Crescent Help Desk

Google Plusface booktin
Tivoli Access Manager-Course Description


IBM Tivoli Access Manager (TAM) is an authentication and authorization, centralized resource management solution for web services, operating systems and existing applications. It runs on wide range of operating system platforms like UNIX (AIX, Solaris, HP-UX), Linux, and Microsoft Windows. TAM e-business provides robust, policy-based security to a corporate Web environment.

Training Objectives of TAM:

The main objective of the TAM is to enables the end users to better maintain their infrastructure, IT Operations, to more effectively deliver services achieved to business goals.

Target Students / Prerequisites:

TAM Course is targeted for system administrators, security architects, application programmers and identity developers who are responsible for maintaining large numbers of users, groups, and access to specific information resources. Basic knowledge required on Linux operating system skills and the fundamental Skills on Lightweight Directory Access Protocol (LDAP).

Unit 1: Introduction to TAM.
  • TAM Overview
  • TAM Base Components
  • TAM Core Components
  • TAM WebSecurity Components
Unit 2: Installation and Configuration
  • Validating/Installing the O/S pre-requisites
  • Product prerequisites
  • Installation matrix
  • Base components installation.
  • Core Components installation
  • Web Security installation
  • Supported registries and Schema changes
Unit 3: LDAP registry and Policy Server
  • Introduction to LDAP
  • Supported registries
  • Schema changes
  • Suffixes
  • User and Group Suffix
  • The TAM suffix "secAuthority=Default"
  • LDAP client
  • Introduction to Policy Server
  • Policy Database and LDAP registry
Unit 4: Secure Domain and protecting the resources
  • Secure Domain
  • Object Space
  • Default groups in TAM
  • ACLs
  • POP
  • Authorization Rule
Unit 5: Introduction to WebSEAL
  • Resource Manager's role
  • WebSeal features
  • DMZ and secured zones
  • Default Pages, Customization, Branding, Limitations
  • Customizing the login.html
  • Management Pages(PKMS****)
Unit 6: WebSEAL Installation and Configuration
  • Installation and Configuration
  • Shared object space
  • Session Management
  • SMS vs Failover cookie
Unit 7: WebSEAL features
  • Basic authentication
  • Forms authentication
  • Client-side certificate authentication
  • HTTP header authentication
  • Internet Protocol (IP) authentication
  • Token authentication
Unit 8: Protecting applications through WebSEAL Junctions
  • Standard WebSEAL junctions
  • Transparent Path junctions
  • Virtual Host junctions
  • Stateful junction
  • Junction Throttling
  • URL filtering and options
  • Junction cookie,Java-Script and JMT
Unit 9: Single Sign-on
  • Basic authentication single sign-on
  • Global single sign-on (GSO)
  • Forms single sign-on
  • Introduction to Kerberos
  • Desktop single sign-on
Unit 10: Logging, Auditing and Configuration files location
  • Logging levels in TAM
  • Snoop and Trace Logging
  • Audit process in TAM
  • Default configuration files and their location
  • Default Log files and their location
Unit 11:Advanced Authentication mechanisms
  • LTPA
  • TAI++
  • CDAS
Unit 12:Application Integration and real-time examples
  • Process of Application Integration
  • Certificate stores and certificate management
  • Session cookies and persistent cookies
  • Segregation of Duties in Application integration
  • Checklist for Seamless integration
  • Checklist for application support
  • Typical integration examples
  • Junction selection
  • Insight and blocking virtual IPs
  • Role of Access Manager SME
  • Major Architectural decisions
  • New Features in IBM Security Access Manager