Architecture - TAM - Webseal concepts

The simple idea of TAM Webseal acting as a reverse proxy is to protect your website and sections of it.
Among many other functions, Tivoli Directory Server is able to:

  • design architecture including LDAP structure and communicaiton in clustered, High Availability setup;
  • check requirements;
  • configure OS and tune parameters;
  • install DB2, LDAP and clients;
  • load testing and functional testing.

Some high level tasks to setup the TAM/Webseal solution include, but are not limited to:

  • check requirements;
  • configure OS;
  • configure firewall rules for DMS and TAM components;
  • install TAM - policy server, webseal, SMS server;
  • install latest updates;
  • configure TAM to use LDAP;
  • configure LDAP groups and users, map users to groups;
  • configure TAM/Webseal instance;
  • configure mapping of LDAP groups for Webseal group;
  • attach the Webseal Group to ACL;
  • define junctions (protected contexts of your websites);
  • attach the ACL to the junction or protected object under junction;
  • configure SSO, in case there are multiple websites;
  • setup protection of IP based objects;
  • setup automation of provisioning of new services;
  • setup self-service so yours can reset passwords;
  • test and load test of solution;
  • development (TAM adapter for Tomcat, TAM interceptor for WebSphere or Portal);
  • implement 247ON TAM Password Reset Module;
  • customize WebSeal login screen;
  • implement Session Management instances (using WebSphere Xscale Object Grid);
  • upgrade TAM and WebSeal;
  • troubleshoot and design security requirments for Web.