TRAINING

Enroll Now

IBM Tivoli Identity Manager Training  

IBM Tivoli Access Manager (TAM) is an authentication and authorization, centralized resource management solution for web services, operating systems and existing applications. It runs on wide range of operating system platforms like UNIX (AIX, Solaris, HP-UX), Linux, and Microsoft Windows.

Who will benefit from this course

This course is targeted for system administrators, security architects, application programmers, and identity developers who are responsible for maintaining large numbers of users, groups, and access to specific information resources.

Required skills/knowledge :

The following list contains the prerequisite knowledge or Tivoli product knowledge an attendee must have prior to attending the course:

• Basic operating system administrative skills for Linux and Windows
• Basic knowledge of Lightweight Directory Access Protocol (LDAP)
• TCP/IP fundamental
• Working knowledge of Web protocols (HTTP, XML)
• Basic knowledge of IBM WebSphere Application Server
• Firewall concepts

After completing this course, students will be able to accomplish the following:

• Explain the purpose, components, and architecture of Tivoli Access Manager.
• Install and configure the Tivoli Access Manager policy server, Web portal manager, and WebSEAL.
• Integrate the common auditing and reporting service (CARS) for e-business reporting.
• Install and configure the session management server (SMS) to manage user sessions.
• Create users, groups, access control lists, and protected object policies to manage the authentication and authorization of users.
• Customize external authentication interface (EAI) to supply custom-authenticated identity information to WebSEAL

Course outline

Introduction and Overview

• IBM Tivoli Access Manager functions
• IBM Tivoli Access Manager for e-business

Installation

• Product prerequisites
• Supported platforms and the user registries.
• Installing Tivoli Access Manager

Tivoli Access Manager and the LDAP User Registry

• Lightweight Directory Access Protocol overview
• Lightweight Directory Access Protocol entries
• Role the user registry in IBM Tivoli Access Manager

Managing Access Control

• pdadmin and the Web Portal Manager
• Managing users and groups
• Domain membership and multiple domains
• Defining access control lists (ACLs)
• Managing access control lists
• Protected object policies (POPs)
• Managing protected object policies

Introduction to WebSEAL

• Overview and architecture
• Protecting web resources.
• WebSEAL authentication mechanisms
• WebSEAL junctions
• Web space scalability

WebSEAL Installation and Configuration

• WebSEAL installation components
• WebSEAL installation prerequisites
• Installation
• Configuration
• Management

WebSEAL Authentication

• Basic authentication
• Forms authentication
• Client-side certificate authentication
• HTTP header authentication
• Internet Protocol (IP) authentication
• Token authentication

WebSEAL Junctions

• Standard WebSEAL junctions
• Managing standard WebSEAL junctions
• WebSEAL link filtering
• Transparent path junctions

Single Sign-on

• Basic authentication single sign-on
• Global single sign-on (GSO)
• Forms single sign-on

Session Management Server (SMS)

• Server Redundancy
• Using SMS to support redundancy between WebSEAL instances
• Session management using SMS

Logging and Auditing

• TAMeB and WebSEAL logging capabilities
• Difference between logging and auditing in a TAMeB context
• Configuring logging
• Configuring auditing

Producing Reports

• Common Audit Service (CAS) installation
• Tivoli Common Reporting (TCR) installation
• Configuring Tivoli Access Manager components to send audit information to CAS.
• Generating audit reports

Protecting JEE Applications

• Java authorization contract for containers (JACC) and TAM interaction
• Configuring authorization and user mapping to secure Java Enterprise Edition (JEE) applications