Each product activation on the IBM® Security Access Manager appliance offers different features. Consider the needs of your environment to determine which products to activate.
- No product activations
- When no products are activated, the IBM Security Access Manager appliance provides the IBM Security Access Manager Runtime and Web Portal Manager. You can install and manage the IBM Security Access Manager Policy Server on the base appliance.
- IBM Security Access Manager for Web
- IBM Security Access Manager customers
can use an IBM Security Access Manager for Web appliance to
secure web applications. To use the web security features, you must
activate IBM Security Access Manager for Web.
This product activation includes the following key components:
- WebSEAL
- WebSEAL is a high performance, multi-threaded Web server that
applies fine-grained security policy to the IBM Security Access Manager protected
web object space. WebSEAL can provide single signon solutions and
incorporate back-end web application server resources into its security
policy.
For more information about WebSEAL, see the Configuring topics in the Knowledge Center.
- Front-end load balancer
- Optimizes resource use and ensures high availability of services.
The front-end load balancer accepts requests from clients and determines
which backend server is the most suitable to handle the request. It
forwards each request to the appropriate server. The front-end load
balancer provides persistence for existing sessions.
For more information, see the front-end load balancer topics in the Administering topics in the IBM Security Access Manager for Web Knowledge Center..
- Web application firewall
- Helps protect your web servers from malicious traffic and blocks attempts to compromise the system. For more information about configuring the web application firewall, search for 'web application firewall' in the Administering topics in the IBM Security Access Manager for Web Knowledge Center.
- Authorization server
- Provides access to the authorization service for third-party applications
that use the IBM Security Access Manager authorization
API in remote cache mode. The authorization server also acts as a
logging and auditing collection server to store records of server
activity.
For more information about the authorization service, search for 'Security Access Manager authorization service' in the 'Administering the Security Access Manager Base' topics in the IBM Security Access Manager for Web Knowledge Center.
- IBM Security Access Manager for Mobile
- IBM Security Access Manager customers
can use an IBM Security Access Manager for Mobile appliance to
secure mobile transactions. To use the mobile security capabilities,
you must activate IBM Security Access Manager for Mobile.
This product activation includes the following features:
- Context-based access and an authentication service framework
- Provides enhanced authentication assurance, context-based access control, and protection from web-based threats.
- API protection
- IBM Security Access Manager for Mobile uses the OAuth protocol, which provides API protection for native mobile and other API-based applications.
- WebSEAL
- The IBM Security Access Manager for Mobile appliance includes
WebSEAL so that the appliance can operate as a stand-alone system
with an internal WebSEAL server.
You can use the isamcfg tool to configure WebSEAL as the point of contact and policy enforcement point for risk-based access.
For more information about the capabilities of IBM Security Access Manager for Mobile, see the product documentation in the latest IBM Security Access Manager for Mobile Information Center at http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/index.jsp.
While this product activation does include many of the web components, it does not include the front-end load balancer, web application firewall, or authorization server. For these services, you must activate IBM Security Access Manager for Web.
Figure 1 summarizes the key features of the different product activation levels.
Regardless of the activation level, the IBM Security Access Manager Runtime environment is available. The IBM Security Access Manager for Mobile product activation includes features to protect mobile access to applications and services. The IBM Security Access Manager for Web product activation includes features to secure web applications. WebSEAL is a common feature of both IBM Security Access Manager for Web and IBM Security Access Manager for Mobile.