Feedback

IBM Tivoli Access Manager for e-business V6.1 delivers application security controls, performance enhancements, and enhanced support within a Microsoft .NET environment

IBM United States Software Announcement 208-077
April 8, 2008

 

 ENUS208077.PDF (78KB)

 

Table of contents  Document options  
TOC link At a glance TOC link Publications
TOC link Overview TOC link Technical information
TOC link Key prerequisites TOC link Ordering information
TOC link Planned availability dates TOC link Terms and conditions
TOC link Description TOC link IBM Electronic Services
TOC link Product positioning TOC link Prices
TOC link Education support TOC link Order now
TOC link Offering Information  
 
Printable version Printable version

(Corrected on June 12, 2008)

A Note was added to Tivoli Access Manager for e-business - Unlimited User Option in the Pricing Model Examples section.
 

At a glance

IBM Tivoli Access Manager for e-business V6.1:

  • Seamlessly integrates into a Microsoft .NET infrastructure by:
    • Enhancing SPNEGO protocol junction support in WebSEAL to the back end .NET applications. (Tivoli Federated Identity Manager offers the ability to generate and issue the requisite kerberos tickets.)
    • Enhancing Active Directory support and providing Active Directory Application Mode Support as an user registry
  • Provides browser-based antifraud support with option to add an HTTP-only cookie attribute to WebSEAL and extending Tivoli Access Manager certificates to use Online Certificate Status Protocol (OCSP)
  • Offers an improved operational experience by:
    • Extending performance to support non-standard, IP load balancers
    • Providing configurable administrative domains that support multiple instances of WebSEAL
    • Delivering improved session management services
    • Including a newly bundled Tivoli Common Reporting to provide built-in report capabilities for Tivoli Access Manager

For ordering, contact:

Your IBM representative or IBM Americas Call Centers at 800-IBM-CALL (Reference: YE001).
 
Back topBack to top
 

Overview

IBM Tivoli® Access Manager for e-business V6.1, an authentication and authorization hub for Web applications, not only centralizes security management, but it can make it easy and more cost effective to deploy secure applications. Tivoli Access Manager for e-business extends the ability to secure a heterogeneous application infrastructure while adding performance, scalability, and integration improvements.

Key features:

  • Enhanced Microsoft® .NET infrastructure support providing single sign-on between Windows® desktops and back-end applications using Kerberos ticket
  • Addresses performance and scalability by supporting non-standard IP load balancers and configurable administrative domains that support multiple WebSEAL (Tivoli Access Manager for e-business' reverse proxy) instances
  • New integration with browser-based antifraud support is offered by the addition of an HTTP-only cookie attribute to WebSEAL and extending Tivoli Access Manager certificate support to use Online Certificate Status Protocol (OCSP)
  • Improvements in session management services and additional integration with IBM software

If you are seeking either a standardized federation solution supporting SAML, Liberty, WS-Federation, or a Web services security management capability, you can upgrade from Tivoli Access Manager for e-business to Tivoli Federated Identity Manager.
 
Back topBack to top
 

Key prerequisites

For details, refer to the Software requirements section.
 
Back topBack to top
 

Planned availability dates
  • April 18, 2008 for electronic availability
  • May 2, 2008 for media availability

 
Back topBack to top
 
Description

IBM Tivoli Access Manager for e-business V6.1 is a versatile application security solution that provides flexible authentication and a centralized authorization for Web access management. Primarily focused on Web applications, Tivoli Access Manager for e-business implementations vary from simple Web single sign-on (SSO) to more highly scalable application security infrastructure deployments.

Tivoli Access Manager for e-business can help you manage compliance, growth, and complexity of new application deployments while helping control escalating management costs of securing large number of Web applications across the enterprise. Furthermore, Tivoli Access Manager for e-business helps you address the difficulties of implementing consistent security policies across a wide range of Web and application resources. It works by centrally managing access control policy for numerous enforcement points that can be placed as a proxy in front of Web applications, or through authorization and authentication plug-ins directly into a Web or application-server environment. For authorized users, Tivoli Access Manager for e-business integrates with Web applications and servers to deliver a secured and unified business experience. It helps you secure access to business-critical applications and data spread across the extended enterprise, allowing highly available, scalable transactions with business partners, customers, suppliers, and employees.

Tivoli Access Manager for e-business helps you:

  • Define and manage a centralized authentication, access control policy for a broad range of business initiatives such as employee, customer, and business partner portal, CRM and ERP systems upgrades, new ECM and business intelligence platforms deployments, e-procurement, cross-company SSO and outsourcing projects.
  • Enable flexible SSO to heterogeneous Web-based applications that can span multiple sites or domains. By integrating with other SSO providers (such as Kerberos support from a Microsoft domain logon and client/server SSO solution), Tivoli Access Manager for e-business provides a unified authentication for the users across all system interactions.
  • Provide a base for the federation of user identities. For standardized cross-domain authentication (federation), Tivoli Access Manager for e-business customers can upgrade to Tivoli Federated Identity Manager — a modular access control solution for cross-domain SSO.
  • Strengthen your Web application security with browser-based antifraud support and minimize the threat of common vulnerabilities affecting Web application deployments in production use.
  • Maximize your existing hardware and operating system investments

For details on how it provides these capabilities, refer to the key enhancements below or refer to the IBM Tivoli Access Manager for e-business V6.0 Software Announcement 205-312 , dated November 29, 2005.

IBM Tivoli Access Manager for e-business V6.1 key enhancements

Improved operational experience

To strengthen performance and scalability, Tivoli Access Manager for e-business V6.1 supports non-standard, secure IP load balancers. It also has configurable administrative domains that are able to support multiple, distinct instances of WebSEAL — Tivoli Access Manager's reverse proxy component — on a single directory and LDAP server.

Additional enhancements to Tivoli Access Manager's session management services deliver the ability to limit the number of sessions created on a per realm basis so new logins will be blocked once the maximum number has been reached. The new dynamic configuration feature helps eliminate session management server restarts. And high availability is now built in by allowing multiple session management server instances via WebSphere® Application Server ND. Finally, replication of the session cache has been enabled across the WebSphere Application Server cluster. With the newly bundled Tivoli Common Reporting, administrators are able to generate consistent product reports with other Tivoli products and can also replace the need to acquire third party business intelligence reporting license for the product-level, built-in reports. Administrators can continue to use the Tivoli Access Manager's built in common auditing and reporting service (CARS) components to capture and store audit data to mine and generate custom product reports.

Antifraud support

A common security problem plaguing many Web servers today is known as cross-site scripting. This server-side vulnerability allows code injection by malicious users into the Web pages viewed by other users. As a result, sensitive information about the users of the site can be exposed. Both Microsoft Internet Explorer 6 SP1 and Firefox 2.0 have new cookie attributes preventing them from being accessed by client-side scripts — known as an HTTP-only cookie. Information in the HTTP-only cookie is less likely to be disclosed. Tivoli Access Manager's WebSEAL component has been enhanced to optionally add the HTTP-only attribute to the set-cookie headers it uses for sessions and failover.

Microsoft .NET infrastructure support

To accommodate seamless SSO between Windows desktops and back-end applications, Tivoli Access Manager has added SPNEGO protocol support to the WebSEAL component to pass Kerberos-based tokens directly over to .NET applications, such as Microsoft Sharepoint and Exchange servers. And additional support for both Microsoft Active Directory and Active Directory Application Mode is also available. Tivoli Access Manager honors password changes for Active Directory — multiplatform support. User passwords can now be directly changed with LDAP APIs rather than the Access Manager Policy server. UserPrincipalName (UPN) support for Active Directory is also available. This enables the use of Active Directory's alternate users UPN e-mail address for authentication and SSO. Finally, Tivoli Access Manager now supports Active Directory Access Mode as a user registry.

Enhanced IBM and non-IBM software integration

Tivoli Access Manager for e-business V6.1 delivers integration with other IBM software products.

  • Tivoli Access Manager for e-business reports enhanced with Business Intelligence and Reporting Tools (BIRT)
  • Tivoli Access Manager for e-business enhanced with IBM Tivoli Monitoring V2.7
  • IBM Tivoli Security Operations Manager and IBM Tivoli Compliance Insight Manager integration with Tivoli Access Manager for e-business for a closed-loop access control and application security solution
  • Tivoli Access Manager for e-business V6.1 includes support to updated third-party software integration. IBM works with the leading application providers through its "Ready for Tivoli" program to build and support out-of-box integrations. You can secure customer, suppliers, employee, and Business Partner connectivity across:
    • Web servers
      • J2EE-based application servers, such as IBM WebSphere Application Server, BEA WebLogic Server, and Oracle Application Server
      • XML firewalls and gateways
    • Leading Web applications including:
      • Cognos
      • FileNet P8 platform
      • Lotus® Domino®
      • Lotus iNotes™
      • Lotus QuickPlace®
      • Lotus Sametime®
      • Microsoft Exchange
      • Microsoft Sharepoint Portal
      • Microsoft Sharepoint Services
      • Oracle Database
      • Oracle eBusiness
      • PeopleSoft PeopleTools
      • SAP AS ABAP
      • SAP AS Java™
      • SAP ERP
      • SAP Internet Transaction Server (ITS)
      • SAP Netweaver Portal
      • SAP R/3
      • Siebel

    Plus others — the list grows via IBM integrations and the Ready for Tivoli program.

    Tivoli Access Manager for e-business also accommodates a broad range of possible user-authentication mechanism including user IDs and passwords, client-side certificates, risk-based authentication with soft certificates, all-in-one token (one-time password, USB smartcards, with secure storage), soft certificate and soft one-time password, biometric, mobile and wireless identities, PKI-USB token, OTP only as well as even integration with smart card for physical and network access.

Accessibility by people with disabilities

A U.S. Section 508 Voluntary Product Accessibility Template (VPAT) containing details on accessibility compliance can be requested at

Section 508 of the U.S. Rehabilitation Act

Tivoli Access Manager for e-business is capable as of May 2, 2008, when used in accordance with IBM's associated documentation, of satisfying the applicable requirements of Section 508 of the Rehabilitation Act, provided that any assistive technology used with the product properly interoperates with it. A U.S. Section 508 Voluntary Product Accessibility Template (VPAT) can be requested on the following Web site
 
Back topBack to top
 
Product positioning

IBM Tivoli Access Manager for e-business V6.1 is an essential application security solution providing authentication and authorization service to address real-time application security needs and offering Web SSO and static entitlement management for Web application resources.

In the IBM Tivoli security portfolio, Tivoli Access Manager for e-business fulfills the role of user-access control and run-time enforcement — the central point of authentication of the user, and enforcement of resource access control policy. This can be contrasted with Tivoli Identity Manager, which focuses on user provisioning through the management of user identities and passwords in a closed-loop, workflow-based solution.

Tivoli Access Manager for e-business primarily focuses on solving the problem of managing user access control to heterogeneous Web applications across the enterprise. While Web solutions such as application servers, content managers, and ERP systems have their own disparate security systems, larger Web implementations can externalize these security operations to Tivoli Access Manager for e-business to provide a common single view of user access, deploy stronger authentication (including step-up/2-factor), and implement a single infrastructure for control of user sessions and logins across all enterprises applications.

Also, as your SSO needs extend beyond the enterprise to a third party or separate domain within the enterprise (newly acquired division or different line of business), then Tivoli Federated Identity Manager adds federated SSO and Web Services Security standards such as SAML, Liberty, WS-Federation, and WS-Trust support to user access control and run-time enforcement. Tivoli Federated Identity Manager is an access control solution with a run-time enforcement. Although it has "identity" in the product name, it is not another identity management system. Tivoli offers only one identity management system and that is IBM Tivoli Identity Manager.

Tivoli Access Manager for e-business interoperates with a wide variety of IBM and non-IBM products and platforms to reduce duplication, to maximize integration, and to establish automation for Web access management.

Trademarks

 
iNotes is a trademark of International Business Machines Corporation in the United States or other countries or both.
 
Tivoli, Requisite, WebSphere, Cross-Site, Domino, Lotus, QuickPlace, and Sametime are registered trademarks of International Business Machines Corporation in the United States or other countries or both.
 
Microsoft and Windows are registered trademarks of Microsoft Corporation.
 
Java is a trademark of Sun Microsystems, Inc.
 
Other company, product, and service names may be trademarks or service marks of others.

 
Back topBack to top
 
Education support

Comprehensive education for IBM Tivoli® products is offered through Worldwide Tivoli Education Delivery Services. A wide range of training options are available, including classes led by instructors, learning on demand, on-site training, and blended learning solutions.

For additional information, visit


 
Back topBack to top
 
Offering Information

Product information is available via the Offering Information Web site

Also, visit the Passport Advantage® Web site


 
Back topBack to top
 
Publications

Displayable softcopy publications: The IBM Tivoli Access Manager for e-business V6.1 Quick Start Guide, (English) publication will be delivered on a separate publications CD-ROM with the basic machine-readable material. It can also be downloaded from

The following English publications may be downloaded at general availability from the following Web site

English publications:

  • IBM Tivoli Access Manager for e-business Quick Start Guide (GI11-8174-00)
  • IBM Tivoli Access Manager for e-business Release Notes (GC23-6501-00)
  • IBM Tivoli Access Manager for e-business Upgrade Guide (SC23-6503-00)
  • IBM Tivoli Access Manager for e-business Shared Session Management Administration Guide (SC23-6509-00)
  • IBM Tivoli Access Manager for e-business Performance Tuning Guide (SC23-6518-00)
  • IBM Tivoli Access Manager for e-business Authorization Java™ Classes Developer Reference (SC23-6516-00)
  • IBM Tivoli Access Manager for e-business Authorization C API Developer Reference (SC23-6515-00)
  • IBM Tivoli Access Manager for e-business Administration Java Classes Developer Reference (SC23-6514-00)
  • IBM Tivoli Access Manager for e-business Administration C API Developer Reference (SC23-6513-00)
  • IBM Tivoli Access Manager for e-business Plug-in for Web Servers Administration Guide (SC23-6507-00)
  • IBM Global Security Kit Secure Sockets Layer Introduction and iKeyman User Guide (SC23-6510-00)
  • IBM Tivoli Access Manager for e-business for Edge Server Administration Guide (SC23-6506-00)
  • IBM Tivoli Access Manager for e-business Auditing Guide (SC23-6511-00)
  • IBM Tivoli Access Manager for e-business Error Message Reference (GI11-8157-00)
  • IBM Tivoli Access Manager for e-business Web Security Developer Reference (SC23-6517-00)
  • IBM Tivoli Access Manager for e-business Problem Determination Guide (GI11-8156-00)
  • IBM Tivoli Access Manager for e-business WebSEAL Administration Guide (SC23-6505-00)
  • IBM Tivoli Access Manager for e-business Command Reference (SC23-6512-00)
  • IBM Tivoli Access Manager for e-business Administration Guide (SC23-6504-00)
  • IBM Tivoli Access Manager for e-business Installation Guide (GC23-6502-00)

National language publications: The following national language publications may be downloaded 60 days after general availability from the following Web site

The IBM Publications Center

The Publications Center is a worldwide central repository for IBM product publications and marketing material with a catalog of 70,000 items. Extensive search facilities are provided. Payment options for orders are via credit card (in the U.S.) or customer number for 20 countries. A large number of publications are available online in various file formats, and they can all be downloaded by all countries, free of charge.
 
Back topBack to top
 

Technical information

Specified operating environment

Hardware requirements

Minimum and recommended processor, disk space, and memory requirements for IBM Tivoli Access Manager for e-business V6.1:

Description                          Minimum     Recommended
 
Processor                            400 MHz     1 GHz
Disk Space excluding WebSphere(R),
 Web server, or Web browser          101 MB      226 MB
Memory excluding WebSphere,
 Web server, or Web browser          224 MB      576 MB

Software requirements

IBM Tivoli Access Manager for e-business V6.1 base components — Access Manager Runtime, Java Runtime, Authorization Server, Policy Proxy Server, Policy Server, Web Portal Manager, and Application Development Kit run on the following operating systems:

  • IBM AIX® V5.2 or V5.3
  • Sun Solaris 9 or 10 on SPARC
  • Sun Solaris 10 on AMD64
  • Hewlett-Packard HP-UX 11iv2 or 11iv3 on PA-RISC or Itanium
  • Microsoft® Windows® 2003 Server Standard Edition on x86, AMD64, or EM64T
  • Microsoft Windows 2003 Server Enterprise Edition on x86, AMD64, or EM64T
  • Red Hat Enterprise Linux™ 4.0 or 5.0 on x86, AMD64 or EM64T on System x™, System i™, System p™, or System z™
  • SUSE LINUX Enterprise Server 9 or 10 on x86, AMD64 or EM64T on System x, System i, System p, or System z

Access Manager Web Portal Manager

  • IBM AIX V5.2 or V5.3
  • Sun Solaris 9 or 10 on SPARC
  • Sun Solaris 10 on AMD64
  • Hewlett-Packard HP-UX 11iv2 or 11iv3 on PA-RISC and Itanium
  • Microsoft Windows 2003 Server Standard Edition on x86, AMD64, or EM64T
  • Microsoft Windows 2003 Server Enterprise Edition on x86, AMD64, or EM64T
  • Red Hat Enterprise Linux Server 4.0 or 5.0 on x86, AMD64, or EM64T on System x, System i, System p, or System z
  • SUSE LINUX Enterprise Server 9 or 10 on x86, AMD64 or EM64t on System x, System i, System p or System z

Access Manager reverse proxy (WebSEAL)

  • IBM AIX V5.2, or V5.3
  • Sun Solaris 9 or 10 on SPARC
  • Sun Solaris 10 on AMD64
  • Hewlett-Packard HP-UX 11iv2 or 11i3 on PA-RISC and Itanium
  • Microsoft Windows 2003 Server Standard Edition on x86
  • Microsoft Windows 2003 Server Enterprise Edition on x86
  • Red Hat Enterprise Linux 4.0 or 5.0 on x86 on System x or System z
  • SUSE LINUX Enterprise Server 9 or 10 on x86 on System x or System z

Access Manager Plug-in for Web servers

  • Apache Web Server 2.0
    • IBM AIX V5.2 or V5.3
    • Sun Solaris 9 or 10 on SPARC
    • Red Hat Enterprise Linux Server 4.0 on System z
    • SUSE LINUX Enterprise Server 9 or 10 on System z
  • IBM HTTP Server V1.3
    • IBM AIX V5.1 or V5.2
    • Sun Solaris 9 or 10 on SPARC
    • Red Hat Enterprise Linux Server 4.0 or 5.0 on x86 on System x or System z
    • SUSE LINUX Enterprise Server 9 or 10 on x86 on System x or System z
    • Microsoft Windows 2003 Server Standard Edition on x86
    • Microsoft Windows 2003 Server Enterprise Edition on x86
  • IBM HTTP Server V2.0
    • IBM AIX V5.2 or V5.3
    • Sun Solaris 9 or 10 on SPARC
    • Red Hat Enterprise Linux Server 4.0 or 5.0 on x86 on System x or System z
    • SUSE LINUX Enterprise Server 9 or 10 on x86 on System x or System z
    • Microsoft Windows 2003 Server Standard Edition on x86
    • Microsoft Windows 2003 Server Enterprise Edition on x86
  • IBM HTTP Server V6.0
    • IBM AIX V5.2 or V5.3
    • Sun Solaris 9 or 10 on SPARC
    • Microsoft Windows 2003 Server Standard Edition
    • Microsoft Windows 2003 Server Enterprise Edition
    • Red Hat Enterprise Linux Server 4.0 or 5.0 on x86 on System x or System z
    • SUSE LINUX Enterprise Server 9 or 10 on x86 on System x or System z
  • Sun Java System Web Server 6.1 SP1
    • IBM AIX V5.1 and V5.2
    • Sun Solaris 9 or 10 on SPARC
  • Sun Java System Web Server 7.0
    • Sun Solaris 9 or 10 on SPARC
  • IBM Edge Component for WebSphere Application Server Network Deployment V6.1
    • IBM AIX V5.2 or V5.3
    • Sun Solaris 9 or 10 on SPARC
    • Red Hat Enterprise Linux Server 4.0 and 5.0 on x86 on System x
    • SUSE LINUX Enterprise Server 9 or 10 on x86 on System x or System z
  • Microsoft IIS 6.0
    • Microsoft Windows 2003 Server Standard Edition on x86
    • Microsoft Windows 2003 Server Enterprise Edition on x86

Access Manager Session Management Services

  • IBM AIX V5.2 or V5.3
  • Sun Solaris 9 or 10 on SPARC
  • Hewlett-Packard HP-UX 11iv or 11iv3 on PA-RISC
  • Microsoft Windows 2003 Server Standard Edition on x86
  • Microsoft Windows 2003 Server Enterprise Edition on x86
  • Red Hat Enterprise Linux Server 4.0 or 5.0 on x86 on System x or System z
  • SUSE LINUX Enterprise Server 9 or 10 on x86 on System x or System z

The following products are included with Tivoli Access Manager for e-business V6.1 for use restricted to Tivoli Access Manager for e-business:

  • IBM Tivoli Directory Server V6.1
  • IBM Tivoli Directory Integrator V6.1.1
  • IBM WebSphere Application Server V6.1
  • IBM DB2® Enterprise Server Edition V9.1

Note: Crystal-based Reports are no longer included with Tivoli Access Manager for e-business V6.1. Tivoli Access Manager for e-business V6.1 now includes a common reporting mechanism.

The program's specifications and specified operating environment information may be found in documentation accompanying the program, if available, such as a README file, or other information published by IBM, such as an announcement letter. Documentation and other program content may be supplied only in the English language.

Companion products

There are many benefits to including companion products to create a robust security suite, such as including federated and desktop SSO, operating system level access control, user provisioning, privileged user monitoring, and application security with vulnerability scanning.

Companion products include:

  • IBM Tivoli Access Manager for Operating Systems
  • IBM Tivoli Access Manager for Enterprise Single Sign-On
  • IBM Tivoli Federated Identity Manager
  • IBM Tivoli Identity Manager
  • IBM Tivoli Security Operations Manager
  • IBM Tivoli Compliance Insight Manager
  • IBM Rational® AppScan

Planning information

Packaging

IBM Tivoli Access Manager for e-business is distributed with:

  • International Program License Agreement (Z125-3301)
  • License Information document (electronic and hardcopy)
  • CD-ROM media
  • Publications (refer to the Publications section)

This program, when downloaded from a Web site, contains the applicable IBM license agreement, and License Information, if appropriate, and will be presented for acceptance at the time of installation of the program. For future reference, the license and License Information will be stored in a directory such as LICENSE.TXT

Security, auditability, and control

IBM Tivoli Access Manager for e-business uses the security and auditability features of the operating system software.

The customer is responsible for evaluation, selection, and implementation of security features, administrative procedures, and appropriate controls in application systems and communication facilities.

Software Services

IBM Software Services has the breadth, depth, and reach to manage your services needs. You can leverage the deep technical skills of our lab-based, software services team and the business consulting, project management, and infrastructure expertise of our IBM Global Services team. Also, we extend our IBM Software Services reach through IBM Business Partners to provide an extensive portfolio of capabilities. Together, we provide the global reach, intellectual capital, industry insight, and technology leadership to support a wide range of critical business needs.

To learn more about IBM Software Services or to contact a Software Services sales specialist, visit

IBM Tivoli Enhanced Value-Based Pricing

IBM Tivoli software products are priced using IBM Tivoli's Enhanced Value-Based Pricing. The Enhanced Value-Based Pricing system is based upon the IBM Tivoli Environment-Managed Licensing Model, which uses a managed-environment approach — whereby price is determined by what is managed rather than the number and type of product components installed.

For example, all servers monitored with IBM Tivoli's monitoring product (IBM Tivoli Monitoring) require entitlements sufficient for those servers. Other Tivoli products may manage clients, client devices, agents, network nodes, users, or other items, and are licensed and priced accordingly.

Unlike typical systems management licensing models that require entitlements of specific software components to specific systems, the IBM Tivoli Environment-Managed Licensing Model provides the customer flexibility to deploy its IBM Tivoli software products within its environment in a manner that can address and respond to the customer's evolving architecture. That is, as the architecture of a customer's environment changes, the customer's implementation of IBM Tivoli software can be altered, as needed, without affecting the customer's license requirements (as long as the customer does not exceed its entitlements to the software).

Under Enhanced Value-Based Pricing, licensing and pricing of server-oriented applications are determined based upon the server's use in the customer's environment. Typically, such applications are licensed and priced in a manner that corresponds to each installed and activated processor of the server managed by the IBM Tivoli application to help correlate price to value while offering a simple solution.

Where a server is physically partitioned, this approach is modified. This partitioning technique is the approach used with systems that have either multiple cards or multiple frames, each of which can be configured independently. For servers capable of physical partitioning (for example, IBM System p Scalable POWERparallel Systems® servers, Sun Ultra servers, and HP Superdome servers), an entitlement is required for each processor in the physical partition being managed by the Tivoli application. For example, assume that a server has 24 processors installed in aggregate. If this server is not partitioned, entitlements are required for all 24 processors. If, however, it is physically partitioned into three partitions, each containing eight processors, and Tivoli products were managing only one of the three partitions, then entitlements would be required for the eight processors on the physical partition managed by the IBM Tivoli application.

For servers with virtual or logical partitions, entitlements are required for all installed and activated processors on the server. For each IBM Tivoli application managing a clustered environment, licensing is based on the cumulative number of installed and activated processors on each server in the cluster. Where the cluster includes physically partitioned servers, the considerations described above concerning physically partitioned servers apply as well.

Enhanced Value-Based Pricing recognizes the convergence of RISC and UNIX®, and Microsoft Windows and Intel® technologies, in order to simplify your licensing requirements, and to provide a smoother, more scalable model. Pricing and licensing does not differentiate between non-System z server platforms or operating systems. For some products, this platform neutrality extends to System z and other host servers as well.

IBM Tivoli Enhanced Value-Based Pricing terminology definitions

Authorized user

An authorized user is one and only one individual (named or unnamed) within or outside your enterprise. A Proof of Entitlement (PoE) must be obtained for each individual user accessing the program in any manner. A program licensed under an authorized user PoE may be installed on a single computer or server, and accessed by multiple users, provided that a PoE has been obtained for each individual user accessing the program either directly or indirectly (via a multiplexing program, device, or application server) through any means on behalf of the user.

Note that:

Authorized users have unique specific identity and IDs cannot be shared. An ID can establish one or more connections and count as a single authorized user. Specific information to security products are:

  • An authorized user of IBM Tivoli Federated Identity Manager is any ID that accesses an application or service managed or protected by IBM Tivoli Federated Identity Manager.
  • An authorized user of IBM Tivoli Directory Integrator is one whose identity can be synchronized by IBM Tivoli Directory Integrator or that can access a connected system that can be synchronized by IBM Tivoli Directory Integrator.
  • An authorized user of IBM Tivoli Identity Manager is any ID whose identity is recorded in the Tivoli Identity Manager identity store.
  • An authorized user of IBM Tivoli Access Manager for e-business is any ID that accesses an application or service managed or protected by IBM Tivoli Access Manager for e-business.
  • Quantities of authorized users of IBM Tivoli Federated Identity Manager or Tivoli Access Manager for e-business will only include users that have usable Tivoli Federated Identity Manager or Tivoli Access Manager for e-business accounts. If their accounts have been made unusable, then those users do not have to count against the quantities of users that need to be licensed. Such accounts must remain unusable for a minimum of six months in order to not count against the quantities of users that need to be licensed.

Engine

An engine is also referred to as a central processor (CP) or processor. Engines for traditional workloads are called General Purpose CPs. Engines for Linux workloads are called Integrated Facility for Linux (IFL) engines or Linux-only engines. Engines for Coupling Facility workloads are called Integrated Coupling Facility (ICF) engines.

Enterprise

An enterprise is a person or single entity and those subsidiaries with more than 50 percent ownership.

External user

An authorized user who is not part of the enterprise.

Internal User

An authorized user that is part of the enterprise.

IBM IFL

This optional facility enables additional processing capacity exclusively for Linux workload, with no effect on the model designation of a System z or OS/390® server. Consequently, executing Linux workload on the IBM IFL will not, in most cases, result in any increased IBM software charges for z/OS®, OS/390, VM, VSE, or TPF operating systems and applications. There is, as indicated, a charge associated with the IFL, and there may also be a charge for applications which run on the IFL.

The IFL may be dedicated to a single Linux-mode logical partition or it may be shared by multiple Linux-mode logical partitions. Installations should note that the Linux workspace enabled by this facility will not support any of the traditional S/390 operating systems (OS/390, TPF, VSE, or VM). Only Linux applications or Linux operating in conjunction with the Virtual Image Facility™, an environment that operates within a logical partition or in native S/390® mode and provides the capability to create multiple Linux images, are supported by IBM S/390 IFL.

Managed processor (charging under full capacity in the managed environment)

Managed processor charges are based on the active processors on the machines in the computing environment affiliated with the program rather than on the server where the program is run. The managed processors which require PoEs are defined in the License Information's program-unique terms.

Notes:

  1. IBM defines a physical processor in a computer as a functional unit that interprets and executes instructions. A physical processor consists of at least an instruction control unit and one or more arithmetic and logic units.
  2. Multicore technology allows two or more processors (commonly called cores) to be active on a single silicon chip. With multicore technology, IBM considers each core to be a physical processor. For example, in a dual-core chip, there are two physical processors residing on the single silicon chip.
  3. The program may not run on some or all of the processors for which PoEs are required by the program's valuation method.
  4. In the System z IFL environment, each IFL engine is considered a single physical processor.
  5. Threading, a technique which makes a single processor seem to perform as two or more, does not affect the count of physical processors.
  6. Where blade technology is employed, each blade is considered a separate server and charging is based upon the total number of processors on the blades with which the program is affiliated.
  7. Not all processors require the same number of Value Unit entitlements. To determine the number of Value Unit entitlements required, refer to the Processor Value Unit conversion table on the Passport Advantage Web site

Partitions

A server's resources (CPU, memory, I/O, interconnects, and buses) may be divided according to the needs of the applications running on the server. This partitioning can be implemented with physical boundaries (physical partitions) or logical boundaries (logical partitions).

Physical partitions are defined by a collection of processors dedicated to a workload and can be used with systems that have either multiple cards or multiple frames, each of which can be configured independently. In this method, the partitions are divided along hardware boundaries and processors, and the I/O boards, memory, and interconnects are not shared.

Logical partitions are defined by software rather than hardware and allocate a pool of processing resources to a collection of workloads. These partitions, while separated by software boundaries, share hardware components and run in one or more physical partitions.

Processor (per processor charging under full capacity)

In full capacity charging, PoEs must be acquired for all activated processors (available for use) that are on the server where the program or a component of the program is run.

Notes:

  1. IBM defines a physical processor in a computer as a functional unit that interprets and executes instructions. A physical processor consists of at least an instruction control unit and one or more arithmetic and logic units.
  2. Multicore technology allows two or more processors (commonly called cores) to be active on a single silicon chip. With multicore technology, IBM considers each core to be a physical processor. For example, in a dual-core chip, there are two physical processors residing on the single silicon chip.
  3. In the System z IFL environment, each IFL engine is considered a single physical processor.
  4. Threading, a technique which makes a single processor seem to perform as two or more, does not affect the count of physical processors.
  5. Where blade technology is employed, each blade is considered a separate server and charging is based upon the total number of processors on the blade on which the program is run.
  6. When a server is shipped with six processors, but two of them are inactive, four processors are active for the customer.
  7. Not all processors require the same number of Value Unit entitlements. To determine the number of Value Unit entitlements required, refer to the processor Value Unit conversion table on the Passport Advantage Web site

Server

A server is a computer system that executes requested procedures, commands, or applications to one or more user or client devices over a network. A PoE must be obtained for each server on which the program or a component of the program is run or for each server managed by the program. Where blade technology is employed, each blade is considered a separate server.

Standby or backup systems

For programs running or resident on backup machines, IBM defines three types of situations: cold, warm and hot. In cold and warm situations, a separate entitlement for the copy on the backup machine is normally not required and typically no additional charge applies. In a hot backup situation, the customer needs to acquire other license or entitlements sufficient for that server. All programs running in backup mode must be solely under the customer's control, even if running at another enterprise's location.

As a practice, the following are definitions and allowable actions concerning the copy of the program used for backup purposes.

Cold: A copy of the program may reside, for backup purposes, on a machine as long as the program is not started. There is no additional charge for this copy.

Warm: A copy of the program may reside for backup purposes on a machine and is started, but is idling, and is not doing any work of any kind. There is no additional charge for this copy.

Hot: A copy of the program may reside for backup purposes on a machine, is started, and is doing work. The customer must acquire a license or entitlements for this copy and there will generally be an additional charge.

Doing work includes, for example, production, development, program maintenance, and testing. It also could include other activities such as mirroring of transactions, updating of files, synchronization of programs, data or other resources (for example, active linking with another machine, program, database or other resource, and so on), or any activity or configurations that would allow an active hot switch or other synchronized switch over between programs, databases, or other resources to occur.

In the case of a program or system configuration that is designed to support a high availability environment by using various techniques (for example, duplexing, mirroring of files, or transactions, maintaining a heartbeat, active linking with another machine, program, database, or other resource), the program is considered to be doing work in the hot situation and a license or entitlement must be purchased.

Tivoli Management Points

A Tivoli Management Point is a metric used to compute license quantities and is program specific.

Value Units

A Value Unit is a pricing charge metric for program license entitlements, which is based upon the quantity of a specific designated measurement used for a given program. Each program has a designated measurement. The most commonly used designated measurements are processor cores and MSUs. However, for select programs, there are other designated measurements such as servers, users, client devices, and messages. The number of Value Unit entitlements required for your specific implementation of the given program must be obtained from a conversion table associated with the program. You must obtain a PoE for the appropriate number of Value Unit entitlements for your implementation. The Value Unit entitlements of a given program cannot be exchanged, interchanged, or aggregated with Value Unit entitlements of another program. Whenever the designated measurement is a processor core, not all processors require the same number of Value Unit entitlements. To determine the number of Value Unit entitlements required, refer to the processor Value Unit conversion table on the Passport Advantage Web site

User Value Units

A User Value Unit is a pricing charge metric for program license entitlements which is based upon the quantity of a specific designated measurement used for a given program. Refer to the Value Units definition. Users is a descriptive of one of the Value Unit charge metrics.

Product and licensing Web sites

A complete list of IBM Tivoli products is available at

IBM Tivoli product licensing documents are available at

Passport Advantage

Through the Passport Advantage Agreement, you may receive discounted pricing based on their total volume of eligible products, across all IBM brands, acquired worldwide. The volume is measured by determining the total Passport Advantage points value of the applicable acquisitions. Passport Advantage points are only used for calculating the Entitled Passport Advantage discount.

To determine the required IBM Tivoli product configuration under Passport Advantage, the IBM Tivoli Enhanced Value-Based Pricing Model applies. The customer's environment is evaluated on a per-product basis.

Use the following two-step process to determine the total Passport Advantage points value:

  1. Analyze your environment to determine the number of charge units for a product. The quantity of each product's part numbers to be ordered is determine by that analysis.
  2. Order the Passport Advantage part numbers. A Passport Advantage point value, which is the same worldwide for a specific part number regardless of where the order is placed, is assigned to each IBM Tivoli product part number. The Passport Advantage point value for the applicable part number, multiplied by the quantity for that part number, will determine the Passport Advantage points for that IBM Tivoli product part number. The sum of these Passport Advantage points determines the Passport Advantage point value of the applicable IBM Tivoli product authorizations which then may be aggregated with the point value of other applicable Passport Advantage product acquisitions to determine the total Passport Advantage points value.

The discounted pricing available through Passport Advantage is expressed in the form of Suggested Volume Prices (SVPs), which vary depending on the SVP level. Each SVP level is assigned a minimum total Passport Advantage point value, which must be achieved, in order to qualify for that SVP level.

Media packs and documentation packs do not carry Passport Advantage points and are not eligible for SVP discounting.

For additional information on Passport Advantage, refer to the following

The following Passport Advantage part number categories may be orderable:

  • License and Software Maintenance 12 Months — This is the product authorization with maintenance to the first anniversary date.
  • Annual Software Maintenance Renewal — This is the maintenance renewal for one anniversary that applies when a customer renews their existing coverage period prior to the anniversary date at which it expires.
  • Software Maintenance Reinstatement 12 months — This is for customers who have allowed their Software Maintenance to expire, and later wish to reinstate their Software Maintenance.
  • Media packs — These are the physical media, such as CD-ROMs, that deliver the product's code.

Exceptions to the Environment-Managed Licensing Model

IBM Tivoli products are priced based on the environment managed and follow the definitions laid out in the IBM Tivoli Enhanced Value-based Pricing terminology definitions section of this announcement, with the following exceptions:

    IBM Tivoli Access Manager for e-business — Count either the number of registered users or the number of processors in the servers on which IBM Tivoli Access Manager runs, but not both.

Distributed pricing examples

The following examples are provided to illustrate your licensing requirements.

References to processor-based licensing do not represent the actual number of entitlements required. Entitlement requirements are Processor Value Unit based. Processors referenced in these examples represent the designated measurement on which the required number of Processor Value Unit entitlements will be calculated. The number of Processor Value Units required per processor will depend on the processor type. For more information, refer to the Value Unit definition in IBM Tivoli Enhanced Value-Based Pricing terminology definitions. To determine the number of Processor Value Unit entitlements required per processor, refer to the Processor Value Unit conversion table on the Passport Advantage Web site

References to all other non-processor-based metrics do represent the actual number of entitlements required, unless other designated measurements are referenced or unless otherwise specified.

The pricing example below should be used to determine required license entitlements for IBM Tivoli Access Manager for e-business, which is managed by the licensed processor.

Products also have program-specific licensing terms, which are described later in this document. Consult the program-specific licensing terms to determine total licensing requirements for the applicable products.

Pricing model examples

1. Scalable usage model table

The following scalable usage table is used to determine the required Value Units per 1,000 users. The price per User Value Unit will be different for each part number.

Scalable
Usage Level         1        2        3         4
 
Chargeable          1-5K     >5K-15K  >15K-50K  >50K-150K
Users
User Value Units    1,000    500      300       200
per 1,000 users
 
Scalable
Usage Level         5        6        7         8
 
Chargeable          >150-500 >500-1M  >1M-3M    >3M
Users
User Value Units    100      50       25        10
per 1,000 users

The pricing model for IBM Tivoli Access Manager is enhanced to significantly reduce costs for many customers whose systems support a large number of external users. The price for these external users is not the same as for internal users. Select Tivoli Security Families. Now use a ratio of 15 external users equal 1 chargeable user for the purpose of calculating User Value Units. Each internal user equals one chargeable user for the purpose of calculating User Value Units. Infrequent internal users who utilize their IDs less than 5 times a year, and are grouped so as to be trackable and auditable, will be granted a ratio of 15 infrequent internal users equal 1 chargeable user for the purpose of calculating Value Units.

Chargeable users are summed up and the volume tiering table then is utilized to calculate the total User Value Units required to cover entitlements. With the release of Tivoli Access Manager for e-business V6.1, customers may mix internal users, external users and infrequent internal users within their total User Value Units.

Examples of mixing and matching to obtain total user Value Units.

          A        B          C         D           E
Pricing   Internal Chargeable External  Chargeable  Total      User
metric    users    internal   & infreq. external &  chargeable Value
example            users      internal  infrequent  users      Units to
                   at 1:1     users     int'l users (B+D)      order
                                        at 15:1
 
Access    57,000   57,000        0          0       57,000     21,900
Manager
example 1
 
Access    50,000   50,000     105,000    7,000      57,000     21,900
Manager
example 2
 
Access    30,000   30,000     405,000   27,000      57,000     21,900
Manager
example 3

Mix and match Tivoli Access Manager for e-business example 4:

Assume customer GREEN initially has 12,000 company employees and 1,500,000 external users. All of these are authorized users. The total chargeable users are calculated as follows:

  • 12,000 internal users = 12,000 chargeable users
  • 1,500,000 external users = 1,500,000/15 = 100,000 chargeable users
  • Customer GREEN must add these chargeable users together and purchase the Value Units required for a total of 112,000 chargeable users.

If customer GREEN grows to 20,000 company employees and finds that it only needs to entitle approximately 1,380,000 external users (customers, business partners, suppliers), then the total chargeable users are calculated as follows:

  • 20,000 internal users = 20,000 chargeable users (20,000 chargeable users at 1:1)
  • 1,380,000 external users = 1,380,000/15 = 92,000 chargeable users (at 15:1)
  • Customer GREEN would still be covered with their entitlements, as their chargeable user total of 112,000 has not changed. This allows the customer flexibility to accommodate changes in their environment over time.

2. User Value Unit pricing scenario

Customer ABC initially wants to deploy Tivoli Access Manager for e-business for the following number of internal users (employees):

  • 5,000 users who access Web applications from HTTP and Java 2 Platform Enterprise Edition (J2EE) application servers — the goal is to provide access control or SSO from Tivoli Access Manager.
  • 5,000 additional user records stored in a database table that is referenced in Tivoli Access Manager's schema using IBM Tivoli Directory Integrator or a third party directory virtualization tool.
  • 1,000 additional mainframe user records from RACF® that will be used to access Tivoli Access Manager resources via z/OS LDAP and are referenced in Tivoli Access Manager's schema.
  • 1,000 additional user records of a non-secured application that will be recorded in the Tivoli Access Manager schema (for administrative convenience).
  • 1,000 additional users of a non-secured application that will be stored in an IBM Directory Server schema on the same Directory Server as Tivoli Access Manager users but not in the Tivoli Access Manager schema.

The first four sets of users will all be counted as Tivoli Access Manager authorized users. All users in the Tivoli Access Manager schema should be counted for the purposes of pricing Tivoli Access Manager. This gives a total of 12,000 internal users to charge for, and chargeable users who will be secured in this case using a 8-way server.

Tivoli Access Manager can use IBM Tivoli Directory Server as an identity store. It is provided in the package or a number of other repositories. The license for Tivoli Directory Server, provided with Tivoli Access Manager, only extends to those users that are stored under the Access Manager schema. Alternative uses of IBM Directory Server can be covered by an Directory Server license.

Transaction 1

IBM Tivoli Access Manager for e-business User Value Units to order for the 12,000 chargeable users, is calculated as follows:

Pricing metric  Chargeable user   User Value        User Value
                environment (A)   Units per         Units
                                  1,000 Users (B)   Required
                                                    ((A) * (B))/1,000
 
Tier 1           5,000            1,000              5,000
Tier 2           7,000              500              3,500
                12,000     Total user Value Units    8,500

Note: For Tivoli Access Manager, there is a minimum order quantity of 250 users, for fewer than 1,000 chargeable users in the scalable usage model. After the first 1,000 chargeable users, order quantities are in increments of 1,000 users to charge for. For example, 1,650 chargeable users are rounded up to 2,000 chargeable users for the purpose of calculating User Value Units to order.

Transaction 2

After the initial purchase described in transaction 1, customer ABC wants to secure access for 1,500,000 external authorized users (customers and suppliers) who access Web applications from HTTP and J2EE application servers. Customer ABC must purchase additional user Value Units to entitle the 100,000 additional chargeable users based on the 15 to 1 ratio on the external users to chargeable user conversion.

Pricing metric  Chargeable user   User value units  User value units
                environment (A)   per 1,000         required
                                  Users (B)         ((A) * (B))/1,000
 
Tier 1            5,000           1,000              5,000
Tier 2           10,000             500              5,000
Tier 3           35,000             300             10,500
Tier 4           62,000             200             12,400
                112,000        Total Value Units    32,900
                                less currently      (8,500)
                                licensed from
                                transaction 1
                                additional Value    24,400
                                Units required

3. Processor Value Units pricing scenario

Assume Customer ABC prefers unlimited user access for their environment. The customer will require the following licensing:

Tivoli Access Manager for e-business — Unlimited User Option

Tivoli Access Manager   Quantity in customer    Total processors
for e-business          environment             required
 
4-way                   1                        4*
                        Total processors        12

Note: The Unlimited User Option applies only to the 12 processors licensed. The customer must purchase the Processor Value Units appropriate for the customer's environment. If the customer installed Tivoli Access Manager for e-business on a 16-way server, an additional 4 processors would be required. This licensing is based on the server in which Tivoli Access Manager for e-business runs.

*
There is a minimum order quantity of 12 processors for the IBM Tivoli Access Manager for e-business Unlimited User Option.
*
Note: The processors used for Tivoli Access Manager base components, the Access Manager Reverse Proxy (WebSEAL), and Access Manager Session Management Services are counted towards the total number of entitled processor count.

Charge metric definitions

Value Unit

A Value Unit is a pricing charge metric for program license entitlements, which is based upon the quantity of a specific designated measurement used for a given program. Each program has a designated measurement. The most commonly used designated measurement is a processor core. However, for select programs, there are other designated measurements such as users, client devices, and messages. The number of Value Unit entitlements required for a program depends on how the program is deployed in your environment and must be obtained from a Value Unit table. You must obtain a PoE for the calculated number of Value Unit entitlements for your implementation. The Value Unit entitlements are specific to a program and may not be exchanged, interchanged, or aggregated with Value Unit entitlements of another program.

Processor (Value Unit)

A processor core is a functional unit within a computing device that interprets and executes instructions. A processor core consists of at least an instruction control unit and one or more arithmetic or logic unit. With multicore technology, each core is considered a processor. Not all processor cores require the same number of Value Unit entitlements. To calculate the number of Value Unit entitlements required, refer to the value unit table on the following Web site

With full capacity licensing, a PoE must be acquired for the appropriate number of value units based on all activated processor cores available for use on the server.
 
Back topBack to top
 

Ordering information

This product is only available via Passport Advantage. It is not available as shrinkwrap.

Product group:  Tivoli Security
Product:  IBM Tivoli Access Manager for e-business V6.1
Identifier Description (PID):  5724-C87
Product category:  IBM Tivoli Access Manager for e-business

Value Unit: A Value Unit is a pricing charge metric for program license entitlements which is based upon the quantity of a specific designated measurement used for a given program. Each program has a designated measurement. The most commonly used designated measurement is a processor core. However, for select programs, there are other designated measurements such as users or resources which may include servers, client devices, and messages. The number of Value Unit entitlements required for a program depends on how the program is deployed in your environment and must be obtained from a Value Unit table. You must obtain a PoE for the calculated number of Value Unit entitlements for your implementation. The Value Unit entitlements are specific to a program and may not be exchanged, interchanged, or aggregated with Value Unit entitlements of another program.

A processor core is a functional unit within a computing device that interprets and executes instructions. A processor core consists of at least an instruction control unit and one or more arithmetic or logic unit. Not all processor cores require the same number of Processor Value Unit entitlements. To calculate the number of Processor Value Unit entitlements required, refer to the Processor Value Unit Table on the following Web site

With full capacity licensing, a PoE must be acquired for the appropriate number of Processor Value Units based on all activated processor cores available for use on the server.

Passport Advantage customer: Media pack entitlement details

Customers with active maintenance or subscription for the products listed are entitled to receive the corresponding media pack.

Entitled maintenance offerings description       Part number
 
Tivoli Access Mgr eBus Value Unit                TAMEBUUOSB02
TIV AMEB UUO PROC for zLinux                     TAMEBUUOSB04
TAMeb User Value Unit                            TAMEBUUOSB07
TIV AMEB UUO VU for zLinux                       TAMEBUUOZB01
Tiv Acc Mgr EBSN Unltd Usr Opt VU                TAMEBUUOZB02
 
Media packs description                          Part number
 
IBM Tivoli Access Manager for e-business V6.1    BJ0MBML
  MP Multiplatform ML

Current licensees

Current licensees, with support in effect, will receive instructions on how to order this update.

Current licensees of Tivoli Access Manager for e-business can order the new distribution medium via MES by specifying the desired distribution medium feature number.

New licensees

Orders for new licenses will be accepted now.

Shipment will begin on the planned availability date.

Basic license

Ordering information for Passport Advantage

Passport Advantage allows you to have a common anniversary date for Software Maintenance renewals, which can simplify management and budgeting for eligible new versions and releases (and related technical support) for your covered products. The anniversary date, established at the start of your Passport Advantage Agreement, will remain unchanged while your Passport Advantage Agreement remains in effect. New software purchases will initially include twelve full months of Software Maintenance. Software Maintenance in the second year (the first year of renewal) can be prorated to be coterminous with your common anniversary date. Thereafter, all Software Maintenance will renew at the common anniversary date for twelve full months of maintenance.

Refer to the IBM International Passport Advantage Agreement and to the IBM Software Support Handbook for specific terms relating to, and a more complete description of, technical support provided through Software Maintenance.

The quantity to be specified for the Passport Advantage part numbers in the following table is per required number of (Processor Value Units, Resource Value Units, User Value Units). To order for Passport Advantage, specify the desired part number and quantity.

IBM Tivoli Access Manager for e-business V6.1

 
Description                                        Part number
 
IBM Tivoli Access Mgr for e-bus                    E02B1LL
 Unlimited User Option Processor Value Unit
 Linux on z Annual Sw Maint Rnwl
IBM Tivoli Access Mgr for e-bus                    D56PSLL
 Unlimited User Option Processor Value Unit
 Linux on z Lic+Sw Maint 12 Mo
IBM Tivoli Access Mgr for e-bus                    D56PTLL
 Unlimited User Option Processor Value Unit
 Linux on z Sw Maint Reinstate 12 Mo
IBM Tivoli Access Mgr for e-bus                    E025XLL
 Unlimited User Option Processor Value Unit
 Annual Sw Maint Rnwl
IBM Tivoli Access Mgr for e-bus                    D55X7LL
 Unlimited User Option Processor Value Unit
 Lic+Sw Maint 12 Mo
IBM Tivoli Access Mgr for e-bus                    D55X8LL
 Unlimited User Option Processor Value Unit
 Sw Maint Reinstate 12 Mo

IBM Tivoli Access Manager for e-business

Description                                       Part number
 
Tivoli Access Manager for e-business              E04NFLL
 
 User Value Units Annual SW Maint Rnwl
Tivoli Access Manager for e-business              D03RLLL
 User Value Units Lic+Sw Maint 12 Mo
Tivoli Access Manager for e-business              D03RMLL
 User Value Units Sw Maint Reinstate 12 Mo

To order a media pack for Passport Advantage, specify the part number in the desired quantity from the following table:

 Description                                      Part number
 
IBM Tivoli Access Manager for e-business V6.1     BJ0MBML
 Media Pack ML

Withdrawal of Passport Advantage part numbers

The following Passport Advantage part number will be withdrawn on May 16, 2008.

Description                                        Part number
 
IBM Tivoli Access Manager for e-business           BJ0C2ML
 Unlimited User Option for Multiplatforms V5.1
 Multilingual CD ROM 128 Bit Media Pack

 
Back topBack to top
 
Terms and conditions

The information provided in this announcement letter is for reference and convenience purposes only. The terms and conditions that govern any transaction with IBM are contained in the applicable contract documents such as the IBM International Program License Agreement, IBM International Passport Advantage Agreement, and the IBM Agreement for Acquisition of Software Maintenance.

This product is only available via Passport Advantage. It is not available as shrinkwrap.

Licensing: IBM International Program License Agreement including the License Information document and PoE govern your use of the program. PoEs are required for all authorized use. Part number products only, offered outside of Passport Advantage, where applicable, are license only and do not include Software Maintenance.

This software license includes Software Maintenance, previously referred to as Software Subscription and Technical Support.

License Information form number: L-JSCK-72KRXT

The program's License Information will be available for review on the IBM Software License Agreement Web site

Limited warranty applies: Yes

Limited warranty: IBM warrants that when the program is used in the specified operating environment, it will conform to its specifications. The warranty applies only to the unmodified portion of the program. IBM does not warrant uninterrupted or error-free operation of the program or that IBM will correct all program defects. You are responsible for the results obtained from the use of the program.

IBM provides you with access to IBM databases containing information on known program defects, defect corrections, restrictions, and bypasses at no additional charge. For further information, consult the IBM Software Support Handbook found at

IBM will maintain this information for at least one year after the original licensee acquires the program (warranty period).

Program technical support: Technical support of a program product will be available for a minimum of five years from the general availability date, as long as your Software Maintenance is in effect. This technical support allows you to obtain assistance (via telephone or electronic means) from IBM for product-specific, task-oriented questions regarding the installation and operation of the program product. Software Maintenance also provides you with access to updates, releases, and versions of the program. You will be notified, via announcement letter, of discontinuance of support with 12 months' notice. If you require additional technical support from IBM, including an extension of support beyond the discontinuance date, contact your IBM representative or IBM Business Partner. This extension may be available for a fee.

Money-back guarantee: If for any reason you are dissatisfied with the program and you are the original licensee, you may obtain a refund of the amount you paid for it, if within 30 days of your invoice date you return the program and its PoE to the party from whom you obtained it. If you downloaded the program, you may contact the party from whom you acquired it for instructions on how to obtain the refund.

For clarification, note that (1) for programs acquired under the IBM International Passport Advantage offering, this term applies only to your first acquisition of the program and (2) for programs acquired under any of IBM's On/Off Capacity on Demand (On/Off CoD) software offerings, this term does not apply since these offerings apply to programs already acquired and in use by you.

Authorization for use on home/portable computer: You may not copy and use this program on another computer without paying additional license fees.

Other terms

Volume orders (IVO): No

IBM International Passport Advantage Agreement

Passport Advantage applies: Yes, and through the Passport Advantage Web site at

Software Maintenance applies: Yes. Software Maintenance is included with licenses purchased through Passport Advantage and Passport Advantage Express. Product upgrades and Technical Support are provided by the Software Maintenance offering as described in the Agreements. Product upgrades provide the latest versions and releases to entitled software and Technical Support provides voice and electronic access to IBM support organizations, worldwide.

IBM includes one year of Software Maintenance with each program license acquired. The initial period of Software Maintenance can be extended by the purchase of a renewal option, if available.

While your Software Maintenance is in effect, IBM provides you assistance for your routine, short duration installation and usage (how-to) questions, and code-related questions. IBM provides assistance via telephone and, if available, electronic access, only to your information systems (IS) technical support personnel during the normal business hours (published prime shift hours) of your IBM support center. (This assistance is not available to your end users.) IBM provides Severity 1 assistance 24 hours a day, 7 days a week. For additional details, consult your IBM Software Support Handbook at

Software Maintenance does not include assistance for the design and development of applications, your use of programs in other than their specified operating environment, or failures caused by products for which IBM is not responsible under the applicable agreements.

For additional information about the International Passport Advantage Agreement and the IBM International Passport Advantage Express Agreement, visit the Passport Advantage Web site at

System i Software Maintenance applies: No

Variable charges apply: No

Educational allowance available: Not applicable.
 
Back topBack to top
 

IBM Electronic Services

IBM has transformed its delivery of hardware and software support services to help you achieve higher system availability. Electronic Services is a Web-enabled solution that offers an exclusive, no-additional-charge enhancement to the service and support available for IBM servers. These services are designed to provide the opportunity for greater system availability with faster problem resolution and preemptive monitoring. Electronic Services comprises two separate, but complementary, elements: Electronic Services news page and Electronic Services Agent.

The Electronic Services news page is a single Internet entry point that replaces the multiple entry points traditionally used to access IBM Internet services and support. The news page enables you to gain easier access to IBM resources for assistance in resolving technical problems.

The Electronic Service Agent™ is no-additional-charge software that resides on your server. It monitors events and transmits system inventory information to IBM on a periodic, client-defined timetable. The Electronic Service Agent automatically reports hardware problems to IBM. Early knowledge about potential problems enables IBM to deliver proactive service that may result in higher system availability and performance. In addition, information collected through the Service Agent is made available to IBM service support representatives when they help answer your questions or diagnose problems. Installation and use of IBM Electronic Service Agent for problem reporting enables IBM to provide better support and service for your IBM server.

To learn how Electronic Services can work for you, visit


 
Back topBack to top
 
Prices

Information on charges is available at Web site

Passport Advantage

For Passport Advantage and charges, contact your IBM representative or your authorized IBM Business Partner. Additional information is also available at

Business Partner information

If you are an IBM Business Partner — Distributor for Workstation Software acquiring products from IBM, you may link to Passport Advantage Online for resellers where you can obtain Business Partner pricing information. An IBM ID and password are required.


 
Back topBack to top
 
Order now

To order, contact the Americas Call Centers or your local IBM representative.

To identify your local IBM representative, call 800-IBM-4YOU (426-4968).

 Phone:      800-IBM-CALL (426-2255)
 Fax:        800-2IBM-FAX (242-6329)
 Internet:   callserv@ca.ibm.com
 Mail:       IBM Teleweb Customer Support
             ibm.com Sales Execution Center, Americas North
             3500 Steeles Ave. East, Tower 3/4
             Markham, Ontario
             Canada
             L3R 2Z1
 
 Reference:  YE001

The Americas Call Centers, our national direct marketing organization, can add your name to the mailing list for catalogs of IBM products.

Note: Shipments will begin after the planned availability date.

Trademarks

 
System p, System i, System x, System z, Virtual Image Facility, and Electronic Service Agent are trademarks of International Business Machines Corporation in the United States or other countries or both.
 
Tivoli, Passport Advantage, WebSphere, AIX, DB2, Rational, Scalable POWERparallel Systems, OS/390, z/OS, S/390, RACF, Lotus, and PartnerWorld are registered trademarks of International Business Machines Corporation in the United States or other countries or both.
 
Intel is a registered trademark of Intel Corporation.
 
Microsoft and Windows are registered trademarks of Microsoft Corporation.
 
Java is a trademark of Sun Microsystems, Inc.
 
UNIX is a registered trademark of the Open Company in the United States and other countries.
 
Linux is a trademark of Linus Torvalds in the United States, other countries or both.
 
Other company, product, and service names may be trademarks or service marks of others.

Back to topBack to top
 

 
Printable version Printable version