NetIQ Access Manager 4.2 Service Pack 2 Security Guide

We are a global, enterprise software company, with a focus on the three persistent challenges in your environment: Change, complexity and risk—and how we can help you control them.

Our Viewpoint

Adapting to change and managing complexity and risk are nothing new

In fact, of all the challenges you face, these are perhaps the most prominent variables that deny you the control you need to securely measure, monitor, and manage your physical, virtual, and cloud computing environments.

Enabling critical business services, better and faster

We believe that providing as much control as possible to IT organizations is the only way to enable timelier and cost effective delivery of services. Persistent pressures like change and complexity will only continue to increase as organizations continue to change and the technologies needed to manage them become inherently more complex.

Our Philosophy

Selling intelligent solutions, not just software

In order to provide reliable control, we first make sure we understand the real-world scenarios in which IT organizations like yours operate — day in and day out. That's the only way we can develop practical, intelligent IT solutions that successfully yield proven, measurable results. And that's so much more rewarding than simply selling software.

Driving your success is our passion

We place your success at the heart of how we do business. From product inception to deployment, we understand that you need IT solutions that work well and integrate seamlessly with your existing investments; you need ongoing support and training post-deployment; and you need someone that is truly easy to work with — for a change. Ultimately, when you succeed, we all succeed.

Our Solutions

  • Identity & Access Governance

  • Access Management

  • Security Management

  • Systems & Application Management

  • Workload Management

  • Service Management

Contacting Sales Support

For questions about products, pricing, and capabilities, contact your local partner. If you cannot contact your partner, contact our Sales Support team.

Worldwide:

www.netiq.com/about_netiq/officelocations.asp

United States and Canada:

1-888-323-6768

Email:

info@netiq.com

Website:

www.netiq.com

Contacting Technical Support

For specific product issues, contact our Technical Support team.

Worldwide:

www.netiq.com/support/contactinfo.asp

North and South America:

1-713-418-5555

Europe, Middle East, and Africa:

+353 (0) 91-782 677

Email:

support@netiq.com

Website:

www.netiq.com/support

Contacting Documentation Support

Our goal is to provide documentation that meets your needs. The documentation for this product is available on the NetIQ webs site in HTML and PDF formats on a page that does not require you to log in. If you have suggestions for documentation improvements, click comment on this topic at the bottom of any page in the HTML version of the documentation posted at www.netiq.com/documentation. You can also email Documentation-Feedback@netiq.com. We value your input and look forward to hearing from you.

Contacting the Online User Community

NetIQ Communities, the NetIQ online community, is a collaborative network connecting you to your peers and NetIQ experts. By providing more immediate information, useful links to helpful resources, and access to NetIQ experts, NetIQ Communities helps ensure you are mastering the knowledge you need to realize the full potential of IT investments upon which you rely. For more information, visit http://community.netiq.com.

About this Book and the Library

The Security Guide is intended to help Access Manager administrators, designers, and implementers with several configuration guidelines. These guidelines can be used for enhancing the security of an Access Manager environment. The first half of the guide focuses on tasks for configuring the Access Manager components along with examples and references. The remaining part of the guide provides additional information about the important concepts described in prior sections.

It is recommended that the administrators frequently consult the product documentation (listed in “Other Information in the Library”), Access Manager TIDS, Cool Solutions, and keep up to date on patches and versions of both Access Manager and the host operating system.

Intended Audience

This book is intended for Access Manager administrators. It is assumed that you have knowledge of evolving Internet protocols, such as:

  • Extensible Markup Language (XML)

  • Simple Object Access Protocol (SOAP)

  • Security Assertion Markup Language (SAML)

  • Public Key Infrastructure (PKI) digital signature concepts and Internet security

  • Secure Socket Layer/Transport Layer Security (SSL/TLS)

  • Hypertext Transfer Protocol (HTTP and HTTPS)

  • Uniform Resource Identifiers (URIs)

  • Domain Name System (DNS)

  • Web Services Description Language (WSDL)

Other Information in the Library