Organizations today are more widely distributed than ever before, which can make systems management tasks, such as distributing software, patches, and security policies, extremely challenging. The IBM® Tivoli® Endpoint Manager platform is architected for today's highly diverse, distributed, and complex IT environments. It provides real-time visibility and control through a single infrastructure, single agent, and single console for systems lifecycle management, endpoint protection, and security configuration and vulnerability management. This platform enables organizations to securely manage their global IT infrastructures faster and more accurately, resulting in improved governance, control, visibility, and business agility. Plus, it gives organizations the ability to handle tomorrow's unforeseen challenges. In this IBM Redbooks® publication, we provide IT security professionals with a better understanding around the challenging topic of endpoint management in the IT security domain. We focus on IBM Tivoli Endpoint Manager for Security and Compliance and describe the product architecture and provide a hands-on design guide for deploying the solution. This book is a valuable resource for security professionals and architects who want to understand and implement a centralized endpoint management infrastructure and endpoint protection to better handle security and compliance challenges.

In a growing number of organizations, policies are the key mechanism by which the capabilities and requirements of services are expressed and made available to other entities. The goals established and driven by the business need to be consistently implemented, managed and enforced by the service-oriented infrastructure; expressing these goals as policy and effectively managing this policy is fundamental to the success of any IT and application transformation. First, a flexible policy management framework must be in place to achieve alignment with business goals and consistent security implementation. Second, common re-usable security services are foundational building blocks for SOA environments, providing the ability to secure data and applications. Consistent IT Security Services that can be used by different components of an SOA run time are required. Point solutions are not scalable, and cannot capture and express enterprise-wide policy to ensure consistency and compliance. In this IBM® Redbooks® publication, we discuss an IBM Security policy management solution, which is composed of both policy management and enforcement using IT security services. We discuss how this standards-based unified policy management and enforcement solution can address authentication, identity propagation, and authorization requirements, and thereby help organizations demonstrate compliance, secure their services, and minimize the risk of data loss. This book is a valuable resource for security officers, consultants, and architects who want to understand and implement a centralized security policy management and entitlement solution.

Deploying an identity management solution for a medium size business begins with a thorough analysis of the existing business and IT environment. After we fully understand the organization, their deployed infrastructure, and the application framework, we can define an applicable representation of these assets within an identity management implementation. This IBM® Redbooks® publication, intended for IBM Business Partners, takes a step-by-step approach to implementing an identity management solution based on IBM Tivoli® Identity Manager. Part 1 discusses the general business context and the planning approach for an identity management solution. Part 2 takes you through an example company profile with existing business policies and guidelines and builds an identity management solution design for this particular environment. We describe how the components can be integrated into the existing environment. Then, we focus on the detailed configuration of identity management integration tasks that must be implemented in order to create a fully functional end-to-end solution. This IBM Redbooks publication does not introduce any general identity management concepts, nor does it systematically explain all of Tivoli Identity Manager's components and capabilities; instead, those details are thoroughly discussed in the IBM Redbooks publications: Identity Management Design Guide with IBM Tivoli Identity Manager, SG24-6996, and Enterprise Security Architecture Using IBM Tivoli Security Solutions, SG24-6014.

In order to comply with government and industry regulations, such as Sarbanes-Oxley, Gramm-Leach-Bliley, and COBIT, enterprises have to constantly detect, validate, and report unauthorized change and out-of-compliance actions on their IT infrastructure. The Tivoli Compliance Insight Manager solution allows organizations to improve the security of their information systems by capturing comprehensive log data, correlating this data through sophisticated log interpretation and normalization, and communicating results through a dashboard and a full set of audit and compliance reporting. We discuss the business context of security audit and compliance software for organizations, and we show a typical deployment within a business scenario. This IBM Redbooks publication is a valuable resource for security officers, administrators, and architects who wish to understand and deploy a centralized security audit and compliance solution.

Identity and user lifecycle management projects are being deployed more and more frequently - and demand is growing. By demonstrating how IBM Tivoli Identity Manager can be made resilient and adapted to special functional requirements, this IBM Redbooks publication creates or enhances confidence in the IBM Tivoli Identity Manager-based solution for senior management, architects, and security administrators. Advanced design topics can start with infrastructure availability for all involved components, Web application, and database server clustering as well as LDAP multi-master setups, continuing with compliance challenges addressing enhanced auditing and reporting, and designing and creating your own self-care/self-registration application environment that embraces external users and business partners offering fine-tuned workflow options and lifecycle management capabilities. The powerful features and extensions of IBM Tivoli Identity Manager are opening doors into a world of advanced design and customization for every identity management challenge you might encounter. Please note that the additional material referenced in the text is not available from IBM.

Don’t be fooled by the name; IBM Tivoli Directory Integrator integrates anything, and it is not in any way limited to directories. It is a truly generic data integration tool that is suitable for a wide range of problems that usually require custom coding and significantly more resources to address with traditional integration tools. This IBM Redbooks publication shows you how Directory Integrator can be used for a wide range of applications utilizing its unique architecture and unparalleled flexibility. We discuss the business context for this evolutionary data integration and tell you how to architect and design an enterprise data synchronization approach. By telling you everything about Directory Integrator’s component structure and then applying all the techniques in two comprehensive business scenarios, we build a formidable base for your own data integration and synchronization projects. This book is a valuable resource for security administrators and architects who want to understand and implement a directory synchronization project. Please note that the additional material referenced in the text is not available from IBM.

This IBM Redbooks publication is a study guide for IBM Tivoli Access Manager for e-business Version 6 and is meant for those who want to achieve IBM Certifications for this specific product. The IBM Tivoli Access Manager for e-business Certification, offered through the Professional Certification Program from IBM, is designed to validate the skills required of technical professionals who work in the implementation of the IBM Tivoli Access Manager for e-business Version 6 product. This book provides a combination of theory and practical experience needed for a general understanding of the subject matter by discussing the planning, installation, configuration and customization, programming, auditing and troubleshooting of Access Manager for e-business solutions. It also provides sample questions that will help in the evaluation of personal progress and provide familiarity with the types of questions that will be encountered in the exam. This publication does not replace practical experience, nor is it designed to be a stand-alone guide for any subject. Instead, it is an effective tool which, when combined with education activities and experience, can be a very useful preparation guide for the exam.

Mastering IBM Tivoli Access Manager is a very important factor in successfully deploying contemporary e-business solutions. Access Manager is the key element in an e-business security framework that needs thorough understanding to achieve maximum security, functionality, and performance. Based on expandable security policies for users, groups, and protected resources, Tivoli Access Manager manages authentication and authorization for application servers, Web sites, and virtually any other resource that requires protection, including custom-written applications. This IBM Redbooks publication describes how to build an integrated enterprise business portal with Tivoli Access Manager Version 4.1, WebSphere Portal, mySAP Workplace, and the SAP Enterprise Portal. It also describes how to implement a federated single sign-on solution within a Web Services scenario. This book is partitioned into general and customer scenario based sections. This book is a valuable resource for security administrators and architects who wish to understand and implement a centralized security infrastructure. Please note that the additional material referenced in the text is not available from IBM.

Mastering the IBM Tivoli Access Manager is the most important factor for successfully deploying contemporary e-business solutions. Access Manager is the key element in an e-business security framework that needs thorough understanding to achieve maximum security, functionality, and performance. Based on expandable security policies for users, groups, and protected resources, the Tivoli Access Manager manages the authentication and authorization to application servers, Web sites, and virtually any other resource that requires protection, including custom-written applications. This IBM Redbooks publication explains the planning steps and describes how to build multi-level enterprise business portals with the new Tivoli Access Manager Version 3.9. It also discusses high-availability scenarios and platform coverage for various involved components like Web servers, registries, and Access Manager management components. It shows the integration of Access Manager into the IBM WebSphere Application Server, IBM WebSphere Everyplace Suite, BEA WebLogic application server, Siebel, and other products. This book is a valuable resource for security administrators and architects who wish to understand and implement a centralized security infrastructure.