At a glance
Course description
This 5-day instructor-led course provides hands-on exercises for IBM Tivoli Access Manager for e-business 6.1. IBM Tivoli Access Manager is an authentication and authorization solution for corporate Web, client-server, and e-commerce applications. You can use this software to control access to business critical information and resources with centralized, flexible, and scalable access control.
You will learn the skills necessary to install and configure each component, secure a Web infrastructure using WebSEAL, use common auditing to centralize reports, learn Web applications, create security policies, and manage user sessions.
Objectives
After completing this course, you should be able to accomplish the following tasks:
- Describe the purpose and components of architecture of Tivoli Access Manager
- Install and configure the Tivoli Access Manager policy server, Web portal manager, and WebSEAL
- Create users, groups, access control lists, and protected object policies to manage the authentication and authorization of users
- Describe the authentication mechanisms used by WebSEAL
- Install and configure the session management server (SMS) to manage user sessions
- Use the common auditing service (CAS) and Tivoli Common Reporting (TCR) to generate reports about Tivoli Access Manager activity
- Integrate Tivoli Access Manager into a Java Enterprise Edition (JEE) application framework
Course outline
-
Introduction and Overview
- Describe the business problems that IBM Tivoli Access Manager for e-business solves.
- Describe the high-level architecture of IBM Tivoli Access Manager for e-business.
-
Installation
- Install Tivoli Access Manager servers.
- Identify the prerequisites of this product.
- Identify the supported platforms and the user registries.
- Install Tivoli Access Manager servers using different installation methods.
-
Tivoli Access Manager and the LDAP User Registry
- Describe Lightweight Directory Access Protocol.
- Describe Lightweight Directory Access Protocol entries.
- Describe the role of the user registry in IBM Tivoli Access Manager.
-
Tivoli Access Manager Administration
- Describe pdadmin and the Web Portal Manager.
- Use pdadmin commands and Web Portal Manager to manage users and groups.
- Describe domains membership and multiple domains.
-
Introduction to WebSEAL
- Describe WebSEAL.
- Describe the architecture of WebSEAL.
- Describe the features of WebSEAL.
- Describe how WebSEAL protects Web resources.
- Define WebSEAL authentication mechanisms.
- Define WebSEAL junctions.
- Describe how WebSEAL provides Web space scalability.
-
WebSEAL Installation and Configuration
- List the WebSEAL installation components.
- List the prerequisites for WebSEAL installation.
- Install WebSEAL.
- Configure WebSEAL.
- Manage WebSEAL instances.
-
Managing Access Control
- Define access control lists (ACLs).
- List access control list attributes.
- Manage access control lists.
- Define protected object policies (POPs).
- Manage protected object policies.
-
WebSEAL Authentication
- Describe WebSEAL authentication.
-
Configure:
- Basic authentication
- Forms authentication
- Client-side certificate authentication
- HTTP header authentication
- Internet Protocol (IP) authentication
- Token authentication
-
WebSEAL Junctions
- Describe standard WebSEAL junctions.
- Manage standard WebSEAL junctions.
- Describe how WebSEAL filters links.
- Describe transparent path junctions.
-
Single Sign-on
- Describe single sign-on
-
Describe and configure:
- Basic authentication single sign-on
- Global single sign-on (GSO)
- Forms single sign-on
-
Session Management Server
- Explain the reasons to use redundancy.
- Use the session management server (SMS) to support redundancy between WebSEAL instances.
- Manage sessions using SMS.
-
Logging and Auditing
- Describe the logging and auditing features of TAMeB and WebSEAL.
- Distinguish between logging and auditing in a TAMeB context.
- Configure logging to track the actions of TAMeB components.
- Configure auditing to track user actions.
-
Producing Reports
- Generate reports from Tivoli Access Manager.
- Install and configure the two components required for reports: Common Audit Service (CAS) and Tivoli Common Reporting (TCR).
- Configure Tivoli Access Manager components to send their audit information to CAS.
- Generate audit reports.
- Identify the correct report to use to audit specific behaviors.
-
WebSphere Application Server Integration
- Explain the security model of the WebSphere Application Server (WAS.
- Configure a WebSEAL junction to protect a WAS server.
- Configure a WebSEAL junction to provide a WAS server with a username and password.
-
Protecting JEE Applications
- Explain the interaction between Java authorization contract for containers (JACC) and TAM.
- Configure authorization and user mapping to secure a Java Enterprise Edition (JEE) application using TAM.
Who will benefit from this course
This course is targeted for system administrators, security architects, application programmers, and identity developers who are responsible for maintaining large numbers of users, groups, and access to specific information resources.
Required skills/knowledge
The following list contains the prerequisite knowledge or Tivoli product knowledge a student must have before attending the course:
- Basic operating-system administrative skills for Linux and Windows
- Basic knowledge of Lightweight Directory Access Protocol (LDAP)
- TCP/IP fundamentals
- Firewall concepts
- Working knowledge of Web protocols (HTTP, XML)
- Basic knowledge of IBM WebSphere Application Server
Education centers
Contact
If you are unable to locate a course at the time and location you desire, including training for prior product releases, please feel free to contact your regional delivery management team:
We're here to help
Easy ways to get the answers you need.
Or call us at:
877-426-3774
Priority code:
104CBW62
