Feedback

IBM Security Access Manager for Enterprise Single Sign-On V8.2 delivers key performance and functional enhancements and a new virtual appliance format

IBM United States Software Announcement 212-004
January 10, 2012


Table of contents
Overview Overview Publications Publications
Key prerequisites Key prerequisites Technical information Technical information
Planned availability date Planned availability date Ordering information Ordering information
Description Description Terms and conditions Terms and conditions
Product positioning Product positioning Prices Prices
Program number Program number Order
now Order now


Top rule
At a glance
Bottom rule

IBM® Security Access Manager for Enterprise Single Sign-On V8.2 can simplify, strengthen, and track access by integrating enterprise single sign-on with strong authentication, access workflow automation, fast user switching, and audit reporting. Benefits:

  • Can reduce password-related help desk costs by helping lower the number of password reset calls, and can help reduce costs for password administration and auditing access activities
  • Enhances security by helping reduce poor end-user password behavior and by helping simplify the implementation and use of strong authentication
  • Helps meet compliance requirements and helps protect access to sensitive information through automated tracking and centralized collation and reporting of user access activities
  • Can improve user productivity by helping eliminate the need to remember and manage user names and passwords, and by automating sign-on and access
  • Enables comprehensive session management of kiosk or shared workstations to improve security and user productivity

For ordering, contact your IBM representative, an IBM Business Partner, or IBM Americas Call Centers at 800-IBM-CALL (Reference: SE001).



Back to topBack to top
 
Top rule
Overview
Bottom rule

IBM Security Access Manager for Enterprise Single Sign-On V8.2 is an access management solution that enables users to log into all of their applications with a single password. This can help significantly reduce password management and help desk costs, while helping improve user productivity. Security Access Manager for Enterprise Single Sign-On automatically tracks and audits user access to information, so compliance reporting is also simplified. Support for strong authentication devices such as smart cards, biometrics, and access badges can help organizations address government and industry regulations and protect access to sensitive information.

Security Access Manager for Enterprise Single Sign-On provides single sign-on to most application types, including Microsoft™ Windows™, web, Java™ mainframe, teletype and virtual applications, across enterprise network access points, such as physical and virtual desktops, shared kiosks, Citrix servers, and web portals, while helping organizations reduce costs. It also helps decrease:

  • Help desk costs by helping reduce the number of password-related help desk calls, especially for password reset.
  • Compliance costs by automating the auditing and tracking of user access, and producing audit reports.
  • Administration costs for managing user IDs and passwords when users leverage self-service capabilities.

Security Access Manager for Enterprise Single Sign-On extends single sign-on to different environments with session management, including support for personal desktops, shared desktops (kiosk), private desktops (kiosk with multiple sessions), roaming desktops, and virtual desktops helping improve user efficiency and helping increase security of applications.

Security Access Manager for Enterprise Single Sign-On strengthens security by helping reduce poor password behavior and by implementing strong authentication. When users have multiple user IDs and passwords, they typically write them down - a clear security risk. With Security Access Manager for Enterprise Single Sign-On, users only need to remember a single password, so their password management behavior may be improved.

IBM Security Access Manager for Enterprise Single Sign-On V8.2 offers wide platform coverage, strong authentication enhancements, and simple deployments. It introduces 64-bit operating system and application support, a virtual appliance for easier installation and delivery of the server, and expanded support for smart cards.

IBM Security Access Manager for Enterprise Single Sign-On V8.2 is available in four packages: Standard, Suite, Standard (virtual appliance), and Suite (virtual appliance). Refer to the Description section for additional information.



Back to topBack to top
 
Top rule
Key prerequisites
Bottom rule

Refer to the Hardware requirements and Software requirements sections.



Back to topBack to top
 
Top rule
Planned availability date
Bottom rule

  • January 20, 2012 for electronic availability
  • February 17, 2012 for media availability


Back to topBack to top
 
Top rule
Description
Bottom rule

IBM Security Access Manager for Enterprise Single Sign-On V8.2 provides:

  • Single sign-on across virtually all applications. Wizards automate single sign-on profile generation, while visual profiling enables easy automation of complex tasks.
  • Easy integration of a wide choice of strong authentication factors.
  • Support for different environments, including personal, shared (kiosk), private (kiosk with multiple sessions), and roaming desktops.
  • Centralized audit and reporting capabilities to facilitate compliance activities.
  • Comprehensive coverage of corporate endpoints by extending single sign-on from web portals to mainframes and desktop applications.
  • End-to-end identity and access management by integrating with the centralized identity management functions of IBM Tivoli® Identity Manager.
  • An open authentication devices interface to support a wide range of Microsoft CAPI-compliant smart cards. The authentication interface also supports easy integration with serial ID card devices such as RFID badges.
  • Bio-key support to leverage a broad range of biometric devices.
  • A virtual appliance with a preinstalled and configured server for easier deployment, faster time to value, and superior return on investment.
  • A light-weight agent for Citrix server designed to reduce memory and increase performance on the server.
  • An application programming interface (API) for independent software vendors to authenticate and download password wallet data.
  • Globalization in 19 languages, including bidirectional support.
  • Federal Information Processing Standards (FIPS) 140-2 and Internet Protocol v6 (IPv6).

What's new

IBM Security Access Manager for Enterprise Single Sign-On V8.2 is available in two versions, each of which is offered in either a server-based or virtual appliance-based delivery method.

  • IBM Security Access Manager for Enterprise Single Sign-On V8.2 Standard includes:
    • AccessAgent for Windows, AccessAgent for Citrix, and AccessAgent for Terminal Services
    • AccessStudio for profile generation
    • Personal desktop management
    • Password self service via the login screen
    • Web-based AccessAdmin and centralized logging
    • Customizable reporting
    • The choice of a virtual appliance for easy deployment and fast time to value
  • IBM Security Access Manager for Enterprise Single Sign-On V8.2 Suite includes the Standard package plus the following:
    • Choice of strong authentication factors
    • Support for an open authentication devices interface
    • Session management for kiosk machines
    • Web Workplace for remote access and browser-based single sign-on access
    • AccessAssistant for web-based password self service
    • Customizable tracking
    • Integration with context management and user provisioning
    • The choice of a virtual appliance for easy deployment and fast time to value
    • An application programming interface (API) for independent software vendors to authenticate and access single sign-on password wallet data

IBM Security Access Manager for Enterprise Single Sign-On V8.2 delivers:

  • A Virtual appliance delivery method for Security Access Manager for Enterprise Single Sign-On server: The virtual appliance is virtual machine with preintegrated and installed IBM WebSphere® Application server, IBM HTTP Server and the Security Access Manager for Enterprise Single Sign-On Server that makes it easy to deploy and configure Security Access Manager for Enterprise Single Sign-On. The Virtual Appliance helps reduce time to value and helps increase the return on investment (ROI).
  • Open wallet authentication and access application programming interfaces (API): These API provide independent software vendors from authenticating with Security Access Manager for Enterprise Single Sign-On server and synchronize single sign-on credentials.
  • Open authentication devices interface enhancements: These enhancements expand the number of strong authentication devices that can be used, which provides increased flexibility and enables you to leverage devices such as employee badges and country specific smart cards such as Spanish DNIe. You may also mix types of strong authentication, and devices from multiple vendors to support their requirements. This open interface helps protect your single sign-on software investment by enabling you to leverage different strong authentication devices in the future.
  • Enhanced fingerprint authentication and user interface: This allows for fast logon to AccesAgent using fingerprints helping reduce the time to access information for the users.
  • Lightweight agent for Citrix server: Security Access Manager for Enterprise Single Sign-On V8.2 contains an enhanced lightweight mode for AccessAgent that helps greatly reduce its memory requirements on the Citrix server.
  • Wider platform coverage: New platform coverage includes Windows 7 64-bit support for personal desktops and kiosks, and Window Server 2008 R2 service pack 1 support for the server.

Designed to manage data more effectively and efficiently, Security Access Manager for Enterprise Single Sign-On significantly offers increased data protection, scalability and performance for all its database intensive operations which, based on IBM DB2® technology, is designed to manage data more effectively and efficiently. Greater availability is delivered through enhancements such as online, automated database reorganization. In addition, the increased scalability and the ability to leverage the latest in server technology helps deliver increased performance of backup and recovery processes.

Security Access Manager for Enterprise Single Sign-On can simplify, strengthen, and track access to Microsoft Windows, web, Java, mainframe, and teletype applications, across all major network access points, including Windows desktops, laptops, shared kiosks, Citrix servers, Microsoft Terminal Servers, virtual desktops, and web portals.

Accessibility by people with disabilities

A US Section 508 Voluntary Product Accessibility Template (VPAT) containing details on accessibility compliance can be requested at

http://www.ibm.com/able/product_accessibility/index.html


Back to topBack to top
 
Top rule
Product positioning
Bottom rule

IBM Security Access Manager for Enterprise Single Sign-On V8.2 simplifies, strengthens, and tracks access to all applications, across all major network access points. It simplifies password management, protects information with strong authentication, and secures kiosks and shared workstations. It supports the broadest coverage of network access points, including single sign-on access to desktop applications through the browser and comprehensive session management capabilities.

Security Access Manager for Enterprise Single Sign-On is part of a complete identity and access assurance solution and is integrated with provisioning, web single sign-on, federated single sign-on, and compliance reporting.



Back to topBack to top
 
Top rule
Program number
Bottom rule

 
 Program               Program
 number       VRM      name
 
 5724-V67     8.2.0    IBM Security Access Manager for Enterprise
                       Single Sign-On



Back to topBack to top
 
Top rule
Education support
Bottom rule

Comprehensive education for IBM Tivoli products is offered through Worldwide Tivoli Education Delivery Services. A wide range of training options are available, including classes led by instructors, learning on demand, on-site training, and blended learning solutions.

For additional information, visit

http://www-306.ibm.com/software/tivoli/education/


Back to topBack to top
 
Top rule
Offering Information
Bottom rule

Product information is available via the Offering Information website

http://www.ibm.com/common/ssi

Also, visit the Passport Advantage® website

http://www.ibm.com/software/passportadvantage


Back to topBack to top
 
Top rule
Publications
Bottom rule

IBM Security Access Manager for Enterprise Single Sign-On V8.2 Quick Start Guide (English) publication will be delivered on a separate publications CD-ROM with the basic machine readable material. It can also be downloaded from

http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/topic/com.ibm.itamesso.doc/ic-homepage.html

The following English publications may be downloaded at general availability from the following website

http://www.ibm.com/software/tivoli/library

English publications:

  • IBM Security Access Manager for Enterprise Single Sign-On Quick Start Guide (part number CF38DML)
  • IBM Security Access Manager for Enterprise Single Sign-On Installation Guide (GI11-9309-01)
  • IBM Security Access Manager for Enterprise Single Sign-On Configuration Guide (C23-9692-01)
  • IBM Security Access Manager for Enterprise Single Sign-On Planning and Deployment Guide (SC23-9952-03)
  • IBM Security Access Manager for Enterprise Single Sign-On Administrator Guide (SC23-9951-03)
  • IBM Security Access Manager for Enterprise Single Sign-On User Guide (SC23-9950-03)
  • IBM Security Access Manager for Enterprise Single Sign-On Help Desk Guide (SC23-9953-03)
  • IBM Security Access Manager for Enterprise Single Sign-On Troubleshooting and Support Guide (GC23-9693-01)
  • IBM Security Access Manager for Enterprise Single Sign-On AccessStudio Guide (SC23-9956-03)
  • IBM Security Access Manager for Enterprise Single Sign-On Policies Definition Guide (SC23-9694-01)
  • IBM Security Access Manager for Enterprise Single Sign-On Provisioning Integration Guide (SC23-9957-03)
  • IBM Security Access Manager for Enterprise Single Sign-On Web API for Credential Management Guide (SC14-7646-00)
  • IBM Security Access Manager for Enterprise Single Sign-On Context Management Integration Guide (SC23-9954-03)
  • IBM Security Access Manager for Enterprise Single Sign-On Serial ID SPI Guide (SC14-7626-00)
  • IBM Security Access Manager for Enterprise Single Sign-On Lightweight AccessAgent mode on Terminal Server SDK Guide (SC14-7657-00)
  • IBM Security Access Manager for Enterprise Single Sign-On Error Message Reference Guide (GC14-7624-00)

Displayable softcopy publications and release notes are available at

http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/topic/com.ibm.itamesso.doc/ic-homepage.html

The IBM Publications Center

http://www.ibm.com/shop/publications/order

The Publications Center is a worldwide central repository for IBM product publications and marketing material with a catalog of 70,000 items. Extensive search facilities are provided. Payment options for orders are via credit card (in the US) or customer number for 20 countries. A large number of publications are available online in various file formats, and they can all be downloaded by all countries, free of charge.



Back to topBack to top
 
Top rule
Technical information
Bottom rule

Specified operating environment

Hardware requirements

IBM Security Access Manager for Enterprise Single Sign-On V8.2 AccessAgent requirements:

  • PC with an x86 or x64 processor, at least 600 MHz processor clock speed
  • Minimum 512 MB physical memory for Windows XP
  • Minimum 1 GB physical memory for Windows Vista
  • Minimum 1 GB physical memory for Windows 7
  • Disk space: At least 200 MB free hard disk space

IBM Security Access Manager for Enterprise Single Sign-On V8.2 AccessStudio requirements:

  • PC with an x86 or x64 processor, at least 600 MHz processor clock speed
  • Minimum 512 MB physical memory for Windows XP
  • Minimum 1 GB physical memory for Windows Vista
  • Minimum 1 GB physical memory for Windows 7
  • Disk space: At least 300 MB free hard disk space

IBM Security Access Manager for Enterprise Single Sign-On V8.2 server requirements:

  • PC with an x86 or x64 bit processor, at least 2 GHz processor clock speed
  • Minimum 3 GB physical memory (Database not co-located)
  • At least 8 GB free hard disk space (Database not co-located)
Software requirements

IBM Security Access Manager for Enterprise Single Sign-On V8.2 AccessAgent and AccessStudio requirements:

  • Microsoft Windows XP Service Pack 3 (x86)
  • Microsoft Windows XP Service Pack 2 (x64)
  • Microsoft Windows Vista Service Pack 2 (x86 and x64)
  • Microsoft Windows 7 Service Pack 1 (x86 and x64)
  • Microsoft Windows Server 2003 Service Pack 2 (x86)
  • Microsoft Windows Server 2008 Service Pack 2 (x86 and x64)
  • Microsoft Windows Server 2008 R2 Service Pack 1 (x64)
  • Microsoft Internet Explorer 7.0, 8.0, 9.0
  • Mozilla Firefox 3.5, 3.6
  • Requires Microsoft .NET Framework 2.0

IBM Security Access Manager for Enterprise Single Sign-On V8.2 server requirements:

  • Microsoft Windows Server 2003 Service Pack 2 (x86)
  • Microsoft Windows Server 2008 Service Pack 2 (x86 and x64)
  • Microsoft Windows Server 2008 R2 Service Pack 1 (x86 and x64)
  • WebSphere Application Server V7.0 (x86 and x64) with latest fix pack
  • AccessAdmin requires Internet Explorer 7.0, 8.0, 9.0 or Mozilla Firefox 3.5, 3.6

The following are supported:

  • Directory:
    • Active Directory 2008 R2 Service Pack 1 (x64)
    • Active Directory 2008 Service Pack 2 (x86 and x64)
    • Active Directory 2003 Service Pack 2 (x86)
    • IBM Tivoli Directory Server V6.3.0 (x86 and x64)
    • IBM Tivoli Directory Server V6.2.0 (x86 and x64)
    • LDAP V3 compatible Directory Servers (x86 and x64)
  • Database software requirements:
    • IBM DB2 Enterprise Server Edition 9.7 (x86 and x64) with DB2 JDBC driver 4.0 - (bundled with product, but must be installed separately)
    • IBM DB2 Workgroup Server Edition 9.7 (x86 and x64) with DB2 JDBC driver 4.0
    • IBM DB2 Enterprise Server Edition 9.7 (x86 and x64) with DB2 JDBC driver 4.0
    • IBM DB2 Workgroup Server Edition 9.5 (x86 and x64) with DB2 JDBC driver 4.0
    • Oracle 11g R2 (x86 and x64)
    • Oracle 11g R1 (x86 and x64)
    • Oracle 10g R2 (x86 and x64)
    • Microsoft SQL Server 2008 R2 Enterprise and Standard Editions (x86 and x64) - with SQL JDBC driver 3.0
    • Microsoft SQL Server 2008 Enterprise and Standard Editions with Service Pack 2 (x86 and x64) - with SQL JDBC driver 3.0
    • Microsoft SQL Server 2005 Enterprise and Standard Editions with Service Pack 4 (x86 and x64) - with SQL JDBC driver 3.0

Included with the program package for use restricted to IBM Security Access Manager for Enterprise Single Sign-On V8.2 are:

  • IBM DB2 Enterprise Server Edition V9.7
  • IBM WebSphere Application Server Network Deployment V7.0
  • IBM Tivoli Common Reporting V2.1
  • IBM WAS Hypervisor Edition - V7.0.0.11
  • IBM Tivoli Federated Identity Manager V6.2.1

IBM Security Access Manager for Enterprise Single Sign-On V8.2 components or functions that are prohibited for use in Security Access Manager for Enterprise Single Sign-On standard are listed below. You must obtain an entitlement to Security Access Manager for Enterprise Single Sign-On V8.2 suite to use these components or functions.

Prohibited Components or Functions

  • Strong authentication factors
  • Shared Desktop, Private Desktop and Roaming Desktop: Session management capabilities
  • Open authentication devices interface for RFID and Smart Card
  • AccessAssistant for Web-based password self service
  • Web Workplace for remote access and browser-based SSO access:
    • Customized audit logging
    • Context management and user provisioning integration capabilities
    • Web API

For additional information about prohibited components, refer to the Publications section of the Security Access Manager for Enterprise Single Sign-On Planning and Deployment Guide. (SC23-9952-03).

The program's specifications and specified operating environment information may be found in documentation accompanying the program, if available, such as a readme file, or other information published by IBM, such as an announcement letter. Documentation and other program content may be supplied only in the English language.

Planning information

Packaging

IBM Security Access Manager for Enterprise Single Sign-On V8.2 is distributed with:

  • International Program License Agreement (Z125-3301)
  • License Information document
  • CD-ROMs
  • Publications (refer to the Publications section)

This program, when downloaded from a website, contains the applicable IBM license agreement and License Information, if appropriate, and will be presented for acceptance at the time of installation of the program. For future reference, the license and License Information will be stored in a directory such as LICENSE.TXT.

Security, auditability, and control

IBM Security Access Manager for Enterprise Single Sign-On V8.2 uses the security and auditability features of the operating system software. The customer is responsible for evaluation, selection, and implementation of security features, administrative procedures, and appropriate controls in application systems and communication facilities.



Back to topBack to top
 
Top rule
Software Services
Bottom rule

IBM Software Services has the breadth, depth, and reach to manage your services needs. You can leverage the deep technical skills of our lab-based, software services team and the business consulting, project management, and infrastructure expertise of our IBM Global Services team. Also, we extend our IBM Software Services reach through IBM Business Partners to provide an extensive portfolio of capabilities. Together, we provide the global reach, intellectual capital, industry insight, and technology leadership to support a wide range of critical business needs.

To learn more about IBM Software Services or to contact a Software Services sales specialist, visit

http://www.ibm.com/software/sw-services/


Back to topBack to top
 
Top rule
Licensing metric definitions and pricing examples
Bottom rule

Licensing metric definitions

User Value Units

User Value Unit (UVU) is a unit of measure by which the program can be licensed. UVU Proofs of Entitlement are based on the number and type of users for the given program. Licensee must obtain sufficient entitlements for the number of UVUs required for Licensee's environment as specified in the table below. The UVU entitlements are specific to the program and type of user and may not be exchanged, interchanged, or aggregated with UVU entitlements of another program or type of user.

The users for the purposes of UVU calculation are the sum of all internal users, external users, and infrequent users given access to the program.

  • An internal user is a unique person that is given access to the program that is part of, a contractor performing work on behalf of, or an employee of the Licensee. Each internal user equals one User for the purpose of calculating User Value Units.
  • An external user is a unique person that is given access to the program that is not part of, a contractor performing work on behalf of, or an employee of the Licensee. A ratio of fifteen external users equals one user for the purpose of calculating User Value Units.
  • An infrequent internal user is an internal user who accesses the program less than five times a year. Infrequent internal users must be grouped so as to be trackable and auditable. A ratio of fifteen infrequent internal users equals one user for the purpose of calculating User Value Units.

User Value Unit Conversion Table

  • For 1 to 5,000 Users, 1.00 UVU per User
  • For 5,001 to 15,000 Users, 5,000 UVUs plus 0.50 UVUs per User above 5,000
  • For 15,001 to 50,000 Users, 10,000 UVUs plus 0.30 UVUs per User above 15,000
  • For 50,001 to 150,000 Users, 20,500 UVUs plus 0.20 UVUs per User above 50,000
  • For 150,001 to 500,000 Users, 40,500 UVUs plus 0.10 UVUs per User above 150,000
  • For 500,001 to 1,000,000 Users, 75,500 UVUs plus 0.05 UVUs per User above 500,000
  • For 1,000,001 to 3,000,000 Users, 100,500 UVUs plus 0.025 UVUs per User above 1,000,000
  • For greater than 3,000,000 Users, 150,500 UVUs plus 0.01 UVUs per User above 3,000,000

Pricing examples

The following examples are provided to illustrate your entitlement requirements.

Scalable usage model table

The following scalable usage table is used to determine the required Value Units per 1,000 users. The price per User Value Unit (UVU) will be different for each part number.

Scalable
usage level           1        2        3         4
 
Chargeable          1-5K     >5K-15K  >15K-50K  >50K-150K
 Users
User Value Units    1,000    500      300       200
 per 1,000 users
 
Scalable
usage level           5        6        7         8
 
Chargeable          >150-500 >500-1M  >1M-3M    >3M
 Users
User Value Units    100       50       25        10
 per 1,000 users
 

The pricing model for IBM Security Access Manager for Enterprise Single Sign-On V8.2 is enhanced if your systems support a large number of external users. Select Tivoli Security families now use a ratio of 15 external users equal 1 chargeable user for the purpose of calculating User Value Units (UVUs). Each internal user equals 1 chargeable user for the purpose of calculating User Value Units. Infrequent internal users that utilize their IDs less than 5 times a year, and are grouped so as to be trackable and auditable, will be granted a ratio of 15 infrequent internal users equal 1 chargeable user for the purpose of calculating Value Units.

Chargeable users are added up and the volume tiering table then is utilized to calculate the total User Value Units (UVUs) required to cover entitlements. With the release of IBM Tivoli Access Manager for Enterprise Single Sign-On V8.1, you may mix internal users, external users, and infrequent internal users within your total User Value Units.

Example of mixing and matching to obtain total UVUs

Assume client Green initially has 12,000 company employees and 1,500,000 external users. All of these are authorized users. The total chargeable users are calculated as follows:

  • 12,000 internal users = 12,000 chargeable users.
  • 1,500,000 external users = 1,500,000/15 = 100,000 chargeable users.
  • Client Green must add these chargeable users together and purchase the Value Units required for a total of 112,000 chargeable users.

If client Green grows to 20,000 company employees and finds that it only needs to entitle approximately 1,380,000 external users (clients, business partners, suppliers), then the total chargeable users are calculated as follows:

  • 20,000 internal users = 20,000 chargeable users (20,000 chargeable users at 1:1).
  • 1,380,000 external users = 1,380,000/15 = 92,000 chargeable users (at 15:1).
  • Client Green would still be covered with their entitlements, as their chargeable user total of 112,000 has not changed. This allows the client flexibility to accommodate changes in their environment over time.

User Value Unit pricing scenario

A global automobile parts manufacturer has 23,000 employees. 7,000 of their employees are office workers who have assigned cubicles and PCs. The other 16,000 work on the manufacturing floor and are expected to share kiosk machines on a daily basis.

The client has 35,000 dealers, suppliers, vendors, and direct sales clients, who access their web portal to use their online ordering and procurement applications.

Because of the growing list of applications employees have to access, and the frequent password changes, the client's employees have found it difficult to remember their passwords, resulting in frequent help desk calls. In addition, the 16,000 kiosk workers find it difficult to productively share their kiosk machines because of long logon and logout times as users switch access between each other.

Dealers and suppliers find the online portal difficult to use because of the multiple logins required to access the ordering, tracking, and catalog applications. Many dealers and suppliers do not login often enough and tend to forget their passwords, generating many unnecessary help desk calls.

To overcome these issues, the client plans to deploy enterprise single sign-on for all its 23,000 employees, as well as their 35,000 dealers and suppliers. The client would need to calculate users to charge for first, and enter that information into the volume tiering table discussed in a previous section to determine User Value Units to order. For this example, entitlements would be required for Security Access Manager for Enterprise Single Sign-On Standard Edition and Security Access Manager for Enterprise Single Sign-On Suite.

Security Access Manager for Enterprise Single Sign-On Standard Edition User Value Units (UVUs) to order are calculated as follows:

  • 7,000 internal user entitlements for Security Access Manager for Enterprise Single Sign-On Standard (the 7,000 office workers only need the Standard package). Since each internal user equals one chargeable user for the purpose of calculating User Value Units to order, in this case the 7,000 internal users would equate to 7,000 users to charge for and enter into the volume tiering table.

These 7,000 chargeable users calculate as 6,000 User Value Units to order for Security Access Manager for Enterprise Single Sign-On Standard Edition as follows:

 
Pricing metric  Chargeable user   User Value        User Value
TAM ESSO        quantity in       Units per         Units required
Standard        client            1,000 users (B)   ((A) * (B))/1,000
Edition         environment (A)
 
Tier 1                5,000           1,000              5,000
Tier 2                2,000             500              1,000
Tier 3                                  300
Tier 4                                  200
 
Chargeable user       7,000       User Value Unit        6,000
total                             total required

The Security Access Manager for Enterprise Single Sign-On Suite User Value Units (UVUs) to order are calculated as follows:

  • 16,000 additional internal user entitlements: These kiosk workers require session management, which is only available in the Suite package. Since each internal user equals 1 chargeable user for the purpose of calculating User Value Units to order, in this case, the 16,000 internal users would equate to 16,000 users to charge for and enter into the volume tiering table.
  • 35,000 external users: These entitlements will be used by the dealers and suppliers. They require Web Workplace, which is only available with the Suite package. Since each external user equals 15 chargeable users for the purpose of calculating User Value Units to order, in this case the 35,000 external users would equate to 3,000 users to charge for and enter into the volume tiering table.

The 16,000 chargeable internal users and the 3,000 chargeable external users are added together for the purpose of determining User Value Units to order. Using the volume tiering table from the previous section, 11,200 UVUs would need to be ordered for the 19,000 chargeable users for Security Access Manager for Enterprise Single Sign-On Suite as follows:

 
Pricing metric  Chargeable user   User Value        User Value
TAM ESSO        quantity in       Units per         Units required
Suite           client            1,000 users (B)   ((A) * (B))/1,000
                environment (A)
 
Tier 1                5,000           1,000              5,000
Tier 2               10,000             500              5,000
Tier 3                4,000             300              1,200
Tier 4                                  200
 
Chargeable user      19,000       User Value Unit       11,200
total                             total required



Back to topBack to top
 
Top rule
Ordering information
Bottom rule

This product is only available via Passport Advantage. It is not available as shrinkwrap.

 
  Product group:    IBM Tivoli Security
  Product:          Security Access Manager for Enterprise Single Sign-On V8.2
                     (5724V67)
 
  Product category: Security Event Management

Refer to the Basic license section.

Passport Advantage customer: Media pack entitlement details

Customers with active maintenance or subscription for the products listed are entitled to receive the corresponding media pack.

 
Media packs description                          Part number

IBM Security Access Manager for Enterprise       BJ10UML
Single Sign-On V8.2 MP ML
 
IBM Security Access Manager for Enterprise       BJ10NML
Single Sign-On Virtual Appliance V8.2 MP ML

Current licensees

Current licensees of Security Access Manager for Enterprise Single Sign-On V8.2 wanting to use the new virtual appliance need to upgrade to the new part numbers that entitle you to the virtual appliance offering. This upgrade requires you to purchase the trade-up part numbers associated with the Standard and Suite versions of the product. For subsequent purchases of software and subscription, you must purchase Renewal Licenses for Virtual Appliances and not renew under the previous IBM Tivoli Access Manager for Enterprise Single Sign-On Standard and Suite.

For example, you are currently entitled to subscription and support for 1 year on Security Access Manager for Enterprise Single Sign-On Standard. You now want to use the virtual appliance. In this case, you will have to purchase entitlements for subscription and support for Security Access Manager for Enterprise Single Sign-On Standard virtual appliance Standard. Similarly, if you have purchased subscription and support for Security Access Manager for Enterprise Single Sign-On Suite, and now want to use the new virtual appliance, you would also be required to trade-up to the new subscription and support part numbers for the virtual appliance Suite.

New licensees

Orders for new licenses will be accepted now.

Shipment will begin on the planned availability date.

Basic license

Ordering information for Passport Advantage

Passport Advantage allows you to have a common anniversary date for Software Subscription and Support, which can simplify management and budgeting for eligible new versions and releases (and related technical support) for your covered products. The anniversary date, established at the start of your Passport Advantage Agreement, will remain unchanged while your Passport Advantage Agreement remains in effect. New software purchases will initially include twelve full months of Software Subscription and Support. Software Subscription and Support in the second year (the first year of renewal) can be prorated to be coterminous with your common anniversary date. Thereafter, all Software Subscription and Support will renew at the common anniversary date for twelve full months of maintenance.

Refer to the IBM International Passport Advantage Agreement and to the IBM Software Support Handbook for specific terms relating to, and a more complete description of, technical support provided through Software Subscription and Support.

The quantity to be specified for the Passport Advantage part numbers in the following table is per required number of User Value Units. To order for Passport Advantage, specify the desired part number and quantity.

Description                                                 Part number
 
IBM Security Access Manager Enterprise for Single Sign-On   D04WPLL
Standard User VU License and Software Subscription &
Support 12 Months
 
IBM Security Access Manager Enterprise for Single Sign-On   E05AJLL
Standard User VU Software Subscription & Support
Renewal
 
IBM Security Access Manager Enterprise for Single Sign-On   D04WQLL
Standard User VU Software Subscription & Support
Reinstatement 12 Months
 
IBM Security Access Manager for Enterprise Single Sign-On   E07P1LL
Standard for zEnterprise™ BladeCenter® Extension and
Linux Sys z User Value Unit
Annual SW Subscription & Support Renewal
 
IBM Security Access Manager for Enterprise Single Sign-On   D0AUBLL
Standard for zEnterprise BladeCenter Extension and
Linux Sys z User Value Unit
License + SW Subscription & Support 12 Months
 
IBM Security Access Manager for Enterprise Single Sign-On   D0AUCLL
Standard for zEnterprise BladeCenter Extension and
Linux Sys z User Value Unit
SW Subscription & Support Reinstatement 12 Months
 
IBM Security Access Manager Enterprise for Single Sign-On   D04WLLL
Suite User VU License and Software Subscription
& Support 12 Months
 
IBM Security Access Manager Enterprise for Single Sign-On   E05AHLL
Suite User VU Software
Subscription & Support Renewal
 
IBM Security Access Manager Enterprise for Single Sign-On   D04WMLL
Suite User VU Software Subscription &
Support Reinstatement 12 Months
 
IBM Security Access Manager for Enterprise Single Sign-On   E07P0LL
Suite for zEnterprise BladeCenter Extension and
Linux Sys z User Value Unit
SW Subscription & Support Renewal
 
IBM SecurityAccess Manager for Enterprise Single Sign-On    D0AU9LL
Suite for zEnterprise BladeCenter Extension and
Linux Sys z User Value Unit
SW Subscription & Support 12 Months
 
IBM Security Access Manager for Enterprise Single Sign-On   D0AUALL
Suite for zEnterprise BladeCenter Extension and
Linux Sys z User Value Unit
SW Subscription & Support Reinstatement 12 Months
 
IBM Security Access Manager for Enterprise Single Sign-On   D0NKGLL
Std Virtual Appl UVU Lic + SW S&S 12 Mo
 
IBM Security Access Manager for Enterprise Single Sign-On   E0DEJLL
Std Virtual Appl UVU Annual SW S&S Rnwl
 
IBM Security Access Manager for Enterprise Single Sign-On   D0NKHLL
Std Virtual Appl UVU SW S&S Reinstate 12 Mo
 
IBM Security Access Manager for Enterprise Single Sign-On   D0NKJLL
Std Virtual Appliance
for zEnterprise BladeCenter Extension & Linux™ Sys z UVU
Lic + SW S&S 12 Mo
 
IBM Security Access Manager for Enterprise Single Sign-On   E0DEKLL
Std Virtual Appliance
for zEnterprise BladeCenter Extension & Linux Sys z UVU
Annual SW S&S Rnwl
 
IBM Security Access Manager for Enterprise Single Sign-On   D0NKKLL
Std Virtual Appliance
for zEnterprise BladeCenter Extension & Linux Sys z UVU
SW S&S Reinstate 12 Mo
 
IBM Security Access Manager for Enterprise Single Sign-On   D0NKLLL
Suite Virtual Appl UVU Lic + SW S&S 12 Mo
 
IBM Security Access Manager for Enterprise Single Sign-On   E0DELLL
Suite Virtual Appl UVU Annual SW S&S Rnwl
 
IBM Security Access Manager for Enterprise Single Sign-On   D0NKMLL
Suite Virtual Appl UVU SW S&S Reinstate 12 Mo
 
IBM Security Access Manager for Enterprise Single Sign-On   D0NKRLL
Suite Virtual Appliance
for zEnterprise BladeCenter Extension & Linux Sys z
UVU Lic + SW S&S 12 Mo
 
IBM Security Access Manager for Enterprise Single Sign-On   E0DEMLL
Suite Virtual Appliance
for zEnterprise BladeCenter Extension & Linux Sys z
UVU Annual SW S&S Rnwl
 
IBM Security Access Manager for Enterprise Single Sign-On   D0NKSLL
Suite Virtual Appliance
for zEnterprise BladeCenter Extension & Linux Sys z
UVU SW S&S Reinstate 12 Mo
 

Passport Advantage trade up

Below is a list of precursor products for which you must have already acquired a license, in order to be eligible to acquire equivalent licenses using the trade-up part number.

Precursor product         Trade-up product        Trade-up part number
 
Tivoli Access Mgr for     Tivoli Access Mgr for   D04YCLL
Enterprise for Single     Enterprise for Single
Sign-On Standard          Sign-On Suite
User Value Unit           User Value Unit
Trade-up License +
SW Subscription and
Support 12 Months
 
IBM Security Access       Tivoli Access Mgr for   D0NKILL
Manager for Enterprise    Enterprise for Single
Single Sign-On            Sign-On Standard
Std UVU                   Virtual Appliance
Trdup Lic +               User Value Unit
SW S&S 12 Mo
 
 
IBM Security Access       IBM Security Access     D0NKNLL
Manager for Enterprise    Manager for Enterprise
Single Sign-On Standard   Single Sign-On Suite
Virtual Appl UVU          Virtual Appl UVU
Trdup Lic +
SW S&S 12 Mo
 
IBM Security Access      IBM Security Access     D0NKPLL
Manager for Enterprise   Manager for Enterprise
Single Sign-on Suite     Single Sign-On Suite
UVU Trdup Lic +          Virtual Appl UVU
SW S&S 12 Mo
 

To order a media pack for Passport Advantage, specify the part number in the desired quantity from the following table:

 
Description                                          Part number
 
IBM Security Access Manager for Enterprise           BJ10UML
Single Sign-On v8.2 MP ML
 
IBM Security Access Manager for Enterprise           BJ10NML
Single Sign-On Virtual Appliance v8.2 MP ML

IBM Tivoli Access Manager for Enterprise Single Sign-On V8.1 is also available, via web download, from Passport Advantage.

Consult your IBM representative if you have any questions.

Subscription and Support

Subscription and Support must be ordered to receive voice technical support via telephone during normal business hours, and future releases and versions, at no additional charge. The capacity of Subscription and Support (for example, Processor Value Units or terabytes) must be the same as the capacity ordered for the product licenses.

To order, specify the Subscription and Support program product number and the appropriate license or charge option.

IBM is also providing Subscription and Support for these products, via a separately purchased offering, under the terms of the IBM International Agreement for Acquisition of Support Maintenance. This offering:

  • Includes and extends the support services provided in the base support to include technical support via telephone during normal business hours.
  • Entitles you to future releases and versions, at no additional charge. Note that you are not entitled to new products.

When Subscription and Support is ordered, the charges will automatically renew annually unless cancelled by you.



Back to topBack to top
 
Top rule
Terms and conditions
Bottom rule

The information provided in this announcement letter is for reference and convenience purposes only. The terms and conditions that govern any transaction with IBM are contained in the applicable contract documents such as the IBM International Program License Agreement, IBM International Passport Advantage Agreement, and the IBM Agreement for Acquisition of Software Maintenance.

This product is only available via Passport Advantage. It is not available as shrinkwrap.

Licensing

IBM International Program License Agreement including the License Information document and Proof of Entitlement (PoE) govern your use of the program. PoEs are required for all authorized use. Part number products only, offered outside of Passport Advantage, where applicable, are license only and do not include Software Maintenance.

This software license includes Software Subscription and Support (also referred to as Software Maintenance).

These programs are licensed under the IBM Program License Agreement (IPLA) and the associated Agreement for Acquisition of Software Maintenance, which provide for support with ongoing access to releases and versions of the program. IBM includes one year of Software Subscription and Support (also referred to as Software Maintenance) with the initial license acquisition of each program acquired. The initial period of Software Subscription and Support (also referred to as Software Maintenance) can be extended by the purchase of a renewal option, if available. These programs have a one-time license charge for use of the program and an annual renewable charge for the enhanced support that includes telephone assistance (voice support for defects during normal business hours), as well as access to updates, releases, and versions of the program as long as support is in effect.

License Information form numbers
  • L-MDUN-8LURUT - Security Access Manager for Enterprise Single Sign-On V8.2 Standard (5724-V67)
  • L-MDUN-8MSP32 - Security Access Manager for Enterprise Single Sign-On V8.2 Suite (5724-V67)
  • L-MDUN-8MSRLX - Security Access Manager for Enterprise Single Sign-On Standard V8.2 (Virtual Appliance) (5724-V67)
  • L-MDUN-8MSQ8A - Security Access Manager for Enterprise Single Sign-On Suite V8.2 (Virtual Appliance) (5724-V67)

The program's License Information will be available for review on the IBM Software License Agreement website

http://www.ibm.com/software/sla/sladb.nsf
Limited warranty applies

Yes

Limited warranty

IBM warrants that when the program is used in the specified operating environment, it will conform to its specifications. The warranty applies only to the unmodified portion of the program. IBM does not warrant uninterrupted or error-free operation of the program or that IBM will correct all program defects. You are responsible for the results obtained from the use of the program.

IBM provides you with access to IBM databases containing information on known program defects, defect corrections, restrictions, and bypasses at no additional charge. For further information, consult the IBM Software Support Handbook found at

http://www.ibm.com/support/handbook

IBM will maintain this information for at least one year after the original licensee acquires the program (warranty period).

Program technical support

Technical support of a program product version or release will be available for a minimum of five years from the general availability date, as long as your Software Subscription and Support (also referred to as Software Maintenance) is in effect. This technical support allows you to obtain assistance (via telephone or electronic means) from IBM for product-specific, task-oriented questions regarding the installation and operation of the program product. Software Subscription and Support (Software Maintenance) also provides you with access to updates (modifications or fixes), releases, and versions of the program. You will be notified, via announcement letter, of discontinuance of support with 12 months' notice. If you require additional technical support from IBM, including an extension of support beyond the discontinuance date, contact your IBM representative or IBM Business Partner. This extension may be available for a fee.

Money-back guarantee

If for any reason you are dissatisfied with the program and you are the original licensee, you may obtain a refund of the amount you paid for it, if within 30 days of your invoice date you return the program and its PoE to the party from whom you obtained it. If you downloaded the program, you may contact the party from whom you acquired it for instructions on how to obtain the refund.

For clarification, note that (1) for programs acquired under the IBM International Passport Advantage offering, this term applies only to your first acquisition of the program and (2) for programs acquired under any of IBM's On/Off Capacity on Demand (On/Off CoD) software offerings, this term does not apply since these offerings apply to programs already acquired and in use by you.

Volume orders (IVO)

No

IBM International Passport Advantage Agreement
Passport Advantage applies

Yes, and through the Passport Advantage website at

http://www.ibm.com/software/passportadvantage
Usage restriction

Yes

Usage is limited to the quantity of Value Units licensed.

For additional information, refer to the License Information document that is available on the IBM Software License Agreement website

http://www.ibm.com/software/sla/sladb.nsf
Software Subscription and Support applies

Yes. Software Subscription and Support (also referred to as Software Maintenance) is included with licenses purchased through Passport Advantage and Passport Advantage Express®. Product upgrades and Technical Support are provided by the Software Subscription and Support offering as described in the Agreements. Product upgrades provide the latest versions and releases to entitled software and Technical Support provides voice and electronic access to IBM support organizations, worldwide.

IBM includes one year of Software Subscription and Support with each program license acquired. The initial period of Software Subscription and Support can be extended by the purchase of a renewal option, if available.

While your Software Subscription and Support is in effect, IBM provides you assistance for your routine, short duration installation and usage (how-to) questions, and code-related questions. IBM provides assistance via telephone and, if available, electronic access, only to your information systems (IS) technical support personnel during the normal business hours (published prime shift hours) of your IBM support center. (This assistance is not available to your end users.) IBM provides Severity 1 assistance 24 hours a day, 7 days a week. For additional details, consult your IBM Software Support Handbook at

http://www.ibm.com/support/handbook

Software Subscription and Support does not include assistance for the design and development of applications, your use of programs in other than their specified operating environment, or failures caused by products for which IBM is not responsible under the applicable agreements.

For additional information about the International Passport Advantage Agreement and the IBM International Passport Advantage Express Agreement, visit the Passport Advantage website at

http://www.ibm.com/software/passportadvantage
System i Software Maintenance applies

No

Variable charges apply

No

Educational allowance available

Not applicable.



Back to topBack to top
 
Top rule
IBM Electronic Services
Bottom rule

IBM has transformed its delivery of hardware and software support services to help you achieve higher system availability. Electronic Services is a web-enabled solution that offers an exclusive, no-additional-charge enhancement to the service and support available for IBM servers. These services are designed to provide the opportunity for greater system availability with faster problem resolution and preemptive monitoring. Electronic Services comprises two separate, but complementary, elements: Electronic Services news page and Electronic Services Agent.

The Electronic Services news page is a single Internet entry point that replaces the multiple entry points traditionally used to access IBM Internet services and support. The news page enables you to gain easier access to IBM resources for assistance in resolving technical problems.

The Electronic Service Agent™ is no-additional-charge software that resides on your server. It monitors events and transmits system inventory information to IBM on a periodic, client-defined timetable. The Electronic Service Agent automatically reports hardware problems to IBM. Early knowledge about potential problems enables IBM to deliver proactive service that may result in higher system availability and performance. In addition, information collected through the Service Agent is made available to IBM service support representatives when they help answer your questions or diagnose problems. Installation and use of IBM Electronic Service Agent for problem reporting enables IBM to provide better support and service for your IBM server.

To learn how Electronic Services can work for you, visit

http://www.ibm.com/support/electronic


Back to topBack to top
 
Top rule
Prices
Bottom rule

Information on charges is available at website

http://www.ibm.com/support

In the Electronic tools category, select the option for Purchase/upgrade tools.

Business Partner information

If you are an IBM Business Partner -- Distributor for Workstation Software acquiring products from IBM, you may link to Passport Advantage Online for resellers where you can obtain Business Partner pricing information. An IBM ID and password are required.

https://www.ibm.com/software/howtobuy/passportadvantage/paoreseller

Passport Advantage

For Passport Advantage and charges, contact your IBM representative or your authorized IBM Business Partner. Additional information is also available at

http://www.ibm.com/software/passportadvantage


Back to topBack to top
 
Top rule
Order now
Bottom rule

To order, contact the Americas Call Centers or your local IBM representative, or your IBM Business Partner.

To identify your local IBM representative or IBM Business Partner, call 800-IBM-4YOU (426-4968).

Phone:      800-IBM-CALL (426-2255)
Fax:        800-2IBM-FAX (242-6329)
Internet:   callserv@ca.ibm.com
Mail:       IBM Teleweb Customer Support
            ibm.com® Sales Execution Center, Americas North
            3500 Steeles Ave. East, Tower 3/4
            Markham, Ontario
            Canada
            L3R 2Z1

Reference: SE001

The Americas Call Centers, our national direct marketing organization, can add your name to the mailing list for catalogs of IBM products.


Note: Shipments will begin after the planned availability date.
Trademarks

zEnterprise and Electronic Service Agent are trademarks of IBM Corporation in the United States, other countries, or both.

IBM, Tivoli, WebSphere, DB2, Passport Advantage, BladeCenter, Express and ibm.com are registered trademarks of IBM Corporation in the United States, other countries, or both.

Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or both.

Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both.

Other company, product, and service names may be trademarks or service marks of others.

Terms of use

IBM products and services which are announced and available in your country can be ordered under the applicable standard agreements, terms, conditions, and prices in effect at the time. IBM reserves the right to modify or withdraw this announcement at any time without notice. This announcement is provided for your information only. Additional terms of use are located at

http://www.ibm.com/legal/us/en/

For the most current information regarding IBM products, consult your IBM representative or reseller, or visit the IBM worldwide contacts page

http://www.ibm.com/planetwide/us/