This section provides information about the currently available or planned Tivoli Access Manager for e-business (ITAMeb) 6.0 courses. At the time of this writing some of the courses are not yet being offered. Refer to the Tivoli software education Web site to learn more about course availability and to find the appropriate courses and education delivery vendor for each geography. The Web site is:
http://www.ibm.com/software/tivoli/education
General training information is available at the following Web site:
http://ibm.com/training
You can also refer to the existing Education Roadmap for IBM Tivoli Access Manager for e-business 5.1 at the following Web site:
ftp://ftp.software.ibm.com/software/tivoli/education/Roadmaps/TAM_51.pdf (Although this document still refers to Access Manager for e-business V5.1, you
Note: Course offerings are continuously being added and updated. If you do not see courses listed in your geographical location, contact the delivery management team.
ITAMeb 6.0 Overview
This course functions as a general overview and outline of the benefits and functions of IBM Tivoli Access Manager for e-business.
Course duration
This is a two-hour, self-paced course.
Objectives
After taking this course, you will be able to:
Describe the IBM Tivoli Access Manager product family.
Describe the high-level architecture of IBM Tivoli Access Manager for e-business.
Describe how IBM Tivoli Access Manager for e-business secures access to business applications and resources.
Outline
The course follows this outline:
1. Introduction to IBM Tivoli Access Manager for e-business 2. Managing IBM Tivoli Access Manager for e-business
3. Securing access with IBM Tivoli Access Manager for e-business
ITAMeb 6.0 Installation
This Web-based course focuses on IBM Tivoli Access Manager for e-business installation. An overview of the IBM Tivoli Access Manager for e-business architecture will also be covered in this course.
Course duration
This is a four-hour, self-paced course.
Objectives
After taking this course, you will be able to:
Explain the architecture of IBM Tivoli Access Manager for e-business.
Describe how to install and configure IBM Tivoli Access Manager for e-business and its prerequisites for a particular case study.
Describe how to install and configure Web Portal Manager to manage the Access Manager environment.
Describe how to install and configure the IBM Tivoli Directory Server Web Application Tool in order to simplify management of the IBM Tivoli Directory Server user registry.
Describe how to tailor a security environment with IBM Tivoli Access Manager for e-business Web server plug-ins.
Troubleshoot Access Manager for e-business installations.
ITAMeb 6.0 Managing Users and Access Control
This Web-based course focuses on managing users, groups, and access control.
Course duration
This is a four-hour, self-paced course.
Objectives
After taking this course, you will be able to:
Describe the role of the user registry in IBM Tivoli Access Manager for e-business implementation.
Create users, groups, access control lists, and protected object policies to manage the authentication and authorization of users.
Use pdadmin commands and Web Portal Manager to manage users, groups, and access control.
Describe authorization rules to customize access control.
Create Access Manager domains to unify the authentication and authorization of users.
Create Access Manager delegated administrators to delegate domain management responsibilities to lower-level administrators.
Use auditing to track users’ and administrators’ activities.
Implement the Access Manager common auditing and reporting systems (CARS) for historical and operational reporting.
ITAMeb 6.0 WebSEAL
This Web-based course focuses on the Access Manager for e-business WebSEAL.
Course duration
This is a four-hour, self-paced course.
Objectives
After taking this course, you will be able to:
Describe how WebSEAL secures Web-based resources.
Install and configure WebSEAL.
Use pdadmin commands and Web Portal Manager to manage the WebSEAL environment.
Describe and implement a variety of authentication methods including forms-based single sign-on, cross domain single sign-on, Windows desktop single sign-on (SPNEGO), and client-side certificates.
Install and configure Session Management Server (SMS), and use WebSEAL shared session management to limit concurrent sessions and terminate or inspect active sessions.
Create and manage WebSEAL junctions to unify the Web space of the back-end servers with the Web space of the WebSEAL server.
Enable auditing to track user activities.
Enable logging to troubleshoot the WebSEAL environment.
ITAMeb 6.0 Deployment and Administration
This is a classroom course with hands-on labs for the IBM Tivoli Access Manager for e-business 6.0 product. IBM Tivoli Access Manager is an
authentication and authorization solution for corporate Web, client/server, and existing applications.
This product allows customers to control user access to protected information and resources by providing a centralized, flexible, and scalable access control solution. This course is targeted for System Administrators, Security Architects, Application Programmers, and Identity Developers who are responsible for maintaining large numbers of users, groups, and access to specific information resources.
Course duration
This is a four-day, classroom course.
Objectives
After taking this course, you will be able to:
Describe how IBM Tivoli Access Manager for e-business secures access to business applications and resources.
Explain the architecture of IBM Tivoli Access Manager for e-business.
Describe how IBM Tivoli Access Manager for e-business can integrate with new or existing products to secure business applications and resources.
Describe how to install and configure IBM Tivoli Access Manager for e-business and its prerequisites for a particular case study.
Describe how to install and configure Web Portal Manager to manage the Access Manager environment.
Describe how to install and configure IBM Tivoli Directory Server Web Application Tool in order to ease management of the IBM Tivoli Directory Server user registry.
Troubleshoot Access Manager for e-business installations.
Describe the role of the user registry in IBM Tivoli Access Manager for e-business implementation.
Create users, groups, access control lists, and protected object policies to manage the authentication and authorization of users.
Use pdadmin commands and Web Portal Manager to manage users, groups, access control, and WebSEAL environment.
Describe authorization rules to customize access control.
Create Access Manager domains to unify the authentication and authorization of users.
Create Access Manager delegated administrators to delegate domain management responsibilities to lower-level administrators.
Use auditing to track users’ and administrators’ activities.
Implement the Access Manager common auditing and reporting systems (CARS) for historical and operational reporting.
Describe how WebSEAL secures Web-based resources.
Install and configure WebSEAL.
Describe a variety of authentication methods including basic authentication, forms authentication, client-side certificate authentication, and external authentication interface.
Describe Session Management Server (SMS) and WebSEAL shared session management to limit concurrent sessions and terminate or inspect active sessions.
Create and manage WebSEAL junctions to unify the Web space of the back-end servers with the Web space of the WebSEAL server.
Enable auditing to track user activities.
Enable logging to troubleshoot the WebSEAL environment.
Describe how to tailor a security environment with IBM Tivoli Access Manager for e-business Web server plug-ins.
Outline
The course follows this outline:
1. IBM Tivoli Access Manager for e-business 6.0 Introduction and Overview
– Lesson 2: Tivoli Access Manager for e-business Architecture – Lesson 3: Authentication and Authorization
2. IBM Tivoli Access Manger for e-business Installation and Configuration – Lesson 1: Planning a New Tivoli Access Manager Deployment – Lesson 2: Installing Tivoli Access Manager
– Lesson 3: Tivioli Access Manager Prerequisites – Lesson 4: Installation Methods
3. Tivoli Access Manager and the User Registry – Lesson 1: Lightweight Directory Access Protocol – Lesson 2: Setting up LDAP
– Lesson 3: Processing LDAP Requests 4. Managing Users and Groups
– Lesson 1: Tivoli Access Manager Administration – Lesson 2: Tivoli Access Manager Users and Groups 5. Managing Access Control
– Lesson 1: Protected Object Space – Lesson 2: Access Control Lists (ACLs) – Lesson 3: Protected Object Policies (POPs) – Lesson 4: IP Authentication
– Lesson 5: New to Tivoli Access Manager for e-business 6. Introduction to WebSEAL
– Lesson 1: WebSEAL
– Lesson 2: WebSEAL Features
– Lesson 3: WebSEAL Authentication Mechanisms – Lesson 4: WebSEAL Junctions
– Lesson 5: Web Space Scalability – Lesson 6: Single Sign-on
7. WebSEAL Installation and Configuration – Lesson 1: WebSEAL Installation – Lesson 2: WebSEAL Configuration
– Lesson 3: WebSEAL Instance Management
8. WebSEAL Authentication
– Lesson 1: Authentication Overview – Lesson 2: Authentication Methods – Lesson 3: Basic Authentication – Lesson 4: Forms Authentication
– Lesson 5: Client-side Certificate Authentication – Lesson 6: Token Authentication
– Lesson 7: Reauthentication
– Lesson 8: External Authentication Interface 9. Standard WebSEAL Junctions
– Lesson 1: WebSEAL Junctions – Lesson 2: URL Filtering
– Lesson 3: Junction Mapping Table – Lesson 4: Transparent Path Junctions – Lesson 5: Worker Thread Limits 10.Virtual Host Junctions
– Lesson 1: Virtual Host Junction Concepts – Lesson 2: Managing Virtual Host Junctions – Lesson 3: Multiple Listening Addresses and Ports – Lesson 4: Junction Throttling
11.Single Sign-on
– Lesson 1: Single Sign-on Concepts
– Lesson 2: Basic Authentication Single Sign-on – Lesson 3: Global Sign-on (GSO)
– Lesson 4: Forms Single Sign-on Authorization 12.Session Management Server
– Lesson 1: Session State Concepts – Lesson 2: Session Management Server – Lesson 3: SMS Administration
– Lesson 4: Installation – Lesson 5: Configuration
13.Domain and Policy Proxy Server – Lesson 1: Domains
– Lesson 2: Policy Proxy Server 14.Delegated Administration
– Lesson 1: Delegated Administration – Lesson 2: ACLs for User and Group 15.Logging and Auditing
– Lesson 1: Overview of Event Types and Logging Support 16.Common Auditing and Reporting Services (CARS)
– Lesson 1: Common Auditing and Reporting Services Overview – Lesson 2: Installation and Configuration
– Lesson 3: CARS Reporting Required skills
The following list contains the prerequisite general knowledge and Tivoli product knowledge an attendee must have prior to attending the course:
Basic operating-system administrative skills for Linux
Basic knowledge of Lightweight Directory Access Protocol (LDAP)
TCP/IP fundamentals
Firewall concepts
Working knowledge of Web protocols (HTTP, XML)
Basic knowledge of IBM WebSphere Application Server
ITAMeb 6.0 Customization
This instructor-led course focuses on Access Manager for e-business customization topics.
Course duration
This is a four-day, classroom course.
Objectives
After taking this course, you will be able to:
Create and manage authorization rules to customize access control.
Implement step-up authentication to control the method used to access a protected resource.
Describe performance tuning for Access Manager.
Describe how to develop a redundant Access Manager environment to reduce down time.
Customize External Authentication Interface (EAI) to supply custom authenticated identity information to WebSEAL.
Develop custom login pages for each junction to tailor the user experience.
Use the Java Authentication and Authorization Service (JAAS), and the aznAPI to integrate Access Manager in custom applications.
Describe J2EE Application and Security
Configure Access Manager for a Java application framework.
Integrate Access Manager into a J2EE application framework such as WebSphere.
Externalize roles from WebSphere to Access Manager.
Import users and groups from WebSphere to Access Manager.