IBM United States
Software Announcement 201-272
September 25, 2001

Tivoli SecureWay Policy Director V3.8 Delivers a Security Management Solution for Large-Scale Secure e-commerce and Enterprise Deployments

 ENUS201-272.PDF (57KB)


At a Glance

Tivoli SecureWay Policy Director V3.8 delivers the following:

  • Flexible Web Single Sign-On for eCommunity users across many different portals and enterprise applications
  • Open-standards implementation based on SSL, Light Weight Directory Access Protocol V3 (LDAPv3), Java™, Java 2 Enterprise Edition (J2EE), and Extensible Markup Language (XML)
  • Implementation of the Java 2 and Java Authentication and Authorization Services (JAAS) security model
  • Multi-level delegation and distributed management capability across the extended enterprise

For ordering, contact:

Your IBM representative, an IBM Business Partner, or IBM Americas Call Centers at 800-IBM-CALL (Reference: YE001).

Overview

Tivoli® SecureWay® Policy Director Version 3 Release 8 (V3.8) is an end-to-end security solution that delivers:

  • Web Single Sign-On and customer secure session management capability across the enterprise and business affiliates
  • Secure application platform capabilities to integrate common policy-based security into business applications such as Customer Relationship Management (CRM), business-to-business and business-to-consumer portals, e-commerce, and Web application servers
  • Scalability, high availability, and performance to support millions of users
  • Flexible Web-based distributed administration and multi-level delegation capabilities to business units and affiliates

Key Features and Benefits

  • Provides a secure control point for managing end-user experience with Web Single Sign-On.
  • Provides a common Secure Sockets Layer (SSL)-based and directory-based mechanism to manage user credentials, user profiles, and user entitlements that enables customer sessions to be managed consistently across e-business applications.
  • Delivers consistent access for end users to securely access their enterprise portal from their private LANs, the Internet, or via their mobile handsets using i-Mode or Wireless Application Protocol (WAP).
  • Delivers flexible authentication, authorization privacy, confidentiality, integrity, and auditing of e-commerce transactions.
  • Includes a Web Portal Manager that delivers a common management control point for delegated management of enterprise portal resources such as users (privileges/entitlements), groups, permissions, and application roles.
  • Provides a beta integration component for the Microsoft™ Active Directory platform on Windows® 2000.

    Note: The beta component is licensed under the International License Agreement for Early Release of Programs. Tivoli Support and Passport Advantage Software Maintenance are not provided for the beta component.

  • Adds a new plug-in for WebSphere™ Edge Server that delivers advanced virtual hosting, SSL acceleration, and dynamic secure caching capabilities.
  • Adds national language support for German, Italian, Japanese, Korean, Simplified Chinese, and Traditional Chinese.

Key Prerequisites

Refer to Software Requirements in the Technical Information section.

Planned Availability Date

October 12, 2001

End of Support

Based on the Tivoli end of support policy, Tivoli support for V3.7 of Tivoli SecureWay Policy Director will be discontinued 12 months after planned availability of Release 8.

Description

Tivoli SecureWay Policy Director V3.8 provides integrated policy-based security management for the extended enterprise that enables customers, Business Partners, employees, suppliers, and distributors to securely access enterprise portal resources in a trusted fashion.

In today's competitive environment, critical to the success of e-business is the extent to which business units integrate their business models within their extended business ecosystems. Security is a fundamental enabler of this "e-business ecosystem" that empowers businesses to deliver value functions to diverse end-user constituents, and Business Partners and affiliates.

On the Internet-facing side, business solutions may assume forms such as business portals, customer relationship management (CRM) systems, business-to-business exchanges, private, public, or vertical industry eMarketplaces, and business integration tools linking procurement systems or supply-chain integration or collaborative manufacturers. For example, business solutions in the business-to-consumer relationship may assume the form of consumer portals or employee portals, CRM systems, Internet banking, eMortgages, electronic bill payment, and ePay.

Integration with Internet-facing applications is just one part of the problem. Enterprise application integration with Web middleware (such as WebSphere and BEA WebLogic Server), messaging (such as MQSeries® and MQSeries Integrator), business processes, and Enterprise Resource Planning (ERP) are critical to deliver time-to-value to business units.

Tivoli SecureWay Policy Director V3.8 has the flexibility to:

  • Adapt to different types of relationships with key business constituents to drive e-commerce initiatives, collaboration, vertical integration, or other types of dynamic business models
  • Deliver support for different Internet models such as peer-to-peer, Web-of-trust, and hub-and-spoke
  • Deploy cross-enterprise solutions that respect and comply with the privacy settings of consumers' and Business Partners' browser interface
  • Deliver core capabilities to help enable business owners and their affiliates support branding, customer affinity, and Enterprise Application Integration

In addition, Tivoli SecureWay Policy Manager V3.8 provides:

  • A secure control point for managing and provisioning user profiles, privileges, and entitlements that deliver personalized and secure access to end users across the extended enterprise
  • A scalable standards-based, cross-platform security architecture that bridges Internet-facing, cross-enterprise applications with intra-enterprise application integration; including common security management, Web Single Sign-on, and enforcement of user access rights, privileges, and entitlements across the e-business infrastructure and middleware (J2EE, WebSphere, and MQSeries), and mainframe systems
  • Support for MQSeries using the add-on Tivoli SecureWay Policy Director for MQSeries product solution
  • Support for UNIX® Host Systems using the add-on Tivoli SecureWay Security Manager product solution
  • Web Single Sign-On across WebSphere solutions, including WebSphere Business Integrator, WebSphere Edge Server, WebSphere Everyplace™ Suite, and WebSphere Commerce Suite

The new features available in this release are robust and help ensure one of the most comprehensive security solutions for e-business and the enterprise. In addition, Tivoli SecureWay Policy Director V3.8 offers enhancements to help performance in session management, user authentication, and authorizations per second.

e-business Platform and Solution Support

V3.8 of Tivoli SecureWay Policy Director adds features that help enable you to manage your e-business platform and adds support for e-business solutions from many Independent Software Vendors (ISVs).

Web Single Sign-On for WebSphere and Domino™ Applicators

Tivoli SecureWay Policy Director V3.8 adds Web Single Sign-On capability for the following applicators using Tivoli SecureWay Policy Director V3.8's WebSEAL:

  • WebSphere Application Server
  • Lotus® Domino
  • WebSphere Portal Server
  • WebSphere Edge Server

Plug-in for WebSphere Edge Server Version 2

A new Tivoli SecureWay Policy Director V3.8 plug-in has been developed for use in conjunction with WebSphere Edge Server Version 2. The new plug-in can enable you to deploy secure, virtually-hosted Web proxy environments using Tivoli SecureWay Policy Director V3.8's authentication and authorization capabilities.

WebSphere Edge Server offers you:

  • A scalable, configurable content and services framework
  • Robust load-balancing capabilities including content-based routing
  • A high-performance caching proxy that features transparent, reverse, and forward proxy capabilities, transactional-level quality of service, and dynamic application execution at the "edge of the network"

By implementation and integrating Tivoli SecureWay Policy Director V3.8 and WebSphere Edge Server, you can benefit from the ease of working with a single object namespace representing the full set of security policy for the resources that you want to protect, as well as the benefits of Web Single Sign-On across your WebSphere and non-WebSphere resources.

Support for e-business Applications Using Java-Based Application Programming Interface

Tivoli SecureWay Policy Director V3.8 supports enhancements to its Java implementation of the Java 2 platform, and Java Authentication and Authorization Service (JAAS) specification. Application developers can leverage the familiar Java 2 security and JAAS interfaces within Java applications and Java application servers for authentication and fine-grained access control.

The PDPermission and PDPrincipal classes (100% pure Java implementation) ship as part of the Tivoli SecureWay Policy Director Application Developer Kit (ADK). ADK ships with Tivoli SecureWay Policy Director V3.8. These PDPermission and PDPrincipal classes provide authentication and authorization services to Java applications.

Enhancements to these class libraries include:

  • Auditing for local mode operations
  • Enhanced error-processing in the Java implementation
  • Enhanced developer reference documentation
  • Backwards compatibility for remote mode operation with Tivoli SecureWay Policy Director V3.7
In addition to PD Permission and PDPrincipal classes with JAAS support, Tivoli SecureWay Policy Director V3.8 supports the Java Wrappers for the Open Group aznAPI (Authorization API) implementation that ships with the product. Java Wrappers can enable application developers to leverage the capabilities of the "C" language-based aznAPI from Java applications. Note that developer questions and discussions surrounding the use of the Java Wrappers will be handled via a special developer technical forum outside of normal support.

SSL Management APIs for Custom Management Applications

A new set of SSL-based Management APIs ("C" language-based) is included that can enable enterprises to integrate or build their own management for user administration, permission management, and application access provisioning.

Beta Component (J2EE Support) for WebSphere Application Server

Tivoli SecureWay Policy Director V3.8 provides a beta component for WebSphere Application Server on Tivoli SecureWay Policy Director supported server platforms. The beta component can enable you take advantage of the following features:

  • Tivoli SecureWay Policy Director V3.8's access control engine to enforce security policies on WebSphere J2EE resources including Servlets, Java ServerPages (JSPs), and Enterprise JavaBeans (EJBs) — session beans and entity beans.
  • Tivoli SecureWay Policy Director V3.8's J2EE deployment tool to map J2EE application role permissions to the Tivoli SecureWay Policy Director V3.8 security model that provides for centralized security management of enterprise resources.

Note: The beta component is licensed under the International License Agreement for Early Release of Programs. Tivoli Support and PA Software Maintenance are not provided for the beta component.

Support for Siebel Customer Relationship Management (CRM) 2000

Tivoli SecureWay Policy Director V3.8 adds support for the Siebel CRM 2000 solution on Tivoli SecureWay Policy Director V3.8 supported server platforms. The support enables you to leverage Tivoli SecureWay Policy Director V3.8 for:

  • Web Single Sign-On to the Siebel 2000 environment using Tivoli SecureWay Policy Director V3.8's WebSEAL
  • Common policy management by mapping Tivoli SecureWay Policy Director V3.8's credentials to Siebel application roles

You can download the security module implementation and documentation for Siebel support from the following Tivoli Web site:

Support for mySAP.com Enterprise Resource Planning (ERP)

Tivoli SecureWay Policy Director V3.8 adds support for the mySAP.com e-business platform on Tivoli SecureWay Policy Director V3.8 supported server platforms. The support enables you to leverage Tivoli SecureWay Policy Director V3.8 for:

  • Web Single Sign-On to the mySAP.com environment using Tivoli SecureWay Policy Director V3.8's WebSEAL
  • Common policy management by mapping Tivoli SecureWay Policy Director V3.8's credentials to mySAP.com application roles

You can download the security module implementation and documentation for mySAP.com support from the following Tivoli Web site:

Beta Component (J2EE Support) for BEA WebLogic Server

Tivoli SecureWay Policy Director V3.8 provides a beta component for BEA WebLogic Server on Tivoli SecureWay Policy Director V3.8 supported server platforms. The beta component can enable you to take advantage of the following features:

  • Tivoli SecureWay Policy Director V3.8's access control engine can be used to secure BEA WebLogic Server application server resources, including EJBs (session and entity beans), JSPs, and Servlets
  • The use of Tivoli SecureWay Policy Director V3.8's J2EE deployment tool to map J2EE application role permissions to the Tivoli SecureWay Policy Director V3.8 security model that provides for centralized security management of enterprise resources

Note: The beta component is licensed under the International License Agreement for Early Release of Programs. Tivoli Support and PA Software Maintenance are not provided for the beta component.

Support for BroadVision One-to-One Enterprise

Tivoli SecureWay Policy Director V3.8 adds support for BroadVision One-to-One Enterprise 6.0 on Tivoli SecureWay Policy Director V3.8 supported server platforms. The support enables you to take advantage of the following features:

  • Web Single Sign-On to the BroadVision environment using Tivoli SecureWay Policy Director V3.8's WebSEAL
  • Common policy management and authorization if the application enabled to use Tivoli SecureWay Policy Director V3.8's authorization API (aznAPI)

You can download the documentation for BroadVision One-to-One support from the following Web site:

Support for Vignette Version 5

Tivoli SecureWay Policy Director V3.8 adds support for Vignette 5.0 on Tivoli SecureWay Policy Director V3.8 supported server platforms. The support enables you to take advantage of the following features:

  • Web Single Sign-On to the Vignette 5.0 environment using Tivoli SecureWay Policy Director V3.8's WebSEAL
  • Common policy management and authorization if the application is enabled to use Tivoli SecureWay Policy Director V3.8's implementation of the Java security standard that ships as part of the Tivoli SecureWay Policy Director V3.8's Application Developer Kit (ADK).

You can download the documentation for Vignette 5.0 support from the following Tivoli Web site:

Support for Plumtree Corporate Portal

Tivoli SecureWay Policy Director V3.8 adds support for Plumtree Corporate Portal on Tivoli SecureWay Policy Director V3.8 supported server platforms. The support enables you to take advantage of the following feature:

  • Web Single Sign-On to the Plumtree Corporate Portal from Tivoli SecureWay Policy Director V3.8's WebSEAL

You can download the documentation for Plumtree support from the following Tivoli Web site:.

Usability, Deployability, and Performance Enhancements

SSL-Based Communications Between Management Components

All server-to-server communications in Tivoli SecureWay Policy Director V3.8 use industry standard SSL for security. This helps assure the highest level of security in the product implementation and the deployment flexibility to support complex cross-enterprise business solutions that span Firewalls and Virtual Private Networks.

Cross Domain Web Single Sign-On Enhancements

Tivoli SecureWay Policy Director V3.8 adds new extensions to the Cross Domain Web Single Sign-On. The new enhancements to the Cross Domain Web Single Sign-On facility are made so that if the user chooses to pre-enroll in an eCommunity, the user will not have to visit remote domains via a redirect model. This means that, through pre-enrollment, users will be redirected to every domain that is part of the eCommunity and each domain will place a persistent cookie in the user's browser. If the user moves to a new desktop, an additional enrollment will be required. The contents of the domain cookie will be a hint to Tivoli SecureWay Policy Director's WebSEAL, upon receiving an unauthenticated request, about where to direct this user for login. If the user is already logged-in to the remote site, a redirect containing the users identity will send the user back to the originating WebSEAL and automatically login the user. This solution addresses the bookmark limitations of Cross Domain Web Single Sign-On in the previous release of Tivoli SecureWay Policy Director. The cross domain mapping facility ADK is available as part of the WebSEAL ADK package.

Web Portal Manager for Distributed Management and Delegation

Tivoli SecureWay Policy Director V3.8 introduces a new Web Portal Manager feature which is a management portal for management and administration of security across the enterprise portal. Web Portal Manager provides management and administration of users, groups, roles, permissions, policies, and application access provisioning. Web Portal Manager also includes a rich set of delegated management services that can enable a business to delegate user administration, group and role administration, security administration, and application access provisioning to participants (sub-domains or affiliates) in the business ecosystem such as trading partners, suppliers, distributors, dealers, branch offices, and so on. These sub-domains can further delegate management and administration to trusted sub-domains under their control, thereby supporting multi-level delegation and management hierarchy based on roles.

Extensible Markup Language- (XML)-Based Distributed Audit Sink

A new Distributed Audit Sink facility, based on XML, can enable distributed Tivoli SecureWay Policy Director V3.8 component logs to be centralized and reported upon. The centralized audit collection can enable flexible integration with third-party tools for security audits, decision support, and historical reporting.

Support for Secure Dynamic Entitlements

Enterprises and their value-chain partners within the ecosystem may have a need to securely share common entitlements in a business-to-business relationship or customer data in a business-to-customer relationship. These entitlements may be generic attributes that applications need to share such as customer account information or customer billing data; or security attributes that describe a user's assumable business roles, authorization limits, or business rules that define a trading partner agreement. This new feature provides a convenient mechanism to make these shared entitlements available to the Web applications via HTTP header elements in the request. Tivoli SecureWay Policy Director V3.8 will manage entitlement data in the LDAP directories and make these entitlements securely available for backend e-commerce applications. The customer entitlements (attributes) can be specified by name on a per junction basis and a corresponding HTTP header element can be created for each attribute.

Customizable Dynamic Entitlements Interface

In addition to providing user entitlement information in a http header, there is a new cross domain authentication service interface that, at authentication time, allows additional attributes (tag-value pairs) to be added to the user's credential from an external relational database or customer repository. This extended attribute facility allows one of the standard authenticators (user's social security number) to be used for authentication purposes and then the extended attributes are added prior to the authentication call completing.

Quick Install/Pre-configuration Option

A new pre-configuration quick install option enables you to quickly deploy Tivoli SecureWay Policy Director V3.8 into an end-to-end user or Business Partner environment. The silent mode install can enable enterprises and Application Service Providers to customize and automate Tivoli SecureWay Policy Director V3.8 deployment to suit various deployment modes.

Support for IBM SecureWay Directory

Tivoli SecureWay Policy Director V3.8 provides support for IBM SecureWay Directory V3.2.1 (with DB2® V6.1) as a native user registry.

Support for iPLANET Directory Server

Tivoli SecureWay Policy Director V3.8 provides support for iPLANET Directory Server 5.0 as a native registry. This support can enable enterprises to leverage Tivoli SecureWay Policy Director V3.8 in an iPLANET Directory environment as a native user registry for user and credential management.

Linux Support

Expanded platform coverage is offered with support for the Linux Red Hat platform runtime component.

Beta Component for Microsoft Active Directory

Tivoli SecureWay Policy Director V3.8 provides a beta component for the Microsoft Active Directory platform on Windows 2000.

Support for HTTP and HTTPS Failover Management

Tivoli SecureWay Policy Director V3.8 adds support for browser session-state refresh and failover management for HTTP and HTTPS protocols that helps enable end users to continue to leverage Web Single Sign-On to Web applications under failover conditions when the WebSEAL proxy, with which the user session is originally established, becomes unreachable.

Performance Enhancements

Tivoli SecureWay Policy Director V3.8 can enhance performance for:

  • WebSEAL SSL session throughput
  • WebSEAL authentications
  • LDAP authentications
  • Deployment support

Tivoli SecureWay Policy Director scalability has been tested with over 15 million users with SecureWay Directory V3.2.1.

Support for Secure Mobile Transactions i-Mode

Support for Wireless i-Mode and Wireless Application Protocol (WAP)

Tivoli SecureWay Policy Director V3.8 broadens its support for secure mobile transactions by adding authentication and authorization support for native i-Mode x503I devices. Users can securely engage in mobile transactions (cookieless mode) with i-Mode sites using SSL session management with user authentication capability based on basic authentication. This release does not support any transcoding capability for i-Mode.

With i-Mode support added to our existing WAP support, Tivoli SecureWay Policy Director V3.8 broadens its support for secure mobile transactions. Business units can consistently enforce security policies across the extended enterprise which can enable customers, Business Partners, employees, and distributors to have secure access to their authorized e-business applications via browsers from their private LANs; and Internet and roaming anywhere access via their i-Mode and WAP enabled phones.

Scalable Use Model 

The number of TMPs required for Tivoli SecureWay Policy Director has changed. We are announcing a Scalable Use Model that reduces the number of TMPs required per user as the total number of users increases. Customers who have acquired Tivoli SecureWay Policy Director prior to this announcement should go to the Tivoli Management Point Calculator available at:

to determine the number of points required for their environment. A support ID and password are required for access. If the number of TMPs required has decreased, you are only required to renew the number of TMPs required for your environment. TMPs not renewed will require the Maintenance after License option in Passport Advantage at the then current price to be reactivated as you grow. The maintenance after license option currently is approximately four times the price of renewal. Therefore, if you expect growth in less than four years, renewing all of your points would be more financially attractive in most cases.

Accessibility by People with Disabilities

For software offerings:

The following features support use by people with disabilities:

  • Operation by keyboard alone
  • Optional font enlargement and high-contrast display settings
  • Screen readers and screen magnifiers tested for use by people with visual impairment
  • Speech recognition products tested for use by people with mobility impairment

Euro Currency

This program is not impacted by euro currency.

Product Positioning

Tivoli SecureWay Policy Director V3.8 is a secure application platform for conducting secure e-business. Key attributes include:

  • Flexible cross-domain Web Single Sign-On capability for end-user access across multiple Internet domains
  • A security model that enables enterprises to consistently reuse common definitions of security policies across many applications
  • A flexible security management portal that provides powerful Web-based distributed administration and delegation capabilities
  • An end-to-end extensible security platform that addresses the end-to-end security value proposition:
    • Leverage common security model for Web applications and WebSphere Application Server (Tivoli SecureWay Policy Director)
    • Flexibility to extend the security model for securing MQSeries applications using an add-on product called Tivoli SecureWay Policy Director for MQSeries
    • Flexibility to extend the security model for securing UNIX operating systems using an add-on product called Tivoli SecureWay Security Manager
    • Flexibility to extend the security model for implementing privacy policies in applications using an add-on product called Tivoli SecureWay Privacy Manager

Security Platform Support for WebSphere Solutions and Domino

The strength of Tivoli SecureWay Policy Director V3.8 enables it to provide common security services across the e-business and enterprise integration WebSphere solutions.

Tivoli SecureWay Policy Director V3.8 supports the following WebSphere offerings:

  • WebSphere Application Server
  • WebSphere Business Integrator
  • WebSphere Edge Server
  • WebSphere EveryPlace Suite
  • WebSphere Commerce Suite
  • WebSphere Portal Server

The common security and user model across many WebSphere solutions enables you, when using WebSphere, to deploy solutions based on Tivoli SecureWay Policy Director V3.8 in stages. You can begin to secure one or more e-commerce applications initially, establish early success, and then proceed to extend the Tivoli SecureWay Policy Director V3.8 implementation to secure your MQ applications. As another example, if you purchase WebSphere Business Integrator, you automatically receive a limited use version of IBM SecureWay Policy Director V3.7.1 that ships with WebSphere Business Integrator. WebSphere Business Integrator uses Tivoli SecureWay Policy Director's security to implement role-based access control to its applications. Since Tivoli SecureWay Policy Director is already deployed as part of the WebSphere Business Integrator deployment, you can easily extend Tivoli SecureWay Policy Director security to be used by many applications enterprise-wide by acquiring additional licenses of Tivoli SecureWay Policy Director V3.8.

Tivoli SecureWay Policy Director V3.8 supports Web Single Sign-On for Lotus Domino applications.


Reference Information

Refer to:

  • Software Announcement 200-017 , dated February 15, 2000
  • Software Announcement 201-203 , dated July 10, 2001
  • Software Announcement 201-202 , dated July 10, 2001

Trademarks

 
WebSphere and Everyplace are trademarks of International Business Machines Corporation in the United States or other countries or both.
 
SecureWay, MQSeries, and DB2 are registered trademarks of International Business Machines Corporation in the United States or other countries or both.
 
Microsoft is a trademark of Microsoft Corporation.
 
Windows is a registered trademark of Microsoft Corporation.
 
Java is a trademark of Sun Microsystems, Inc.
 
UNIX is a registered trademark is a registered trademark of the Open Company in the United States and other countries.
 
Tivoli is a registered trademark of International Business Machines Corporation or Tivoli Systems Inc. in the United States or other countries or both.
 
Domino is a trademark of Lotus Development Corporation.
 
Lotus is a registered trademark of Lotus Development Corporation.
 
Other company, product, and service names may be trademarks or service marks of others.

Education Support

Training is available for many Tivoli® products. Education is offered through IBM Education and Training, and through Tivoli Systems. Worldwide information about education offerings is available on the IBM Education and Training home page at:

For current information on Tivoli Systems education, call 512-436-8000, or visit the Tivoli Systems home page at:

Offering Information

Product information will be available on day of announcement through Offering Information (OITOOL) at:

and through the Passport Advantage (PA) Web site at:

Publications

One copy of the following publication is supplied with the basic machine-readable material in English and translated languages:

                                                  Order
Title                                             Number
 
Tivoli SecureWay(R) Policy Director V3.8          GI11-0807
 README First

The following publications can be ordered in hardcopy for a fee after planned availability.

                                        Order
Title                                   Number             Language
 
Tivoli SecureWay Policy                 GC32-0680          English
 Director V3.8 Base
 Administration Guide
Tivoli SecureWay Policy                 GC32-0683          English
 Director V3.8 WebSEAL
 
 Installation Guide
Tivoli SecureWay Policy                 GC32-0684          English
 Director V3.8 WebSEAL
 Administration Guide
Tivoli SecureWay Policy                 GC32-0735          English
 Director V3.8
 Base Installation Guide
Tivoli SecureWay Policy                 GC32-0737          English
 Director V3.8 Web Portal
 Manager for Windows(R)
 Administration Guide
                                        Order
Title                                   Number             Language
 
Tivoli SecureWay Policy                 GC32-0739          English
 Director V3.8
 Plug-in for Edge Server
 Administration Guide

You can register through the IBM Publications Center to create a publications profile of interest to you. You will automatically receive notifications by e-mail containing information on new or revised publications based on your profile. To register or to obtain publications, visit the IBM Publications Center Web site at:

The Publications Center is a worldwide central repository for IBM product publications and marketing materials with a catalog of 70,000 items. Extensive search facilities are provided, as well as payment options via credit card. Furthermore, a large number of publications are available online in various file formats, which can currently be downloaded free of charge.

The publications listed below will be available in softcopy from the following Web site after planned availability:

                                        Order
Title                                   Number            Language
 
Tivoli SecureWay Policy                 GI11-0863         English
 Director V3.8
 Release Notes
Tivoli SecureWay Policy                 GI11-0807         English
 Director V3.8                                             and
 README First                                              Translated
                                                           Languages
Tivoli SecureWay Policy                 GC32-0735         English
 Director V3.8 Base
 Installation Guide
Tivoli SecureWay Policy                 GC32-0683         English
 Director V3.8 WebSEAL
 Installation Guide
Tivoli SecureWay Policy                 GC32-0680         English
 Director V3.8 Base
 Administration Guide
Tivoli SecureWay Policy                 GC32-0684         English
 Director V3.8 WebSEAL
 Administration Guide
Tivoli SecureWay Policy                 GC32-0737         English
 Director V3.8 Web
 Portal Manager for Windows
 Administration Guide
Tivoli SecureWay Policy                 GC32-0739         English
 Director V3.8 Plug-in
 for Edge Server
 Administration Guide

Technical Information

Specified Operating Environment

Hardware Requirements

  • RS/6000®
  • Intel x86 or Pentium®
  • Sun SPARC
  • HP 9000 Servers
  • Disk space: 50 MB
  • Memory: 64 MB

Software Requirements

Tivoli SecureWay Policy Director V3.8 will support the following operating systems:

  • AIX® 4.3.3, or later
  • Sun Solaris 2.7 or 2.8
  • HP-UX 11.0
  • Windows NT® 4.0 with Service Pack 6a
  • Windows 2000 Server and Advanced
  • Red Hat Linux 7.1 — Tivoli SecureWay Policy Director Runtime and Authentication Application Developer Kit

Tivoli SecureWay Policy Director V3.8 provides support for:

  • Web Portal Manager (available on Windows NT and Windows 2000)

Limitations: HP-UX will not support the IBM LDAP server function. HP-UX does not provide native language support for all languages. There will not be a Policy Director for Web Traffic Express (WTE) plug-in support on HP-UX.

Planning Information

Packaging: Tivoli SecureWay Policy Director V3.8 is distributed with:

  • International Program License Agreement (IPLA) (Z125-3301)
  • License Information document (LC23-4474)
  • CD-ROMs
  • Publications (see Publications Section)

Security, Auditability, and Control

Policy Director V3.8 uses the security and auditability features of the operating system software. The customer is responsible for evaluation, selection, and implementation of security features, administrative procedures, and appropriate controls in application systems and communication facilities.

Ordering Information

Current Licensees

Current licensees of Tivoli SecureWay Policy Director, with support in effect, will receive instructions on how to order this update.

New Licensees

Orders for new licenses will be accepted now.

Shipment will begin on the planned availability date.

Ordering Information for 5698-PDD

Ordering information for 5698-PDD will continue for a limited time to allow migration to the PA offering.

For ordering information on the base program number, 5698-PDD, refer to Software Announcement 200-017 , dated February 15, 2000.

Also, specify the desired distribution medium from the Basic Machine-Readable Material table below.

Basic Machine-Readable Material

                                   Feature        Distribution
Language                           Number         Medium
 
English                            5809           CD-ROM
French                             5819           CD-ROM
Brazilian Portuguese               5839           CD-ROM
Spanish                            5859           CD-ROM

Ordering Information for PA

To order a media pack for PA, specify the applicable part number in the desired quantity from the following table:

                                                       Part
Description                                            Number
 
Tivoli SecureWay Policy Director V3.8                  BJ00BML
 Media Pack -- Multi-lingual

The quantity of the PA part numbers in the following table is based on the number of required Tivoli Management Points. To order for PA, specify the desired part number and quantity.

                                                       Part
Description                                            Number
 
Tivoli SecureWay Policy Director License               D57V4LL
 and Software Maintenance 1st Anniversary
Tivoli SecureWay Policy Director License               D57V5LL
 and Software Maintenance 2nd Anniversary
Tivoli SecureWay Policy Director Software              E17W1LL
 Maintenance Renewal to Anniversary Date
Tivoli SecureWay Policy Director Software              D57WTLL
 Maintenance after License to Anniversary
 Date

Withdrawal of PA Part Numbers

The following PA part number is withdrawn effective immediately:

                                                       Part
Description                                            Number
 
Tivoli SecureWay Policy Director 3.7 Media             BJ6R5ML
 Pack

End of Support

Based on the Tivoli end of support policy, Tivoli support for V3.7 of Tivoli SecureWay Policy Director will be discontinued 12 months after the planned availability of Release 8.

Terms and Conditions

For a limited time, during the migration period to PA, customers may acquire eligible programs and Tivoli Support under agreements outside of PA.

Terms and conditions for Tivoli Value-Based Pricing and IBM PA Advantage are as follows:

Agreement: For orders under 5698-PDD: IBM IPLA, IBM International Agreement for Acquisition of Programs and Support (IIAAPS) and the IBM Attachment for Support, IBM Agreement for Acquisition of Support (IAAS), IBM Addendum for Support for Tivoli Systems Products under Value-Based Pricing, and an Order Form.

For orders under PA: IBM IPLA, IBM International Passport Advantage Agreement (PAA), and an IBM International Passport Advantage Agreement Enrollment Form

Transferable: Yes, except for programs acquired at a discount or allowance

Limited Warranty Applies: Yes

Guarantee: Two months

Usage Restriction: Yes. Usage is limited to the quantity of Tivoli Management Points acquired for a one-time charge.

Volume Offering (IVO): No

Upgrade Protection Applies: Covered as long as Tivoli Support or PA Software Maintenance is in effect

Educational Allowance Available: Yes, to qualified education institution customers

Percentage: 15%

Licensed Program Materials Availability

  • Restricted Materials of IBM: None
  • Non-Restricted Source Materials: None
  • Object Code Only (OCO): All

Maintenance Applies:

  • Software Maintenance under PA: Yes
  • Support for Tivoli products: Yes

Complementary Introductory Support: Not available

Tivoli Support and PA Software Maintenance:

Support Center applies:       Yes
 
                              Access is available through
                               the IBM Support Center,
                               800-237-5511
 
 
Availability of Tivoli        -- The first year of Tivoli
 Support:                      Support is available at no
                               additional charge.  The first
                               year starts when the product
                               is shipped to the customer.
                              -- Subsequent years of Tivoli
                               Support are available for a fee
                               as part of the IAAS, IIAAPS,
                               or any equivalent agreement.
 
Availability of PA            -- PA Software
 Software Maintenance:         Maintenance is provided
                               at no additional charge for
                               each eligible program acquired
                               during the initial term.
                              -- PA Software
                               Maintenance is provided at
                               an additional charge for all
                               eligible programs in the
                               second and subsequent terms.
 
Tivoli Support and PA         -- Twelve months after
 Software Maintenance          announcement of product
 are available until:          discontinuance (that is,
                               end-of-life (EOL)).
 
Tivoli Support and PA         -- The current release.
 Software Maintenance         -- The immediate previous
 are applicable to:            release for twelve months
                               after the general availability
                               of the current release.
 
APAR Mailing Address:         Tivoli Systems Inc.
                              11400 Burnet Road
                              Austin, TX  78758
                              USA
                              Attention: Product Development

IBM Operational Support Services — Support Line: No

Product Web Site: A complete list of products, terminology definitions, and licensing documents are available at the following Web site:

Prices

Prices are unaffected by this announcement.

Customer Financing: IBM Global Financing offers attractive financing to credit-qualified commercial and government customers and Business Partners in more than 40 countries around the world. IBM Global Financing is provided by the IBM Credit Corporation in the United States. Offerings, rates, terms, and availability may vary by country. Contact your local IBM Global Financing organization. Country organizations are listed on the Web at:

PA

For PA and prices, contact your IBM representative or your authorized IBM Business Partner. For additional information about the PA offering, visit the following Web site:

Order Now

 Use Priority/Reference Code: YE001
 
 Phone:     800-IBM-CALL
 Fax:       800-2IBM-FAX
 Internet:  ibm_direct@vnet.ibm.com
 Mail:      IBM Atlanta Sales Center
            Dept. YE001
            P.O. Box 2690
            Atlanta, GA  30301-2690

You can also contact your local IBM Business Partner or IBM representative. To identify them, call 800-IBM-4YOU.

Note: Shipments will begin after the planned availability date.

Trademarks

 
SecureWay, RS/6000, and AIX are registered trademarks of International Business Machines Corporation in the United States or other countries or both.
 
Pentium is a registered trademark of Intel Corporation.
 
Windows and Windows NT are registered trademarks of Microsoft Corporation.
 
Tivoli is a registered trademark of International Business Machines Corporation or Tivoli Systems Inc. in the United States or other countries or both.
 
Notes is a trademark of Lotus Development Corporation.
 
Other company, product, and service names may be trademarks or service marks of others.