Each product activation on the IBM® Security Access Manager appliance offers
different features. Consider the needs of your environment to determine
which products to activate.
- No product activations
- When no products are activated, the IBM Security Access Manager appliance provides
the IBM Security Access Manager Runtime
and Web Portal Manager. You can install and manage the IBM Security Access Manager Policy
Server on the base appliance.
- IBM Security Access Manager for Web
- IBM Security Access Manager customers
can use an IBM Security Access Manager for Web appliance to
secure web applications. To use the web security features, you must
activate IBM Security Access Manager for Web.
This product activation includes the following key components:
- WebSEAL
- WebSEAL is a high performance, multi-threaded Web server that
applies fine-grained security policy to the IBM Security Access Manager protected
web object space. WebSEAL can provide single signon solutions and
incorporate back-end web application server resources into its security
policy.
For more information about WebSEAL, see the Configuring
topics in the Knowledge Center.
- Front-end load balancer
- Optimizes resource use and ensures high availability of services.
The front-end load balancer accepts requests from clients and determines
which backend server is the most suitable to handle the request. It
forwards each request to the appropriate server. The front-end load
balancer provides persistence for existing sessions.
For more information,
see the front-end load balancer topics in the Administering topics
in the IBM Security Access Manager for Web Knowledge Center..
- Web application firewall
- Helps protect your web servers from malicious traffic and blocks
attempts to compromise the system. For more information about configuring
the web application firewall, search for 'web application firewall'
in the Administering topics in the IBM Security Access Manager for
Web Knowledge Center.
- Authorization server
- Provides access to the authorization service for third-party applications
that use the IBM Security Access Manager authorization
API in remote cache mode. The authorization server also acts as a
logging and auditing collection server to store records of server
activity.
For more information about the authorization service,
search for 'Security Access Manager authorization service' in the
'Administering the Security Access Manager Base' topics in the IBM
Security Access Manager for Web Knowledge Center.
- IBM Security Access Manager for Mobile
- IBM Security Access Manager customers
can use an IBM Security Access Manager for Mobile appliance to
secure mobile transactions. To use the mobile security capabilities,
you must activate IBM Security Access Manager for Mobile.
This product activation includes the following features:
- Context-based access and an authentication service framework
- Provides enhanced authentication assurance, context-based access
control, and protection from web-based threats.
- API protection
- IBM Security Access Manager for Mobile uses
the OAuth protocol, which provides API protection for native mobile
and other API-based applications.
- WebSEAL
- The IBM Security Access Manager for Mobile appliance includes
WebSEAL so that the appliance can operate as a stand-alone system
with an internal WebSEAL server.
You can use the isamcfg tool
to configure WebSEAL as the point of contact and policy enforcement
point for risk-based access.
For more information about the capabilities of IBM Security Access Manager for Mobile,
see the product documentation in the latest IBM Security Access Manager for Mobile Information
Center at http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/index.jsp.
While
this product activation does include many of the web components, it
does not include the front-end load balancer, web application firewall,
or authorization server. For these services, you must activate IBM Security Access Manager for Web.
Figure 1 summarizes
the key features of the different product activation levels.
Figure 1. Product activations
on the IBM Security Access Manager
appliance
Regardless of the activation level, the IBM Security Access Manager Runtime
environment is available. The IBM Security Access Manager for Mobile product
activation includes features to protect mobile access to applications
and services. The IBM Security Access Manager for Web product
activation includes features to secure web applications. WebSEAL is
a common feature of both IBM Security Access Manager for Web and IBM Security Access Manager for Mobile.