IBM United States
Software Announcement 203-146
June 3, 2003
Procurement of Security for IBM WebSphere MQ Simplified
At a Glance
Advanced security services extend the base security features available in WebSphere MQ with:
Advanced security services are essential for high-value message transactions where you need:
These advanced security services are compatible with:
For ordering, contact:
Your IBM representative or the Americas Call Centers at 800-IBM-CALL (Reference: LE001).
Security is increasingly critical to the way we do business. The WebSphere® MQ family can address your advanced security needs.
In response to your feedback, WebSphere MQ Extended Security Edition V5.3 can make securing your business end-to-end, even simpler.
Available immediately, this new offering consolidates the current releases of two existing products into a single, value-add package:
WebSphere MQ V5.3 and Tivoli® Access Manager for Business Integration (TAMBI) V4.1 are combined to become WebSphere MQ Extended Security Edition V5.3
Many WebSphere MQ customers are already familiar with the ability of TAMBI to upgrade the base security function of WebSphere MQ. It adds end-to-end, application-level data protection and enterprise-wide, remote management of security policies. Quickly deploy these advanced features to secure many of your current production environments without changing or modifying your existing WebSphere MQ applications.
To make procurement efforts even easier, these two products have been consolidated under a single ordering number and pricing model.
WebSphere MQ Extended Security Edition is offered under a per-processor license model just as WebSphere MQ is today.
Business integration across many applications is a common element of successful e-business implementation. Other WebSphere MQ family members, such as WebSphere Business Integration Message Broker and WebSphere MQ Workflow, give you the tools to add value to the basic message queuing paradigm. WebSphere MQ Extended Security Edition supports the other WebSphere MQ family members.
Hardware capable of running the appropriate operating system.
Advanced security functions included in WebSphere MQ Extended Security Edition V5.3 are available only on AIX® V4.3.3 and V5.1, Solaris 7 and 8, Microsoft Windows NT® 4.0, and Microsoft Windows® 2000.
WebSphere MQ Family
Speed to market and quality of service are critical for success. You need to be agile to survive.
The WebSphere MQ family offers a versatile platform for e-business with these success factors in
The WebSphere platform for e-business includes business integration products and solutions that can help integrate just two applications, a single department, or the entire enterprise. The reach can encompass business channels, trading partners, and Web customers. And the scope includes information connectivity and integration products, which can be combined selectively or built up, one upon the other, for more powerful and efficient integration.
WebSphere MQ, the core of the MQ family, integrates over 35 platforms. Providing the base messaging functions for servers and clients, and assuring once-only message delivery, it can be used alone or with other members of the family.
WebSphere MQ Extended Security Edition adds TAMBI to WebSphere MQ for advanced security functions like application-level data protection.
WebSphere MQ Everyplace brings the benefits of assured message delivery and rock-solid security to the failure-prone mobile environment.
WebSphere Business Integration Message Broker and WebSphere Business Integration Event Broker (formerly WebSphere MQ Integrator® Broker and WebSphere MQ Event Broker) are powerful information brokers that include a one-to-many connectivity model plus transformation, intelligent routing, and information flow modelling across multiple, disparate business systems. They support publications and subscriptions, including mobile clients and remote telemetry devices.
WebSphere MQ Extended Security Edition
WebSphere MQ is the backbone of IBM messaging and Java Message Service (JMS) support. Large and small businesses worldwide rely on it to process their critical line-of-business transactions, involving everything from monetary transfers to HR record processing to inventory management. To address environments where application-level data protection is a critical need, IBM offers WebSphere MQ Extended Security Edition. It includes 100% of the function offered in WebSphere MQ V5.3 plus the extended security services of TAMBI.
With WebSphere MQ Extended Security Edition, you gain the flexibility to add application-level data protection and remote security policy administration to the broad set of security services previously available in WebSphere MQ. The application-level data protection services in WebSphere MQ Extended Security Edition add another dimension to the link-level data protection services available in WebSphere MQ. For example, application-level data protection captures message data and secures it before the message is placed onto a queue.
For even greater flexibility, messages can be individually digitally signed or signed and encrypted based on the policy you set. If you want, you can define your security policy so that only a subset of the messages passing over a single channel are secured. Further, when using the application-level data protection, each message is signed with a unique private key associated with the sending application. Message origination can be traced to the originating application instead of only to the originating channel. Individual messages are encrypted under unique keys, helping to remove the threat of compromising the encryption key through repetitive use.
WebSphere MQ Extended Security Edition can save you development expense and time. It helps remove the need for you to reengineer and modify your applications to secure message data from within each application. Reengineering existing production applications is a very expensive process, the costs of which only begin with the application recoding expenses.
Licensing cryptography routines, training your staff, designing and implementing a real-time key exchange process, and your ongoing maintenance cost of custom security code make this approach to solving your security problems impractical. With WebSphere MQ Extended Security Edition, you can see an immediate return on investment upon deploying it.
For processing sensitive data like financial transactions, HR records, medical records, or any other type of personally identifiable information (PII), application-level data protection yields a true end-to-end security model.
WebSphere MQ Extended Security also enables remote administration of security policies on queue managers and on individual queues. These include:
Remote administration is performed via a Web-based utility with an easy-to-use GUI for setting, viewing, and updating security policies. A delegation capability allows IT organizations to maintain control over the enterprise security infrastructure for WebSphere MQ Extended Security Edition and still grant a specific department or line-of-business the ability to manage its subset of resources. Administration can also be done via scripting using a command line interface.
An enterprise-wide view of these security policies, with the ability for authorized administrators to remotely update them, can greatly improve efficiencies and reduce administrative costs.
In this release of WebSphere MQ Extended Security Edition, the advanced security services are provided on a subset of the operating systems on which WebSphere MQ is available. This subset includes AIX V4.3.3 and V5.1, Sun Solaris 7 and 8, Windows NT 4.0, and Microsoft Windows 2000.
Refer to Software Announcement 202-253 , dated October 8, 2002, for additional details on TAMBI, which provides the advanced security services in WebSphere MQ Extended Security Edition.
Refer to Software Announcement
, dated April 9, 2002, for more details on the base-level security functions available in
Section 508 of the U.S. Rehabilitation Act
WebSphere MQ Extended Security Edition is a new offering that consolidates the current releases of two existing products into a single, value-add package.
Statement of General Direction
IBM currently intends to extend the platform coverage of WebSphere MQ Extended Security Edition to support more of the platforms currently supported by WebSphere MQ V5.3.
The first such platform enhancement is planned to address support for both S/390® and IBM zSeries® servers. The current target for availability of this enhancement is before year-end 2003.
WebSphere® MQ Extended Security Edition V5.3
Part Description Number WebSphere MQ Sec Edition Media Pack BA0AXML Multilingual WebSphere MQ Sec Edition per processor D52D0LL LIC/SW MAINT 12 MO WebSphere MQ Sec Edition per processor E00R5LL ANNUAL SW MAINT RNWL WebSphere MQ Sec Edition per processor D52D1LL LIC/SW MAINT REINST 12 MO
Orders for new licenses can be placed now. Shipment will not occur before availability date.
Terms and Conditions
This product is available only via Passport Advantage. It is not available as shrinkwrap.
Licensing: IBM International Program License Agreement. Proofs of Entitlement are required for all authorized use. Part number products only, offered outside of Passport Advantage, where applicable, are license only and do not include Software Maintenance.
Money-Back Guarantee: If for any reason you are dissatisfied with the program, return it within 30 days from the invoice date, to the party (either IBM or its reseller) from whom you acquired it, for a refund. This applies only to your first acquisition of the program.
Software Maintenance, previously referred to as Subscription and Technical Support, is now included in the Passport Advantage Agreement. Installation and technical support for the product announced in this letter is provided by the Software Maintenance offering of the IBM International Passport Advantage Agreement. This fee service enhances customer productivity by providing voice and/or electronic access into the IBM support organizations.
IBM includes Software Maintenance with each program acquired for a 12-month coverage period.
While your Software Maintenance is in effect, IBM provides you assistance for your routine, short duration installation and usage (how-to) questions and code-related questions. IBM provides assistance via telephone and, if available, electronic access, only to your IS technical support personnel during the normal business hours (published prime shift hours) of your IBM support center. This assistance is not available to your end users. IBM provides Severity 1 assistance 24 hours a day, every day of the year. For additional details, visit:
Software Maintenance does not include assistance for:
IBM Global Financing offers competitive financing to credit-qualified customers to assist them in acquiring IT solutions. Offerings include financing for IT acquisition, including hardware, software, and services, both from IBM and other manufacturers or vendors. Offerings (for all customer segments: small, medium, and large enterprise), rates, terms, and availability can vary by country. Contact your local IBM Global Financing organization or visit:
Use the "Select a Country" menu, to find a contact in your location, or country.
To order, contact the Americas Call Centers or your local IBM representative.
To identify your local IBM representative, call 800-IBM-4YOU (426-4968).
Phone: 800-IBM-CALL (426-2255) Fax: 800-2IBM-FAX (242-6329) Internet: email@example.com Mail: The Americas Call Centers Dept. LE001 P.O. Box 2690 Atlanta, GA 30301-2690 Reference: LE001
The Americas Call Centers, our national direct marketing organization, can add your name to the mailing list for catalogs of IBM products.
Note: Shipments will begin after the planned availability date.