NetIQ Access Manager Appliance 4.3 Administration Guide
- NetIQ Access Manager Appliance 4.3 Administration Guide
- Overview
- How Access Manager Appliance Solves Business Challenges
- How Access Manager Appliance Works
- Access Manager Appliance Components and Their Features
- Language Support
- Configuring Access Manager
- Configuring Administration Console
- Configuring the Default View
- Managing Administration Console Session Timeout
- Managing Administrators
- Changing the IP Address of Access Manager Appliance
- Changing the DNS Name of Access Manager Appliance
- Setting Up a Basic Access Manager Appliance Configuration
- Understanding Access Manager Appliance Process Flow
- Prerequisites for Setup
- Setting up User Stores for Identity Server Configuration
- Identity Servers Cluster
- Configuring Identity Server Shared Settings
- Configuring Access Gateway
- Access Gateways Clusters
- Protecting Web Resources Through Access Gateway
- Configuring Trusted Providers for Single Sign-On
- Configuring Single Sign-On to Specific Applications
- Sample Configuration for Protecting an Application Through Access Manager Appliance
- Setting Up an Advanced Access Manager Configuration
- Identity Server Advanced Configuration
- Access Gateway Server Advance Configuration
- Access Gateway Content Settings
- Access Gateway Advanced Options
- Analytics Server Configuration
- Modifying Configuration Files
- Configuring Authentication
- Local Authentication
- Federated Authentication
- Advanced Authentication
- Social Authentication
- Risk-based Authentication
- Device Fingerprinting
- How It Works
- Understanding Device Fingerprint Parameters
- Configuring a Device Fingerprint Rule
- Configuring an Example Device Fingerprint Policy
- Enabling Mobile and Web Access
- User Requirements for MobileAccess
- Configuring Appmarks
- Configuring MobileAccess
- Helping Users Register Their Mobile Devices
- Installing MobileAccess on a Mobile Device
- Understanding the MobileAccess PIN
- Managing Mobile Devices
- Changing the Branding of the User Portal Page
- Access Manager Policies
- Understanding Policies
- Role Policies
- Authorization Policies
- Identity Injection Policies
- Form Fill Policies
- External Attribute Source Policies
- Risk-based Policies
- High Availability and Fault Tolerance
- Installing Secondary Versions of Access Manager Appliance
- Configuration Tips for the L4 Switch
- Setting up L4 Switch for IPv6 Support
- Using a Software Load Balancer
- Security And Certificates
- Securing Access Manager
- Securing Administration Console
- Protecting the Configuration Store
- Security Considerations for Certificates
- Configuring Secure Communication on Identity Server
- Security Considerations for Identity Server
- Enabling Secure Cookies
- Preventing Cross-site Scripting Attacks
- Setting Up Advanced Session Assurance
- Understanding Access Manager Certificates
- Process Flow
- Creating Certificates
- Creating a Locally Signed Certificate
- Editing the Subject Name
- Assigning Alternate Subject Names
- Generating a Certificate Signing Request
- Importing a Signed Certificate
- Managing Certificates and Keystores
- Viewing Certificate Details
- Renewing a Certificate
- Exporting a Private/Public Key Pair
- Exporting a Public Certificate
- Importing a Private/Public Key Pair
- Using Multiple External Signing Certificates
- Assigning Certificates to Access Manager Appliance
- Managing Trusted Roots and Trust Stores
- Managing Trusted Roots
- Viewing External Trusted Roots
- Enabling SSL Communication
- Enabling SSL Communication
- Using SSL on Access Manager Appliance Communication Channels
- Prerequisites for SSL
- Configuring SSL Communication with Browsers and Access Gateway
- Configuring SSL between the Proxy Service and the Web Servers
- Configuring the SSL Communication
- Maintaining Access Manager
- Analytics Dashboard
- Advantages of Using Analytics Dashboard
- Architecture
- Who Can Access Analytics Dashboard
- Prerequisites
- Enabling Events for Each Graph
- Viewing Data in Analytics Dashboard
- Types of Graphs
- Accessing Analytics Dashboard
- Managing Analytics Dashboard
- Auditing
- Enabling Auditing
- Enabling Identity Server Audit Events
- Enabling Access Gateway Audit Events
- Reporting
- Overview
- Using Reporting with Sentinel
- Using Reporting with Analytics Server
- Enabling Reporting
- Generating Reports in Sentinel
- Logging
- Understanding the Types of Logging
- Understanding the Log Format
- Identity Server Logging
- Access Gateway Logging
- Downloading Log Files
- Turning on Logging for Policy Evaluation
- Monitoring Component Statistics
- Identity Server Statistics
- Access Gateway Statistics
- Component Statistics Through REST APIs
- Monitoring Component Command Status
- Viewing the Command Status of Identity Server
- Viewing the Command Status of Access Gateway
- Viewing the Command Status of the Analytics Server
- Reviewing the Command Status for Certificates
- Monitoring Server Health
- Health States
- Monitoring Health by Using the Hardware IP Address
- Monitoring Health of Identity Servers
- Monitoring the Health of Access Gateways
- Monitoring the Health of Analytics Server
- Monitoring Alerts
- Monitoring Identity Server Alerts
- Monitoring Access Gateway Alerts
- Monitoring Analytics Server Alerts
- Monitoring Access Manager By Using Simple Network Management Protocol
- SNMP Architecture in Access Manager
- Features of Monitoring in Access Manager
- Using the Default MIB File with External SNMP Systems
- Querying For SNMP Attributes
- Installing and Enabling Monitoring for Access Manager Components
- Impersonation
- Impersonation Terminology
- Prerequisites
- Enabling Impersonation
- Impersonation Flow
- Implementing Impersonation in Custom Portal Pages
- Audit Event for Impersonation
- Troubleshooting
- Back Up and Restore
- How The Backup and Restore Process Works
- Backing Up the Access Manager Appliance Configuration
- Restoring the Access Manager Appliance Configuration
- Code Promotion
- How Code Promotion Helps
- Sequence of Promoting the Configuration Data
- Prerequisites
- Limitations
- Configuring Custom File Paths
- Exporting the Configuration Data
- Importing the Configuration Data
- Troubleshooting Code Promotion
- Troubleshooting
- Troubleshooting Administration Console
- Troubleshooting Access Gateway
- Troubleshooting Identity Server and Authentication
- Troubleshooting Analytics Server
- Troubleshooting Certificate Issues
- Troubleshooting Access Manager Policies
- Troubleshooting MobileAccess
- Troubleshooting Code Promotion
- Troubleshooting the Device Fingerprint Rule
- Troubleshooting Advanced Session Assurance
- Troubleshooting OAuth and OpenID Connect
- Troubleshooting User Attribute Retrieval and Transformation
- Troubleshooting Impersonation
- Troubleshooting Branding
- Using Log Files for Troubleshooting
- Access Manager Audit Events and Data
- Event Codes
- Appendix
- Data Model Extension XML
- Elements
- Writing Data Model Extension XML
- SOAP versus REST API
- OAuth versus Other Protocols
- Access Manager Reports Samples
- Application Access Summary Report
- User Application Access Summary Report
- Application Specific User Access Report
- Federation Summary Report
- User Login Contract Summary Report
- User Login Failure Report
- Application Specific Risk based Authentication Report
- Legal Notice