IBM United States
Software Announcement 200-404
November 14, 2000

Tivoli SecureWay Product Family Enhancements

 ENUS200-404.PDF (94KB)


At a Glance

  • Enhancements for the following SecureWay products:
    • Tivoli SecureWay Policy Director
    • Tivoli SecureWay Risk Manager
    • Tivoli SecureWay Public Key Infrastructure
    • Tivoli SecureWay User Administration
  • Introduction of:
    • Tivoli SecureWay Policy Director for MQSeries
  • Availability of National Language Support for Tivoli SecureWay Risk Manager
  • Addition of Japanese National Language Support for Tivoli SecureWay Policy Director
For additional information, refer to Software Announcement 200-105 , dated April 25, 2000.

Overview

The Tivoli® SecureWay® family of security products provides enhanced security management solutions to manage your security policies and protect your entire e-business infrastructure.

In addition to the rich capabilities of the Tivoli SecureWay family of products announced in Software Announcement 200-105 , dated April 25, 2000, selected Tivoli SecureWay products have been enhanced as follows:

Tivoli SecureWay Policy Director V3R7

  • Cross Domain Web Single Sign-On
  • Delegated User Administration
  • Lotus® Domino™ Registry, Java™ 2 Security, and Windows™ 2000 Support
  • Authorization API Entitlement Service

Tivoli SecureWay Policy Director for MQSeries® V3R7

  • Access Control for MQSeries queues
  • Protection of data while in queue and on the wire
  • Works with existing applications — no need to make application changes
  • Leverages the Tivoli SecureWay Policy Director infrastructure

Tivoli SecureWay Risk Manager V3R7

  • Distributed Event Correlation
  • Diagnosis for resolution of threats and attacks
  • Firewall Management
  • Network Intrusion Detection Feature
  • Historical Reporting
  • Additional System and Operating System Options

Tivoli SecureWay Public Key Infrastructure V3R7

  • Multiple Registration Application (RA) Domains
  • Seamless Integration with Policy Director
  • Bulk Certificate Issuance and Suspend/Resume of Certificates
  • Key Recovery
  • Registration and Enrollment

Tivoli SecureWay User Administration V3R7

  • Password Management Tools Improvement
  • Performance and Scalability
  • Group Profile for UNIX® TMA Endpoints and Update Endpoints with TMA Architecture
  • Tivoli Policy Director Support
  • Windows 2000 Support and Windows NT™ Additional Attributes

With Tivoli SecureWay products, you are able to:

  • Let the right people in to the right applications and data
  • Cost-effectively manage the security infrastructure
  • Speed deployment of in-house applications

Description

Planned Availability Dates

  • November 24, 2000: Tivoli SecureWay Risk Manager V3R7 (International English)
  • December 15, 2000: Tivoli SecureWay Policy Director V3R7 (International English + Japanese)
  • December 15, 2000: Tivoli SecureWay Public Key Infrastructure V3R7 (International English)
  • December 29, 2000: Tivoli SecureWay Risk Manager V3R7 (National Language Support)
  • March 2, 2001: Tivoli SecureWay User Administration V3R7 (International English)
  • March 30, 2001: Tivoli SecureWay Policy Director for V3R7 MQSeries (International English)

Tivoli SecureWay Policy Director: Tivoli SecureWay Policy Director is the most robust and secure policy management solution for e-business and legacy applications on the market today. It uniquely addresses the top challenges of e-business security today — escalating costs, growing complexity, and our customers' inability to implement their security policies across their entire environment. With its powerful capabilities of providing highly-available, centralized authorization services, it enables customers to manage their business-critical distributed information. With Tivoli SecureWay Policy Director, customers can:

  • Centrally define and coordinate security policy in support of e-business applications
  • Transparently enforce authorization policy through access control rights to Web applications
  • Control access to TCP/IP-based client/server applications, including legacy environments
  • Decrease cost and complexity of e-business deployment through integrated security solution
  • Build security and authorization into new applications using a standardized authorization toolkit
  • Maintain secure access control rights without having to log-on separately to corporate Web servers
  • Ensure intelligent load balancing for better scalability and high availability of operations

Tivoli SecureWay Policy Director offers centralized policy management capabilities which provide a major improvement over the current best-practices of our customers, who are forced to manually implement their security policies across each of their applications and systems individually. With Tivoli SecureWay Policy Director, customers can now consolidate and manage security policies for their e-business applications and resources across the enterprise — all from a central console.

New enhancements to Tivoli SecureWay Policy Director V3.7 include the following:

  • Java 2 Security Support — For any Web Application Server, including WebSphere™, that supports Java 2, this support transparently integrates Policy Director's authorization services with Java 2's standard API for authorization. This support enables customers to transparently leverage a centralized authorization service as they develop Java-based e-business applications.
  • Cross Domain Web Single Sign-On — Enables customers to enhance their end-user's Web experience by reducing the number of logins required to access protected resources across multiple Internet domains.
  • Delegated User Administration — Enables system administrators to delegate user management responsibilities to sub-administrators which facilitates collaboration with internal business units/departments and external Business Partners.
  • Lotus Domino Registry Support — Policy Director now supports the Lotus Domino user registry as an alternative registry, enabling customers to leverage existing Lotus Domino investments.
  • Authorization API Entitlements Service — Provides e-business application developers an entitlements service interface (APIs) which they can then use to easily incorporate any entitlements service within Policy Director's authorization service. This enables e-business applications to enforce access control or other policies based on user entitlements and reduces the costs associated with building security into applications by reducing the need to write complex security code. Using an API based on open standards ensures consistency across applications.
  • Installation and configuration improvements — Enables customers to consolidate, manage, and enforce security policies of e-business applications quicker.
  • Windows 2000 Support

Tivoli SecureWay Policy Director for MQSeries: Tivoli SecureWay Policy Director for MQSeries is a comprehensive security solution for MQSeries. It provides access control services to restrict which users or applications can get/put messages on specific queues. It also allows MQSeries applications send data with confidentiality and integrity using keys associated with the sending and receiving users or applications. These services are provided transparently to MQSeries, meaning that existing applications are supported without requiring any changes to them.

Key features of this release include:

  • Definition and enforcement of centralized authorization policies (including data protection) for MQSeries resources (queues and messages on those queues).
  • Protection of MQSeries data as it flows across the network and as it sits in the queue.
  • Providing these functions transparently to existing MQSeries applications. MQSeries applications need not change in order to be protected by Tivoli SecureWay Policy Director for MQSeries.
  • Leverages the Tivoli SecureWay Policy Director Infrastructure to provide:
    • A single Administration console to manage security policy for MQSeries resources, Web resources, Corba application resources, and so forth
    • A centralized security policy repository
  • Platform support for Sun Solaris 7 and Windows NT 4.0.

Policy Director for MQSeries provides an "interceptor" process that sits between an MQSeries application and MQSeries itself. Calls made by the application to MQSeries for services are captured by this interceptor, which determines if the request for MQSeries services is authorized, and if the data in the transaction should be encrypted and/or digitally signed, before being placed in the queue requested, or unencrypted, and/or signature verified before being presented to the requesting applications.

These interceptors receive policy information from a master policy server (also known as management server) that is managed by an administration console. These components are identical to the ones delivered in Tivoli's award-winning Web access control product Tivoli SecureWay Policy Director. If a customer installs both products, a single master policy server will be shared between both products and administrators could set policy for both Web objects and MQSeries objects from a single console, if desired.

Policy Director for MQSeries is also designed to provide access control services for local applications attempting to access remote queues, on servers running on platforms that its interceptor does not run on today. For example, Policy Director for MQSeries can prevent an application running on Sun Solaris or Windows NT from getting, or putting, messages to a local queue that maps to a remote queue actually on a mainframe or AS/400.

Encryption and digital signing of messages requires that the Policy Director for MQSeries interceptor be running on both sides of the transaction. If services are needed to a mainframe or other platform the interceptor does run on today, a customer can set up a proxy system running the interceptor. A typical environment is a customer that has a remote network of distributed servers running MQSeries transactions across public networks to a central IS center. The requirement is to protect the transaction flows across the public network. The solution is to install the Policy Director for MQSeries interceptor on each of the remote servers, and on a new proxy server at the IS center as a front-end processor to the mainframe. The data is then protected from the remote locations to the IS Center.

Policy Director for MQSeries uses PKI credentials to authenticate the user or application requesting MQSeries services. It also requires PK Client services to provide the SMIME encryption services it uses to protect MQSeries message data from being snooped or tampered with while in a queue or on the wire from node to node.

Customers using Entrust Public Key Credentials must acquire the Entrust PKI Client Version 4.0, and later, with Entrust I.500 Server as software prerequisites. There are no prerequisites for Tivoli or Netscape support.

Statement of Direction

Tivoli plans to enhance Tivoli SecureWay Policy Director for MQSeries with support for the S/390 platform running OS/390® in the second half of 2001.

All statements regarding Tivoli's future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.

Tivoli SecureWay Risk Manager: Today's network computing enterprise requires an open, centralized, scalable, and process-oriented approach to intrusion detection and security management.

Products such as firewalls, intrusion detection appliances, access control, and Web servers are all required to implement specialized security functions. More often than not these products do not interoperate with each other, have to be managed and administered individually, and generate copious events and false alarms even during normal operation. Because the security device vendors do not have an effective way of managing this data without an automated correlation engine, administrators have to sift through the log file output from each of the intrusion agents and attempt a manual correlation, a process that is laborious, time-consuming, and often error prone. Without centralized management, it is almost impossible to determine attack patterns, make security assessments with any degree of assurance, or respond with real-time countermeasures. An integrated security solution is most effective when the firewalls, intrusion detection agents, network security, and application security solutions can work together in a coordinated fashion to minimize threats.

Tivoli SecureWay Risk Manager is the industry's first enterprise risk management solution that makes it possible to:

  • Implement a multi-tiered/distributed architecture with different layers of servers collecting data, sending only the relevant information to the upper level.
  • Pervasively manage and control all your enterprise security checkpoints. The product includes support for centralized collection, correlation, and analysis of data.
  • Implement role-based secure delegation of authority which allows definition of multiple administrator roles with responsibility for first or second level of analysis or responsibility for a subset of the network.
  • Make enterprise risk management a seamless part of your enterprise management process, leveraging the integration with a broad range of Tivoli and Tivoli-Ready network and systems management products.
  • Protect and promote customers' investment in "best-of-breed" products and solutions.

The new management features include:

  • Distributed Event Correlation — Ability to distribute the Risk Manager correlation intelligence over a hierarchical Tivoli Enterprise Console® environment composed of several tiers of TEC servers. The support of processing in multiple layers will make our solution more scalable, and it will enable local or regional administrators to manage security issues detected at the local or regional levels.
  • Historical Reporting ( Tivoli Decision Support Guide ) — The "Decision Support Guide for Enterprise Risk Management" will perform historical reporting on the data retrieved by our endpoints and other Tivoli products. It will enable our customers to perform continuous security improvements by easily identifying security "hot spots" in their enterprise network. It will include guides for Firewall Management, Intrusion Detection, Virus Management, and Risk Assessment.
  • Tasks to diagnosis and resolve threats and attacks — Ability to centrally execute (in a real-time or scheduled fashion) diagnosis or resolution tasks on the managed endpoints. These include policy management tasks that provide the ability to update and verify a security policy.

New managed technology includes:

  • Firewalls — CheckPoint Firewall-1 and Cisco PIX Firewall with the ability to take actions on the firewall, such as dynamically closing a firewall port. Firewall Management reports are included in the decision support guide.
  • AntiVirus — Support for Symantec Norton AntiVirus.
  • Tivoli SecureWay Policy Director — Ability to manage Policy Director Webseal through the Web IDS.
  • Web IDS — Ability to report unauthorized and suspicious accesses through the Web IDS component will be extended to WebSphere.
  • ISS RealSecure Host-based IDS
  • Cisco Routers
  • Operating Systems — Ability to process logs and exposures of Sun, AIX®, and Windows NT

Tivoli SecureWay Risk Manager V3.7 — Network Intrusion Detection Feature: A separately priced network intrusion detection system will be provided with the product.

The network intrusion detection feature includes an enhanced version of the network intrusion detection technology previously included in the Tivoli Cross-Site for Security Agent.

This feature will include:

  • Event consolidation into Tivoli Enterprise Console
  • Periodic update of signatures via secure Tivoli Customer Support Web Site to registered customers only
  • Secure transmission of data via Tivoli Framework communication protocol
  • Ability to deploy and configure agent via the Tivoli Enterprise Console Adapter Configuration Facility
  • Ability to deploy and update signatures via the Tivoli Enterprise Console Adapter Configuration Facility

The Tivoli SecureWay Risk Manager base feature will be required for event correlation, data mining (Decision Support), and response tasks for intrusion detection.

Tivoli SecureWay Public Key Infrastructure: Tivoli SecureWay Public Key Infrastructure V3.7 is an enhancement of our current Tivoli SecureWay Public Key Infrastructure product based on Version 3.1.2, an integrated Public Key Infrastructure (PKI) solution that enables e-business by issuing digital certificates worthy of trust. Tivoli SecureWay Public Key Infrastructure is a cross-platform, easy-to-use offering with manual and automated registration capabilities targeted at medium and large enterprises and Independent Software Vendors. It provides the ability to perform complete life cycle management of certificates via the T-PKI Client or via standard Web browsers. Tivoli SecureWay Public Key Infrastructure not only issues standard certificates, such as S/MIME, IPSec (for Virtual Private Networks), and server certificates, but also provides the flexibility to add user-defined extensions. The T-PKI application adheres to the PKI for X.509V3 (PKIX) standards.

The Registration Authority provides customers with workflow features and the ability to easily integrate with other existing applications. Other features includes the ability to manage various types of security credentials such as USERID/Passwords, SmartCards, and so forth.

The Certificate Authority includes advanced features such as cross-certification certificate extensions. Tivoli SecureWay Public Key Infrastructure leverages IBM KeyWorks for cryptographic and key store function.

  • Provides authentication and reduces the risk of non-repudiation for e-business transactions
  • Handles digital certificates for multiple uses, such as e-commerce or identification of remote employees
  • Uses digital signing to foster confidence that transferred data has not been altered
  • Offers scalability needed for your growing business
  • Uses a virtual smartcard interface to ease migration to smart cards
  • Simplifies administration of digital credentials within large organizations and across organizational boundaries
  • Automates the registration process to speed digital certificate administration
  • Allows user defined extensions to your digital certificates
  • Facilitates process workflow of registration and enrollment tasks
  • Provides seamless integration with Tivoli SecureWay Policy Director via Policy Exits

Tivoli SecureWay Public Key Infrastructure V3.7 extends new functionality in numerous ways, including the following:

  • Multiple RA Domains — This feature allows for an organization to assign roles and responsibility by domains, allowing for easier management and approval control.
  • Bulk certificate issuance — Allows for batch processing and issuance of certificates.
  • Key Recovery — Enables backup and recovery of end entity certificates and corresponding private keys certified by Tivoli SecureWay Public Key Infrastructure.
  • Suspend/Resume Certificates — Allows an administrator to suspend and subsequently resume the use of certificates based on user defined security policies.

Tivoli SecureWay User Administration: Tivoli SecureWay User Administration provides automated, secure management of user attributes and user services across heterogeneous, distributed networks. Tivoli SecureWay User Administration is an administrative tool that provides a single interface to centrally manage users on heterogeneous platforms with minimal effort, while enforcing your business' rules for user management.

Tivoli SecureWay User Administration features policy-based management, management by subscription, secure delegation, and a platform-independent interface. The implementation of Tivoli SecureWay User Administration is scalable and can be expanded to handle the needs of a large enterprise.

Here are some of the outstanding security capabilities provided:

  • Provides User administration for distributed heterogeneous environments: The product can be installed in a wide number of server platforms to fit customer installations. Tivoli SecureWay User Administration manages a wide variety of endpoints, including:
    • Windows NT
    • Netware
    • OS/2®
    • AIX
    • Solaris
    • HP-UX
    • RACF®
    • AS/400
    • Notes™
    • LDAP

    The LDAP Connection feature allows mapping of attributes under Tivoli SecureWay User Administration to specific schema values in an LDAP repository.

  • Centrally manages passwords and password resets and a complete set of attributes on the most common platforms, right out of the box.

    The most important and dynamic attribute in a user account is the password. Tools are provided to ease the management of user passwords including resets, password changes, synchronization tools, validation routines, and default password generation.

  • With centralized architecture, administrators can manage resources from anywhere in the network because the administration server is centralized. Administrators only have to go to a single interface to manage the users on all resources.

    Tivoli SecureWay User Administration uses Attribute Validation scripts. Scripts can be attached to each attribute field. These scripts can be used to periodically validate the integrity of the actual stored values in the target environments. They provide preventive maintenance for all security attributes. Customers also have the capability to extend the number of attributes by using this management functionality with current attributes.

  • Simplifies security administration and enforces business policies for user administration, to reduce security risks and exposures within your system's management environment. Tivoli SecureWay User Administration follows a hierarchical and role-based administration model. This model allows secure delegation of authority in an administrative structure. It provides granular support for assigning an administrative hierarchy and delegation of tasks. This fine-grain role architecture facilitates entrusting sensitive activities with limited authority. Higher level administrators can be assigned policy definition tasks, while the lower level administrators are restricted to policy enforcement.
  • Automates the creation of users through single action management. The Default Attribute generation feature saves time and reduces the errors related to the creation of new users in heterogeneous distributed environments. It allows the administrator to define rules for creating different attributes to be propagated to the different environments where the user is created. This reduces the repetitiveness of creating a user on individual environments, and ensures that all users are created using the same company rules, using only a single action.
  • Integrates with other Tivoli security products like Tivoli SecureWay Security Manager, Tivoli SecureWay Policy Director, and Tivoli SecureWay Global Sign-On.

    Tivoli SecureWay User Administration leverages the functionality of:

    • Tivoli SecureWay Security Manager for policy/group/role management.
    • Tivoli SecureWay Policy Director and Tivoli SecureWay Global Sign-On for login/password management.
    • Tivoli Framework for secure communication and authentication. Tivoli SecureWay User Administration and the Tivoli Framework protect the identity of the administrators and the user data is transmitted with several levels of privacy.
    • Tivoli SecureWay User Administration also integrates with other Tivoli services such as Tivoli Distributed Monitoring, Tivoli Event Console, Tivoli Decision Support, and Tivoli Software Distribution.

With Tivoli SecureWay User Administration, the benefits are clear. Help Desk administrators will be able to reset passwords and change user information from a centralized interface into a wide variety of platforms. Expertise on the various specific security mechanisms for each platform will not be required. Environment-wide changes can be propagated with a single push of a button.

IT managers will no longer require a group of expert administrators to support their whole heterogeneous environment. The required changes will be done faster and according to business rules. Extensive training for the administrator will not be required, and they can concentrate on enforcing business policy.

CIOs will have lower costs of administration, and better enforcing of the business policies.

End users will have faster resolution of problems they bring to the help desk, so that they can be more productive.

Highlights of V3.7

  • Native Windows 2000 Active Directory support — Provides support for the leading-edge technologies provided by Microsoft™ Operating Systems, allowing customers to migrate into this new environment.
  • Password management enhancements — The most recent tool is the "One Password" tool. It is a Web interface that improves the password reset capabilities and allows end users and administrators to reset passwords through Tivoli SecureWay User Administration via an easy-to-use Web interface. There are also improvements to the wpasswd tool to check for password strength rules.
  • Group Profiles supported in UNIX TMA endpoint — Ports the capability to handle user groups in UNIX to the scalable 3-tier TMA architecture.
  • Performance/scalability improvements — New interfaces and algorithms have been implemented to make the management of very large user sets easier to handle. Improvements include "User Locator" search, distribution performance, population performance, and database scalability tuning.
  • Improved Windows NT support — Includes new attributes for more complete handling of the Windows NT user accounts.
  • Concurrency enhancements — Provides a better interface to plug in front ends to the Tivoli SecureWay User Administration CLI interface, like a Web tool.
  • Improved AS/400 support — Includes new attributes for a more complete handling of the AS/400 user accounts.
  • Fine-grained roles implementation — Adds more fine-grain roles to allow for more granular control over administrator rights.
  • Tivoli SecureWay Policy Director Support — Added support to manage users in the Tivoli SecureWay Policy Director e-business solution.

Year 2000

These products are Year 2000 ready. When used in accordance with their associated documentation, they are capable of correctly processing, providing, and/or receiving date data within and between the twentieth and twenty-first centuries, provided that all products (for example, hardware, software, and firmware) used with the products properly exchange accurate date data with them.

Euro Currency

These programs are not impacted by euro currency.

Reference Information

Refer to:

  • Software Announcement 200-017 , dated February 15, 2000
  • Software Announcement 200-100 , dated April 25, 2000
  • Software Announcement 200-105 , dated April 25, 2000

Trademarks

 
WebSphere is a trademark of International Business Machines Corporation in the United States or other countries or both.
 
SecureWay, MQSeries, AS/400, OS/390, AIX, OS/2, and RACF are registered trademarks of International Business Machines Corporation in the United States or other countries or both.
 
Windows, Windows NT, and Microsoft are trademarks of Microsoft Corporation.
 
Java is a trademark of Sun Microsystems, Inc.
 
UNIX is a registered trademark in the United States and other countries exclusively through X/Open Company Limited.
 
Tivoli and Tivoli Enterprise Console are registered trademarks of International Business Machines Corporation or Tivoli Systems Inc. in the United States or other countries or both.
 
Domino and Notes are trademarks of Lotus Development Corporation.
 
Lotus is a registered trademark of Lotus Development Corporation.
 
Other company, product, and service names may be trademarks or service marks of others.

Education Support

Training is available for all Tivoli® products. Education is offered through IBM Education and Training, and through Tivoli Systems. Worldwide information about education offerings is available on the IBM Education and Training home page on the Internet at:

For current information on Tivoli Systems education, call 512-436-8000, or visit the Tivoli Systems home page on the Internet at:

Offering Information

Product information will be available on day of announcement through Offering Information (OITOOL) at:

Publications

The following publications can be ordered after planned availability. To order, contact your IBM/Tivoli representative.

Tivoli SecureWay® Risk Manager V3R7

                                                       Order
Title                                                  Number
 
Tivoli SecureWay Risk Manager V3R7                     GC32-0702
 Development Guide
Tivoli SecureWay Risk Manager V3R7                     GC32-0703
 User's Guide
Tivoli SecureWay Risk Manager V3R7                     GI11-0799
 Release Notes(TM)
Tivoli SecureWay Risk Manager V3R7                     GC32-0704
 -- Network Intrusion Detection
 Option User's Guide
Tivoli SecureWay Risk Manager V3R7                     GI11-0800
 -- Network Intrusion Detection
 Option Release Notes
 
International Program License Agreement                Z125-3301
 
License Information document                           LC23-4474

Tivoli SecureWay Policy Director for MQSeries® V3R7

                                                       Order
Title                                                  Number
 
Tivoli SecureWay Policy Director                       GI11-0808
 for MQSeries V3R7 Read Me First

Note: Product publications are delivered on the product CD-ROM.

                                                       Order
Title                                                  Number
 
International Program License Agreement                Z125-3301
License Information document                           LC23-4474
 
Tivoli SecureWay User Administration V3R7
 
Tivoli SecureWay User Administration                   GC32-0660
 V3R7 Management Guide
Tivoli SecureWay User Administration                   GC32-0661
 V3R7 Reference Manual
Tivoli SecureWay User Administration                   GI11-0803
 V3R7 Release Notes
Tivoli SecureWay User Administration                   GC32-0709
 V3R7 Supplement for Policy Director
Tivoli SecureWay User Administration                   GC32-0665
 V3R7 Supplement for OS/400(R)
International Program License Agreement                Z125-3301
License Information document                           LC23-4474

Tivoli SecureWay Policy Director V3R7 — Unchanged by this announcement.

Tivoli SecureWay Public Key Infrastructure V3R7 — Unchanged by this announcement.

Technical Information

Specified Operating Environment

Hardware Requirements

Tivoli SecureWay Policy Director

  • RS/6000®
  • Intel® x86 or Pentium™
  • Sun SPARC
  • HP 9000 Servers
  • Disk space: 50 MB
  • Memory: 64 MB

Tivoli SecureWay Policy Director for MQSeries

  • RS/6000 servers running AIX® 4.3.3
  • Sun SPARC servers running Sun Solaris 7
  • Intel Pentium (300 MHz) or equivalent for systems running Windows NT™ 4.0
  • Disk Space: 70 MB
  • Memory: 64 MB

Tivoli SecureWay Risk Manager

Tivoli SecureWay Risk Manager V3.7 includes a mandatory component called "Tivoli SecureWay Risk Manager Server", and several optional components including:

  • Tivoli Decision Support for Enterprise Risk Management
  • Tivoli SecureWay Risk Manager Event Integration Facility
  • Adapter for ISS RealSecure Network Engine
  • Adapter for ISS RealSecure System Host
  • Adapter for Cisco Secure IDS
  • Adapter for CheckPoint FE-1
  • Adapter for Symantec Norton AntiVirus
  • Adapter for Cisco Routers
  • Adapter for Cisco PIX Firewall
  • Tivoli Web Intrusion Detection System
  • Tivoli Network Intrusion Detection System
  • Tivoli Host Intrusion Detection System

Each of these components run on one or more of the following hardware platforms:

  • Sun SPARC
  • Intel x86 or Pentium
  • RS/6000

Refer to the Tivoli SecureWay Risk Manager V3.7 Release Notes document for specific hardware and disk space requirements that will be accessible from the Tivoli Customer Support Web Site located at:

Tivoli SecureWay Public Key Infrastructure

  • RS/6000 (233 MHz) processor
  • PC (Intel Pentium 300 MHz) processor
  • Disk Space: 2 GB
  • Memory: 256 MB

Tivoli SecureWay User Administration

Tivoli SecureWay User Administration V3R7 will support the following hardware depending on the software running on a server, gateway, or endpoint.

  • Sun SPARC
  • Intel x86 or Pentium
  • RS/6000
  • AS/400®
  • S/390®
  • HP 9000 Models 700 and 800

Refer to the Tivoli SecureWay User Administration V3R7 Release Notes for further details on hardware requirements.

Software Requirements

Tivoli SecureWay Policy Director

Server platforms:

  • AIX 4.3.3, or later
  • Windows NT 4.0 with Service Pack 5, or later
  • Windows™ 2000
  • Sun Solaris 2.7 and 2.8
  • HP-UX 11.0

Client platforms:

  • Windows 95/98
  • Windows NT 4.0 with Service Pack 5, or later
  • Windows 2000

Tivoli SecureWay Policy Director for MQSeries

  • MQSeries V5.1, or later
  • Entrust PKI Client Version 4.0, or later with Entrust I.500 Server if using Entrust PKI
  • Sun Solaris 7
  • Windows NT, Service Packs 5 or 6
  • AIX V4.3.3

Tivoli SecureWay Risk Manager

Tivoli SecureWay Risk Manager V3.7 includes a mandatory component called "Tivoli SecureWay Risk Manager Server", and several optional components including:

  • Tivoli Decision Support for Enterprise Risk Management
  • Tivoli SecureWay Risk Manager Event Integration Facility
  • Adapter for ISS RealSecure Network Engine
  • Adapter for ISS RealSecure System Host
  • Adapter for Cisco Secure IDS
  • Adapter for CheckPoint FE-1
  • Adapter for Symantec Norton AntiVirus
  • Adapter for Cisco Routers
  • Adapter for Cisco PIX Firewall
  • Tivoli Web Intrusion Detection System
  • Tivoli Network Intrusion Detection System
  • Tivoli Host Intrusion Detection System

Software prerequisites include:

  • Windows NT 4.0
  • Sun Solaris 2.6, 2.7
  • AIX 4.3.3
  • Tivoli Framework
  • Tivoli Enterprise Console®

These programs require between 0.1 MB and 22 MB of disk space depending upon optional components selected. Refer to the Tivoli SecureWay Risk Manager V3.7 Release Notes document for specific hardware and disk space requirements.

Tivoli SecureWay Public Key Infrastructure

  • Windows NT Version 4.0 with Service Pack 5
  • DB2 Universal Database® for Tivoli PKI
  • Sun Java™ Development Kit Version 1.22 PTF8
  • IBM HTTP Server (IHS) Version 1.3.3.1, including the Global Services Kit (GSK)
  • WebSphere™ Application Server Version 3.5
  • IBM SecureWay Directory Server Version 3.1.1
  • AIX Version 4.3.2 or Version 4.3.3
  • Tivoli PKI database software, including DB2 Universal Database for Tivoli PKI
  • IBM Java Development Kit (JDK) Version 1.1.6.7, and the xlC Runtime Environment Version 3.6.4.1
  • IBM SecureWay 4758 PCI Cryptographic Coprocessor (optional)
Tivoli SecureWay User Administration

Tivoli SecureWay User Administration will require Tivoli Framework Version 3.6.4. Additionally, the supported platforms for the different services are presented in the following table:

                                Managed
                     Server     Node        Gateway     Endpoint
 
Solaris 2.6.1        Y          Y           Y           Y
Solaris 7.x          Y          Y           Y           Y
AIX 4.2.1            Y          Y           Y           Y
AIX 4.3.x            Y          Y           Y           Y
OS/2(R) V4           N          N           N           Y
Aurora               N          N           N           Y
OS/400               N          N           N           Y
OS/400 V4R3          N          N           N           Y
OS/400 V4R4          N          N           N           Y
OS/390 1.3           N          N           N           N
OS/390 2.4 - 2.7     N          N           N           N
OS/390 2.8, 2.9      N          N           N           N
HP-UX 10.2           Y          Y           Y           Y
HP-UX 11             Y          Y           Y           Y
Windows 95           N          N           N           N
Windows 98           N          N           N           N
NT 4.0 SP4           Y          Y           Y           Y
NT 4.0 SP5           Y          Y           Y           Y
NT 4.0 SP6           Y          Y           Y           Y
Windows 2000         N          N           N           Y
NetWare 4.11         N          N           N           Y
NetWare 4.2          N          N           N           Y
NetWare 5            N          N           N           Y

Packaging

Tivoli SecureWay Policy Director

  • One publication
  • Seven CD-ROMs

Tivoli SecureWay Risk Manager

  • Five publications
  • Three CD-ROMs
  • International Program License Agreement (IPLA) (Z125-3301)
  • License Information document (LC23-4474)

Tivoli SecureWay User Administration

  • Six publications
  • Two CD-ROMs
  • IPLA (Z125-3301)
  • License Information document (LC23-4474)

Tivoli SecureWay Public Key Infrastructure — Unchanged by this announcement

  • One publication
  • Four CD-ROMs
  • IPLA (Z125-3301)
  • License Information document (LC23-4474)

Tivoli SecureWay Policy Director for MQSeries

  • One publication
  • Four CD-ROMs
  • IPLA (Z125-3301)
  • License Information document (LC23-4474)

Security, Auditability, and Control

The Tivoli SecureWay products in this announcement provide a comprehensive array of security functions that, when properly installed and utilized, can help protect your IT environment and your company information from unauthorized access by persons inside or outside your organization.

These products offer a layer of security protection above that provided by the security and auditability features of the operating system and the Tivoli Management Framework.

The customer is responsible for evaluation, selection, and implementation of security features, administrative procedures, and appropriate controls in application systems and communication facilities.

Ordering Information

Basic License: Current licensees of Tivoli SecureWay Risk Manager must ensure that they have previously ordered adequate Tivoli Management Points to add this product to the customer environment. If additional Tivoli Management Points are required for this product, specify the one-time charge (OTC) feature number for Tivoli Management Points for server base, server features, and clients in the quantity desired.

Important Price Information: Customers may use Tivoli SecureWay Risk Manager V3R7 Server Base and Applications Options functions in their existing Tivoli SecureWay Risk Manager V1R0 configuration without acquiring additional Tivoli Management Points. Use of the Server System Option, Server Network Intrusion Detection Option and/or Client, requires additional Tivoli Management Points unless the configuration is altered to accommodate the new functions within the total 5698-RMG Tivoli Management Points already acquired by the customer.

Licensees of the new Tivoli SecureWay Policy Director for MQSeries must ensure that they have ordered adequate Tivoli Management Points to add this product to the customer environment. If additional Tivoli Management Points are required for this product, specify the OTC feature number for Tivoli Management Points for servers in the quantity desired.

New Licensees

Orders for new licenses will be accepted now.

Shipment will begin on the planned availability date.

New users should specify:

                                                       Program
Program Name                                           Number
 
Tivoli SecureWay User Administration                   5698-UAD
Tivoli SecureWay Policy Director                       5698-PDD
Tivoli SecureWay Risk Manager                          5698-RMG
Tivoli SecureWay Public Key                            5698-KID
 Infrastructure
Tivoli SecureWay Policy Director for                   5698-PDM
 MQSeries

To order a basic license, specify the program number, feature number 9001 for asset registration, and the OTC feature number from the tables below in the quantity desired (maximum quantity of 250 per feature number).

The quantity of Tivoli Management Points is based on servers and clients.

Use the following table to order the program product listed below. Ordering information for other products in this announcement is unchanged.

Program                                 Tivoli Management Points
Number          Program Name            Qty 1            Qty 250
 
5698-PDM        Tivoli SecureWay        2078             2079
                 Policy Director
                 for MQSeries

Tivoli Systems Support

Although the first year of support is included in the product price, a no-charge order must be placed using program number 5698-SPT specifying feature number 9001 for asset registration and the appropriate First Year Standard Support — No Charge feature number. This 5698-SPT order establishes entitlement records worldwide. If a 5698-SPT order is not placed, the customer will not be entitled to support even during the first year of a license.

Prior to the end of the first 12 months support period, customers will be notified of their support renewal options. Unless the customer notifies IBM/Tivoli to discontinue or alter the level of support currently being received, support will automatically be renewed for annual billing at the same level as selected in the first year. Once the subsequent year support feature numbers are in place, renewals are automatic and billed annually unless support is cancelled by the customer.

Tivoli Systems offers a variety of support options in response to diverse customer requirements. The table below summarize these offerings.

                                         Standard
Support Categories         Standard      24            Select
 
Support Coverage via       Normal        24 x 7        24 x 7
 Web, Phone, Fax, and      Bus Hrs
 E-mail
 
Web Support Tools          Yes           Yes           Yes
 (TIPS, FAQs, White
 Papers, Tools,
 Patch Downloads)
 
Maintenance and            Yes           Yes           Yes
 Upgrades
 
Support News               Yes           Yes           Yes
 
Escalation Process         Yes           Yes           Yes
 
Initial "Tivoli            No            No            Yes
 Select" Support
 Review (one
 customer location
 and one review per
 contract)
 
Heightened
 Responsiveness
  Severity 1 -- 1 hour     No            No            Yes
  Severity 2 -- 2 hour     No            No            Yes
  Severity 3 -- 4 hour     No            No            Yes
  Severity 4 -- 4 hour     No            No            Yes
 
                                         Standard
Support Categories         Standard      24            Select
 
Fast Path to "Tivoli       No            No            Yes
 Select" Level 2
 Engineer
 
Heightened                 No            No            Yes
 Resolution Priority
 
Proactive Tivoli           No            No            Yes
 Management
 Notification
 
On-site When Required      No            No            Yes
 (two trips per year
 not to exceed six
 days in total)
 
"Tivoli Select"            No            No            Quarterly
 Support Review and
 Recommendations
 (customer to
 identify single
 point of control
 site)
 
Minimum of 40,000          No            No            Yes
 Renewable Tivoli
 Management Points
 Required in
 Aggregate
  • Tivoli Standard Support

    This offering provides:

    • Technical support via Web, telephone, fax, and e-mail during normal IBM/Tivoli business hours Monday through Friday, except local holidays
    • Corrections (PTFs) or patches that fix substantial deviations of unmodified Tivoli products from the then-current code, publications, and/or informal documentation (that is, release notes and memos)
    • Software product updates that are improvements, extensions, or other changes which IBM/Tivoli, at its discretion, deems to be reasonable
    • Customer Self-Help Options available via Web 24 x 7 including:
      • Support Procedures — Maintenance renewal information and registration for access to support
      • Product-Specific Support Pages
      • Technical Documentation — including FAQs, Quick Solution Hints and Tips, Product Certification Information, Release Notes, Installation Guides, Redbooks, White Papers, and Fix READMEs
      • Knowledge Base — Search engine providing answers to many technical questions; databases include APARs, FAQs and Fix READMEs
      • Education and Training
      • Support Services — Databases allowing customers to download code fixes and report or update problems
      • Links to Support Contacts — providing the Tivoli Support phone number nearest the customer
  • Tivoli Standard-24 Support

    This offering provides:

    • All components offered in Tivoli Standard Support
    • In addition, Tivoli Standard-24 Support provides enhanced features including:
      • Technical support via Web, telephone, fax, and e-mail, 24 x 7 including holidays
      • Off-shift and holiday support provided on Severity 1 issues only
  • Tivoli Select Support

    This offering provides:

    • All components offered in Tivoli Standard-24 Support
    • In addition, Tivoli Select provides enhanced features including:
      • Initial Tivoli Select support review
      • Heightened responsiveness
          Severity 1 — 1 hour
          Severity 2 — 2 hours
          Severity 3 — 4 hours
          Severity 4 — 4 hours
    • Fast path to Tivoli Select Level-2 Engineers
    • Heightened Resolution Priority
    • Proactive Tivoli Management Notification
    • Customer Initiated On-Site Support available up to twice per contract period
    • Tivoli Select Support review and recommendations
    • Support provided in English only

    A minimum purchase/installation of 40,000 renewable points of Tivoli products in aggregate is required to acquire this support option.

Support Upgrade

During the first year of a license, the customer may upgrade to the Tivoli Standard-24 or Tivoli Select Support option by ordering the applicable OTC feature number from the table below. The OTC feature numbers may be specified on the initial order or later via an MES during the first year only. Ordering this OTC feature will not result in an extension of the no-charge support period.

In subsequent years, if a customer wants to upgrade to the Tivoli Standard-24 or Tivoli Select Support option, an MES order must be entered to discontinue the existing support option feature number and to add the feature number for the desired options After an MES order is entered, the support will be renewed and billed annually at that support level unless support is cancelled by the customer.

5698-SPT — First-Year Support Options

Use the following table to order support (5698-SPT) for the program products listed below.

                                                            Upgrade
                                        Upgrade   Upgrade   from
                                        from      from      1st Year
                                        1st Year  1st Year  Std-24
                                        to        to        to
                              1st Year  Std-24    Select    Select
                              Support   Support   Support   Support
Support                       No        One-Time  One-Time  One-Time
for                           Charge    Charge    Charge    Charge
Program    Support for        Feature   Feature   Feature   Feature
Number     Program Name       Number    Number    Number    Number
 
5698-PDM   Tivoli SecureWay
            Policy Director
            for MQSeries
             Qty of 1         2076      2064      2065      2066
             Qty of 250       2077      2067      2068      2069

5698-SPT — Subsequent Year Options

Use the following table to order support (5698-SPT) for the program products listed below.

                              Standard  Std-24    Select
                              Support   Support   Support
Support                       Annual    Annual    Annual
for                           Charge    Charge    Charge
Program    Support for        Feature   Feature   Feature
Number     Program Name       Number    Number    Number
 
5698-PDM   Tivoli SecureWay
            Policy Director
            for MQSeries
             Qty of 1         2070      2071      2072
             Qty of 250       2073      2074      2075

The Standard Support option, Standard-24 Support option and Select Support option are not transferable among the Tivoli Enterprise products. If support is desired, support option feature numbers must be ordered for each licensed product. The quantity of the billable feature numbers for support must be equal to the quantity of Tivoli Management Points for a licensed product.

End of Support

Tivoli SecureWay Policy Director

Tivoli support for Version 3 Release 6 will be discontinued 12 months after the general availability of Version 3 Release 7.

Tivoli SecureWay Risk Manager

Tivoli support for Version 1 Release 0 will be discontinued 12 months after the general availability of Version 3 Release 7.

Tivoli SecureWay User Administration

Tivoli support for Version 3 Release 6 will be discontinued 12 months after the general availability of Version 3 Release 7.

Tivoli SecureWay Public Key Infrastructure

Tivoli support for Version 3 Release 1 will be discontinued 12 months after the general availability of Version 3 Release 7

Basic Machine-Readable Material

Tivoli SecureWay Risk Manager (5698-RMG)

                               Feature
Description                    Number                     Medium
 
English
 Base + App. Opt. +            5809                       CD-ROM
  Sys. Opt. + Client
 Network Intrusion             5808                       CD-ROM
  Detection

National Language Features available February 16, 2001 (translated publications).

Tivoli SecureWay Policy Director for MQSeries (5698-PDM)

                               Feature
Description                    Number                     Medium
 
English                        5809                       CD-ROM

Tivoli SecureWay User Administration (5698-UAD)

National Language Features available April 27, 2001 (translated publications).

Features unchanged by this announcement.

Tivoli SecureWay Policy Director (5698-PDD)

Features unchanged by this announcement.

Tivoli SecureWay Public Key Infrastructure (5698-KID)

Features unchanged by this announcement.

Customization Options: Select the appropriate feature numbers to customize your order with delivery options desired. These features can be specified on the initial or MES orders.

Example: If publications are not desired for the initial order, specify feature number 3470 to ship media only. For future updates, specify feature number 3480 to ship media updates only. If, in the future, publication updates are required, order an MES to remove feature number 3480; then, the publications will ship with the next release of the program.

                                                    Feature
Description                                         Number
 
Initial Shipments
 
Serial Number Only (suppresses shipment             3444
 of media and documentation)
 
Ship Media Only (suppresses initial                 3470
 shipment of documentation)
 
Ship Documentation Only (suppresses                 3471
 initial shipment of media)
 
Update Shipments
 
Ship Media Updates Only (suppresses                 3480
 update shipment of documentation)
 
Ship Documentation Only (suppresses                 3481
 update shipment of media)
 
Suppress Updates (suppresses update                 3482
 shipment of media and documentation)
 
Expedite Shipments
 
Local IBM Office Expedite                           3445
 (for IBM use only)
 
Customer Expedite Process Charge                    3446
 ($30 charge for each product)

Expedite shipments will be processed to receive 72-hour delivery from the time IBM Software Delivery and Fulfillment (SDF) receives the order. SDF will then ship the order via overnight air transportation.

Terms and Conditions

Agreement: IPLA, IBM International Agreement for Acquisition of Programs and Support (IIAAPS), IBM Agreement for Acquisition of Support (IAAS), with the Attachment for Support and its Addendum for Tivoli Systems, and an Order Form

Transferable: Applies except when support is in effect

Limited Warranty Applies: Yes

Guarantee: Two months

Getting Started Period: Not applicable

Usage Restriction: Yes. Usage is limited to the quantity of Tivoli Management Points acquired for an OTC.

Educational Allowance Available: Yes, to qualified educational institutional customers.

Percentage: 15%

Volume Orders: Not applicable

Upgrade Protection Applies: Covered as long as support remains in effect

Licensed Program Materials Availability: Object Code only

Entitled Upgrade for Current Upgrade Protection Licensees: As announced for each program

Tivoli Support

Support Center applies:     Yes
 
                            Access is available through
                             the Tivoli Support Center,
                             800-TIVOLI8 (848-6548)
 
Availability:               The first year of Tivoli Support
                             is available at no additional
                             charge.  The first year starts
                             when the product is shipped to
                             the customer.
 
                            Subsequent years of Tivoli
                             Support are available for a fee
                             as part of the IAAS, IIAAPS, or
                             any equivalent agreement
 
Available until the         Twelve months after written
 product is discontinued:    notice of product
                             discontinuance, (that is,
                             end-of-life (EOL))
 
Applicable for:             The current release
 
                            The immediate previous release
                             level for 12 months after
                             the general availability of the
                             current release
 
APAR Mailing Address:       Tivoli Systems Inc.
                            9442 Capital of Texas Highway
                            Austin, TX  78759
                            USA
                            Attention:  Product Development

Support Line: No

Product Web Site

A complete list of products, terminology definitions, and licensing documents are available at the following Web site:

Unique Terms and Conditions

The following terms and conditions apply to Tivoli SecureWay Policy Director (5698-PDD)

Program-unique Terms

This Agreement governs the use and support of the Program with the exception of components of the Program which contain their own license agreements. The terms and conditions governing such components are provided when installing or starting such specific components.

The Program contains encryption technology that is subject to special export licensing requirements by the U.S. Department of Commerce. It may also be subject to export and import requirements of other countries. If you distribute any components of this program, you must abide by all applicable laws, rules and regulations regarding the export of such code. Further, you must ensure that all users, who receive the program from you, comply with the terms of this agreement .

The Program contains several server components and client components.

The Server Components are:

  • WebSeal Server
  • NetSeal Server (including DCE client)
  • Management Console Server
  • Authorization Server
  • SecureWay Directory
  • DCE Security and Directory Server

The Client Components are:

  • NetSeat client
  • DCE client

The DCE components included with this Program can only be used to access the Program's Server Components listed above.

You may only use the DB2® UDB component of the SecureWay Directory in association with your licensed use of the SecureWay Directory.

Warranty through Program Services: Yes, except Sun Solaris JRE provided from IBM in Policy Director.

The following terms and conditions apply to Tivoli SecureWay Public Key Infrastructure — 5698-KID

You understand and agree that Tivoli SecureWay PKI (the Program) contains data encryption functions which are subject to special export licensing restrictions by the U.S. Department of Commerce.

You understand and agree that the Program contains software from RSA Data Security, Inc. (RSA Code). You may not modify or directly access the RSA Code or its functions, except through the function calls of the Program, which may not be modified. In addition, the Program contains Standard Template Library software ("STL Software") from Silicon Graphics Computer Systems, Inc. ("SG STL Software") and Hewlett-Packard Company ("HP STL Software"). SG STL Software is copyright "1996-1999 Silicon Graphics Computer Systems, Inc." and HP STL Software is copyright "1994 Hewlett-Packard Company". STL Software may be found on the Web at:

and other places. Permission to use, copy, modify, distribute, and sell the SG STL Software and HP STL Software and their documentation for any purpose is hereby granted without fee, provided that the above copyright notice appears in all copies and that both that copyright notice and this permission notice appear in supporting documentation. Neither Silicon Graphics, Hewlett-Packard, nor Tivoli makes any representations about the suitability of the SG STL Software or HP STL Software for any purpose. The SG STL Software and HP STL Software are each provided "as is" without express or implied warranty.

The Program includes portions of DB2 Universal Database software ("DB2 Components"). You are not authorized to install or use the DB2 Components other than in connection with your licensed use of the Program for the storage and management of data used or generated by the Program. For example, this license does not include inbound connections to the database or the DB2 Components from other applications for queries or report generation. The DB2 Components must reside on the same machine as the Program, and you are not authorized to install or use the DB2 Components separate from the Program.

The Program includes portions of the WebSphere Application Server and the IBM HTTP Web Server ("IBM Servers"). You are not authorized to install or use the IBM Servers other than in connection with your licensed use of WebSphere. The IBM Servers must reside on the same machine as WebSphere, and you are not authorized to install or use the IBM Servers separate from the IBM WebSphere program.

You may not take any action, or permit any omissions, with respect to the WebSphere program that would exceed the license rights granted in the Agreement and these Program-unique terms. Any other use of the WebSphere program is prohibited. You are responsible for maintaining the overall security of your systems, processes, and information.

The WebSphere program includes the following code modules (hereinafter referred to as "Modules"), which are installed into the customer-chosen destination path for the Program Registration Authority portion of the WebSphere program: (1) all configuration files (file extension .cfg) and letter templates (file extension .ltr) in the \etc directory; (2) the policy_exit file in the \bin directory; and (3) all files in the \webpages directory. You may copy and modify the modules only for the purpose of customizing hypertext markup language ("HTML") screens, Java Server Pages, graphics, policy exits, configuration files, and sample letters in connection with your own applications which you create for use with the WebSphere program. You may not distribute or otherwise copy or modify the modules.

Tivoli shall have no liability to you or your customers or end users for your or their use of the WebSphere program, and you agree to indemnify, defend, and hold Tivoli and its subsidiaries and suppliers harmless from and against any claims (actual or alleged) that are based on or arise in connection with: (1) your use of the WebSphere program; (2) any of your customers or end users use of or interaction with the WebSphere program; (3) any use of or reliance upon any digital certificates issued by you using or in connection with the WebSphere program; and/or (4) any representations made by you about the IBM WebSphere program, provided that Tivoli: (a) promptly notifies you in writing of such claim and (b) allows you to control, and cooperates with you in the defense and any related settlement negotiations. Tivoli shall have the right to participate in such claim at its own expense.

IBM HTTP Server and the Apache HTTP Server: The IBM HTTP Server component of the WebSphere program includes software developed by The Apache Group for use in the Apache HTTP Server project. Refer to the following Web site for additional information:

In addition, the WebSphere program is accompanied by source code for the Apache HTTP Server. The portions of the IBM HTTP Server, which are based on software developed by The Apache Group, and the source code for the Apache HTTP Server are Copyright (c) 1995-1998 The Apache Group. All rights reserved.

IBM's license for the Apache HTTP Server requires IBM to reproduce the following license from The Apache Group:

Copyright (c) 1995-1998 The Apache Group. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

  • Redistributions of source code must retain the above copyright notice, this list of conditions, and the following disclaimer.
  • Redistributions in binary form must reproduce the above copyright notice, this list of conditions, and the following disclaimer in the documentation and/or other materials provided with the distribution.
  • All advertising materials mentioning features or use of this software must display the following acknowledgment. This product includes software developed by the Apache Group for use in the Apache HTTP server project. Refer to the following Web site for additional information:
  • The names "Apache Server" and "Apache Group" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, contact:
      apache@apache.org
  • Redistributions of any form whatsoever must retain the following acknowledgment. This product includes software developed by the Apache Group for use in the Apache HTTP server project. Refer to the following Web site for additional information:

This software is provided by the Apache Group "as is" and any expressed or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall the Apache Group or its contributors be liable for any direct, indirect, incidental, special, exemplary, or consequential damages (including, but not limited to, procurement of substitute goods or services; loss of use, date, or profits; or business interruption) however caused and on any theory of liability, whether in contract, strict liability, or tort (including negligence or otherwise) arising in any way out of the use of this software, even if advised of the possibility of such damage .

This software consists of voluntary contributions made by many individuals on behalf of the Apache Group and was originally based on public domain software written at the National Center for Supercomputing Applications, University of Illinois, Urbana-Champaign. For more information on the Apache Group and the Apache HTTP server project, refer to:

Your use of the source code for the Apache HTTP Server accompanying the WebSphere program is subject to the terms and conditions of the above license from The Apache Group and not the IPLA. In particular, IBM is providing the source code for the Apache HTTP Server on an AS-IS basis, without warranty of any kind (either express or implied) including, without limitation, any implied warranty of merchantability and fitness for a particular purpose and any warranty of non-infringement.

Your use of the WebSphere program, including the IBM HTTP Server component, is subject to the terms and conditions of the IPLA.

Customer Financing: IBM Global Financing offers attractive financing to credit-qualified commercial and government customers and Business Partners in more than 40 countries around the world. IBM Global Financing is provided by the IBM Credit Corporation in the United States. Offerings, rates, terms, and availability may vary by country. Contact your local IBM Global Financing organization. Country organizations are listed on the Web at:

Prices

The prices provided in this announcement are suggested retail prices for the U.S. only and are provided for your information only. Dealer prices may vary, and prices may also vary by country. Prices are subject to change without notice. For additional information and current prices, contact your local IBM representative.

Points Requirements Example for Tivoli SecureWay Risk Manager

Note: An appropriate-tier Base must be acquired for each optional function acquired.

Important Price Information: Customers may use Tivoli SecureWay Risk Manager V3R7 Server Base and Applications Options functions in their existing Tivoli SecureWay Risk Manager V1R0 configuration without acquiring additional Tivoli Management Points. Use of the Server System Option, Server Network Intrusion Detection Option, and/or Client requires additional Tivoli Management Points unless the configuration is altered to accommodate the new functions within the total 5698-RMG Tivoli Management Points already acquired by the customer.

Example: The following example illustrates how to apply the individual point values for a subset of the functions.

If a customer has Risk Manager System Option running on one Tier 3 server, six Tier 2 servers, and 15 Tier 1 servers, and five clients, the points required are as follows:

                                            Points
Item Being                                  per
Measured                   Quantity         Item           Total
 
Tier 3 Server
 Base                       1               400              400
 System Option              1               400              400
Tier 2 Server
 Base                       6                40              240
 System Option              6                40              240
Tier 1 Server
 Base                      15                20              300
 System Option             15                20              300
 
Clients                     5                 1                5
 
Total Points                                               1,885

Program             Program         Tivoli Management Points
Name                Number       Qty 1  Charge   Qty 250  Charge
 
Tivoli SecureWay    5698-PDM     2078   $31      2079     $7,750
 Policy Director
 for MQSeries

5698-SPT — First-Year Support Options

                                        Upgrade         Upgrade
                       Upgrade          from            from
                       from             1st Year        Std-24
                       1st Year         to              to
                       to Std-24        Select          Select
Support   Support      Support          Support         Support
for       for          OTC              OTC             OTC
Program   Program      Feature          Feature         Feature
Number    Name         Number     OTC   Number    OTC   Number   OTC
 
5698-PDM  Tivoli
           SecureWay
           Policy
           Director
           for
           MQSeries
            Qty of 1   2064       $  2  2065      $  4  2066     $  2
            Qty of 250 2067        375  2068       875  2069      500

OTC = One-Time Charge

5698-SPT — Subsequent Year Support Options

                       Standard        Std-24          Select
                       Support         Support         Support
Support   Support      Annual          Annual          Annual
for       for          Charge          Charge          Charge
Program   Program      Feature Annual  Feature Annual  Feature Annual
Number    Name         Number  Charge  Number  Charge  Number  Charge
 
5698-PDM  Tivoli
           SecureWay
           Policy
           Director
           for
           MQSeries
           Qty of 1    2070    $    5  2071    $    6  2072    $    8
           Qty of 250  2073     1,125  2074     1,500  2075     2,000

The Standard Support option, Standard-24 Support option, and Select Support option are not transferable among the Tivoli Enterprise products. If support is desired, support option feature numbers must be ordered for each licensed product. The quantity of the billable feature numbers for support must be equal to the quantity of Tivoli Management Points for a licensed product.

Trademarks

 
WebSphere is a trademark of International Business Machines Corporation in the United States or other countries or both.
 
SecureWay, MQSeries, OS/400, OS/390, RS/6000, AIX, AS/400, S/390, DB2 Universal Database, OS/2, and DB2 are registered trademarks of International Business Machines Corporation in the United States or other countries or both.
 
Pentium is a trademark of Intel Corporation.
 
Intel is a registered trademark of Intel Corporation.
 
Windows NT, Windows, and Microsoft are trademarks of Microsoft Corporation.
 
Java is a trademark of Sun Microsystems, Inc.
 
Tivoli and Tivoli Enterprise Console are registered trademarks of International Business Machines Corporation or Tivoli Systems Inc. in the United States or other countries or both.
 
Notes is a trademark of Lotus Development Corporation.
 
Other company, product, and service names may be trademarks or service marks of others.