, v5.4 English Media Pack   BT006EN
Ratl Pol Tester Quality Ed.  V5.4.0
Ratl Policy Tester Quality Ed, v5.4 English Media Pack   BT007EN
Ratl Pol Tstr Accessibility V5.4.0
Ratl Policy Tester Accessibility Ed, v5.4 English Media  BT005EN
 Pack

Passport Advantage customer: Media pack entitlement details

Customers with active maintenance or subscription for the products listed are entitled to receive the corresponding media pack.

Entitled maintenance                                    Part
offerings description       Media packs description     number
 

Ratl Pol Tester Privacy Ed. V5.4.0

 
Ratl Policy Tester --       Ratl Policy Tester Privacy  BT006EN
 Privacy Edition Resource    Ed, v5.4 English Media
 Value Unit                  Pack
 

Ratl Pol Tester Quality Ed. V5.4.0

 
Ratl Policy Tester --       Ratl Policy Tester Quality  BT007EN
 Quality Edition Resource    Ed, v5.4 English Media
 Value Unit                  Pack
 

Ratl Pol Tstr Accessibility V5.4.0

 
Ratl Policy Tester --       Ratl Policy Tester          BT005EN
 Accessibility Ed Resource   Accessibility Ed, v5.4
 Value Unit                  English Media Pack
 

Rational AppScan Std Ed V7.7.0

 
Ratl AppScan Standard       Ratl AppScan Standard       BT002EN
 Edition Floating User       Edition, v7.7 English
                             Media Pack
Ratl AppScan Standard       Ratl AppScan Standard       BT002EN
 Edition Floating User for   Edition, v7.7 English
 System Z                    Media Pack
 

Rational AppScan Tester Ed V7.7.0

 
Ratl AppScan Tester         Ratl AppScan Standard       BT003EN
 Edition Authorized User     Edition, v7.7 English
 User                        Media Pack
Ratl AppScan Tester         Ratl AppScan Standard       BT003EN
 Edition Authorized User     Edition, v7.7 English
 for System Z                Media Pack
Ratl AppScan Tester         Ratl AppScan Standard       BT003EN
 Edition Server              Edition, v7.7 English
                             Media Pack
Ratl AppScan Tester         Ratl AppScan Standard       BT003EN
 Edition Server for System   Edition, v7.7 English
 Z                           Media Pack
 

Ratl AppScan Enterprise Ed. V5.4.0

 
Ratl AppScan Enterprise     Ratl AppScan Enterprise     BT004EN
 Edition Authorized User     Edition, v5.4 English
 User                        Windows Media Pack
Ratl AppScan Enterprise     Ratl AppScan Enterprise     BT004EN
 Edition Authorized User     Edition, v5.4 English
 for System z                Windows Media Pack
Ratl AppScan Enterprise     Ratl AppScan Enterprise     BT004EN
 Edition Server              Edition, v5.4 English
                             Windows Media Pack
Ratl AppScan Enterprise     Ratl AppScan Enterprise     BT004EN
 Edition Server for System   Edition, v5.4 English
 z                           Windows Media Pack

Terms and conditions

The information provided in this announcement letter is for reference and convenience purposes only. The terms and conditions that govern any transaction with IBM are contained in the applicable contract documents such as the IBM International Program License Agreement (IPLA), IBM International Passport Advantage Agreement, and the IBM Agreement for Acquisition of Software Maintenance.

Licensing: IPLA including the license information (LI) document and PoE govern your use of the program. PoEs are required for all authorized use.

Part number products only, offered outside of Passport Advantage, where applicable, are license only and do not include Software Maintenance.

This software license includes Software Maintenance, previously referred to as Software Subscription and Technical Support.

LI form numbers

                                          Program
Program name                              number     Form number
 
IBM Rational AppScan Enterprise Edition   5724-T52   L-KHUY-785RGA
IBM Rational AppScan Standard Edition     5724-T59   L-KHUY-788KN9
IBM Rational AppScan Tester Edition       5724-T51   L-KHUY-788KN9
IBM Rational Policy Tester Accessibility  5724-T53   L-KHUY-785RGA
 Ed.
IBM Rational Policy Tester Privacy        5724-T57   L-KHUY-785RGA
 Edition
IBM Rational Policy Tester Quality        5724-T58   L-KHUY-785RGA
 Edition

The program's License Information will be available for review on the IBM Software License Agreement Web site

http://www.ibm.com/software/sla/sladb.nsf

Limited warranty applies: Yes

Warranty: IBM warrants that when the program is used in the specified operating environment, it will conform to its specifications. The warranty applies only to the unmodified portion of the program. IBM does not warrant uninterrupted or error-free operation of the Program or that IBM will correct all program defects. You are responsible for the results obtained from the use of the program.

IBM provides you with access to IBM databases containing information on known Program defects, defect corrections, restrictions, and bypasses at no additional charge. Consult the IBM Software Support Guide for further information at

http://www.ibm.com/software/support

IBM will maintain this information for at least one year after the original licensee acquires the program (warranty period).

Program technical support: Technical support of a program product will be available for a minimum of three years from the general availability date, as long as your Software Maintenance is in effect. This technical support allows you to obtain assistance (via telephone or electronic means) from IBM for product-specific, task-oriented questions regarding the installation and operation of the program product. Software Maintenance also provides you with access to updates, releases, and versions of the program. You will be notified, via announcement letter, of discontinuance of support with 12 months' notice. If you require additional technical support from IBM, including an extension of support beyond the discontinuance date, contact your IBM representative or IBM Business Partner. This extension may be available for a fee.

Money-back guarantee: If for any reason you are dissatisfied with the program and you are the original licensee, you may obtain a refund of the amount you paid for it, if within 30 days of your invoice date you return the program and its PoE to the party from whom you obtained it. If you downloaded the program, you may contact the party from whom you acquired it for instructions on how to obtain the refund.

For programs acquired under the IBM International Passport Advantage Agreement, this term applies only to your first acquisition of the program.

Authorization for use on home/portable computer: The program may be stored on the primary machine and another machine, provided that the program is not in active use on both machines at the same time. You may not copy and use this program on another computer without paying additional license fees.

Product name
 
IBM Rational AppScan Enterprise Edition                       Yes
IBM Rational AppScan Standard Edition                         Yes
IBM Rational AppScan Tester Edition                           Yes
IBM Rational Policy Tester Accessibility Ed.                  Yes
IBM Rational Policy Tester Privacy Edition                    Yes
IBM Rational Policy Tester Quality Edition                    Yes

Passport Advantage applies: Yes, and through the Passport Advantage Web site at

http://www.ibm.com/software/passportadvantage

This product is only available via Passport Advantage. It is not available as shrinkwrap.

Agreement for Acquisition of Software Maintenance: The IBM Agreement for Acquisition of Software Maintenance (Z125-6011) applies for maintenance and does not require customer signatures.

Software maintenance applies: Yes. Software Maintenance is included with licenses purchased through Passport Advantage and Passport Advantage Express. Product upgrades and technical support are provided by the Software Maintenance offering as described in the Agreements. Product upgrades provide the latest versions and releases to entitled software and Technical Support provides voice and electronic access to IBM support organizations, worldwide.

IBM includes one year of Software Maintenance with each program license acquired. The initial period of Software Maintenance can be extended by the purchase of a renewal option, if available.

While your Software Maintenance is in effect, IBM provides you assistance for your routine, short duration installation and usage (how-to) questions, and code-related questions. IBM provides assistance via telephone and, if available, electronic access, to your information systems (IS) technical support personnel during the normal business hours (published prime shift hours) of your IBM support center. (This assistance is not available to your end users.) IBM provides Severity 1 assistance 24 hours a day, 7 days a week. For additional details, consult your IBM Software Support Guide at

http://techsupport.services.ibm.com/guides/handbook.html

Software Maintenance does not include assistance for the design and development of applications, your use of programs in other than their specified operating environment, or failures caused by products for which IBM is not responsible under the applicable agreements.

For additional information about the International Passport Advantage Agreement and the IBM International Passport Advantage Express Agreement, visit the Passport Advantage Web site at

http://www.ibm.com/software/passportadvantage

Volume orders (IVO): No

System i™ Software Maintenance applies: No

Educational allowance available: Not applicable

Back top Back to top

Prices

Passport Advantage

For Passport Advantage information and charges, contact your IBM representative or authorized IBM Business Partner. Additional information is also available at

http://www.ibm.com/software/passportadvantage

Business Partner information

If you are an IBM Business Partner — Distributor for Workstation Software acquiring products from IBM, you may link to Passport Advantage Online for resellers where you can obtain Business Partner pricing information. An IBM ID and password are required.

https://www.ibm.com/software/howtobuy/passportadvantage/paoreseller

Order now

To order, contact the Americas Call Centers or your local IBM representative.

To identify your local IBM representative, call 800-IBM-4YOU (426-4968).

 Phone:      800-IBM-CALL (426-2255)
 Fax:        800-2IBM-FAX (242-6329)
 Internet:   callserv@ca.ibm.com
 Mail:       IBM Teleweb Customer Support
             ibm.com Sales Execution Center, Americas North
             3500 Steeles Ave. East, Tower 3/4
             Markham, Ontario
             Canada
             L3R 2Z1
 
 Reference:  YE001

The Americas Call Centers, our national direct marketing organization, can add your name to the mailing list for catalogs of IBM products.

Note: Shipments will begin after the planned availability date.

Trademarks

: System z and System i are trademarks of International Business Machines Corporation in the United States or other countries or both.
: Passport Advantage, Rational, and PartnerWorld are registered trademarks of International Business Machines Corporation in the United States or other countries or both.
: Pentium and Intel are registered trademarks of Intel Corporation.
: Microsoft, Windows, and Windows Vista are registered trademarks of Microsoft Corporation.
: Other company, product, and service names may be trademarks or service marks of others.