 |
|
|
|
|
|
IBM Framework for e-business
This paper reviews the business requirements for e-business security, and then discusses how these requirements are addressed by the technologies and products that comprise the security services for the IBM Framework for e-business.
|
|
Articles |
|
01 Nov 1999 |
|
| |
Software security for developers: One-time pads
In this installment, Gary and John examine the one-time pad, which, if used properly, is an unbreakable encryption algorithm. The one-time pad has proven popular with spies, and its history predates World War II -- but does it actually make sense for real software applications?
|
|
Articles |
|
01 Oct 2000 |
|
| |
Software security principles: Part 4
This time around, Gary McGraw and John Viega show you how simplicity is more important when it comes to security than most people suspect. They'll also discuss privacy concerns; giving out too much information can ruin you.
|
|
Articles |
|
01 Dec 2000 |
|
| |
On the lookout for dsniff: Part 1
Sniffer programs are a data interception technology that increase the risk of so-called "man-in-the-middle" attacks, and with the recent release of dsniff 2.3, security specialists need to be more aware of it than ever. In this installment, part 1 of a two-parter, Larry Loeb takes a look at what makes this network probing tool tick, and how to recognize if you're being "sniffed."
|
|
Articles |
|
01 Jan 2001 |
|
| |
Easing the PAIN
This article discusses the four security risks that must be addressed to assure the safety of e-business transactions and associated data. These four risks -- privacy, authentication, integrity, and non-repudiation -- can be remembered with the abbreviation PAIN. This article explores how public-key infrastructure (PKI) can be used to address each of these risks.
|
|
Articles |
|
01 Feb 2001 |
|
| |
On the lookout for dsniff: Part 2
Larry Loeb concludes this series with some tools and strategies for fighting sniffers.
|
|
Articles |
|
01 Feb 2001 |
|
| |
Introduction to cryptography, Part 1: The broad view
Curiosity about other people's business and the hiding of information are characteristic of all human societies. With the advent of computing power and the development of advanced mathematical techniques, systems have become extremely sophisticated and it's now possible to construct ciphers that are effectively impossible to break. The algorithms used to encrypt and decrypt data fall into the two categories: secret key, or symmetric, cryptography where the same key is used for both processes; and public key, or asymmetric, cryptography where one key is used to encrypt and another to decrypt. Now just as important as information hiding is identifying senders, authentication, and non-repudiation. This article looks in broad detail at cryptography. Specific issues will be examined in more detail in upcoming articles in this series.
|
|
Articles |
|
01 Mar 2001 |
|
| |
Introduction to cryptography, Part 7: Contents and resource list
This article summarizes the contents in the "Introduction to cryptography" series and includes a glossary of terms.
|
|
Articles |
|
01 Mar 2001 |
|
| |
Introduction to cryptography, Part 5: Practical applications
Cryptography may be an interesting intellectual exercise, but its ultimate value lies in being deployed to facilitate secure communication of known integrity or to protect or control access in various ways. Different methods can be combined, as is the case with the widely used program PGP. Digital signatures, despite some concerns about their use, can be a useful means of confirming identity. Covert methods, specifically steganography, may sometimes be useful. Increasing use is being made of smartcards and of biometric techniques both as replacements for and in conjunction with conventional cryptosystems. Meanwhile, the growth in electronic transmission of value is a very important area so far as the deployment of cryptography is concerned.
|
|
Articles |
|
01 Mar 2001 |
|
| |
Introduction to cryptography, Part 6: Miscellaneous issues
Properly constructed ciphers with strong keys of adequate length, securely protected, are now effectively unbreakable. However, vulnerabilities still exist and in the case of asymmetric cryptography, it's important to know that a public key is genuine. A digital certificate can confirm this, although this is not absolute, depending instead on trust at some level. In addition, there are cases where special forms of signature are needed, perhaps allowing signing without viewing the content, or where one person needs to confirm to another, without revealing content, that he knows something secret. The exact time when something was signed digitally may need to be verified and this can be handled through digital timestamping.
|
|
Articles |
|
01 Mar 2001 |
|
| |
Introduction to cryptography, Part 4: Cryptography on the Internet
The Internet introduces a whole new raft of vulnerabilities. Organizations or individuals with whom you're communicating may be unknown or may be masquerading as someone else. Without getting paranoid about such issues, it's necessary to take suitable precautions against loss occasioned in various ways, whether by diversion of funds, the consequences of faulty authentication, loss of confidential information, repudiation of contracts and so on. Cryptography is central to managing this new level of risk, and this feature introduces some of the protocols and related mechanisms that are of particular relevance to Internet activity, including e-mail.
|
|
Articles |
|
01 Mar 2001 |
|
| |
Introduction to cryptography, Part 3: Asymmetric cryptography
The security afforded by asymmetric cryptosystems depends on mathematical problems that are difficult to solve, such as factoring large integers into primes. Public key systems use two keys such that one key, the public key, can be used to encrypt some text that can then only be decrypted using the securely-held private key. Alternatively, the private key can be used to encrypt some information that anyone with access to the widely-available corresponding public key can decrypt, so satisfying themselves that the message was generated by the holder of the private key.
|
|
Articles |
|
01 Mar 2001 |
|
| |
Introduction to cryptography, Part 2: Symmetric cryptography
Symmetric cryptography, otherwise known as secret key cryptography, has been in use for thousands of years in forms ranging from simple substitution ciphers to more complex constructions. However, developments in mathematics and the growth of computing power have made it possible to create ciphers that are effectively unbreakable. Symmetric systems are generally very fast but are vulnerable so that the key used to encrypt must be shared with whomever needs to decrypt the message. The IBM-developed cipher DES has been very widely used but is now at the end of its useful life and is due for replacement. Whatever cipher developers use in their applications, it's important to consider the methods used, to recognize the trade-offs that occur and to plan for a future with more powerful computer systems.
|
|
Articles |
|
01 Mar 2001 |
|
| |
IPSec simplified
IPSec is one of the most powerful security tools available today, allowing users to implement security at the IP packet level. But this standard is not only powerful, it's extremely complex, and if not understood properly it can be easily misused. Here, Joe explains how IPSec works and explores the potential pitfalls that await well-meaning system administrators.
|
|
Articles |
|
01 Apr 2001 |
|
| |
Encrypting with Stunnel
Most network-aware programs should use cryptography to protect data from prying eyes but many do not, either because they are legacy applications or because Secure Sockets Layer (SSL) can be difficult to add into applications. Stunnel is a program that allows both programmers and system administrators to easily add encryption to arbitrary TCP sessions. You can SSL-enable clients and servers with ease -- and you can do so without interfering with program source.
|
|
Articles |
|
01 May 2001 |
|
| |
SKIP security
Public-Key Encryption (PKE) is now accepted as a standard and reliable means of conducting business and sending any kind of secure data across a non-secure public network such as the Internet. The Achilles' heel of PKE, however, is distribution of private keys to each communicating system. An alternative method, Simple Key management for Internet Protocols, or SKIP, works without establishing a session, and is considerably faster and slightly more secure. SKIP is currently used by fewer packaged Public-Key Infrastructure tools (PKI), but is an excellent choice for internally developed PKI.
|
|
Articles |
|
01 Aug 2001 |
|
| |
Utilising remote registry access
Accessing a machine's registry remotely is normally frowned upon; after all, would you want someone to go through your registry without your knowledge? But if done correctly, this process can serve as a powerful tool for extracting machine information and identifying potential holes in your network. Here, Brian draws on his experience with the WebSphere Business Integrator Team to describe how remote registry access allows you to extract information from multiple machines -- and identify those systems that are vulnerable to attack. Code samples are included.
|
|
Articles |
|
01 Jan 2002 |
|
| |
Lifting the covers
With hacker attacks in the news frequently these days, we all know that computer security needs to be taken seriously. While many publications exist about software that can be used to secure computer environments, very few publications exist that explain how hacker attacks are actually performed. If you are responsible for securing your company's computer environment, it's important you understand how attacks work. In this article, Michael Pichler analyzes some interesting network attacks and explains how they work. You'll see how inventive attackers can be, and you'll learn how some features included in your own software can actually be turned against you. This article is aimed at those who have some understanding of networking, but don't necessarily work in the networking field on a daily basis.
|
|
Articles |
|
01 Jun 2002 |
|
| |
Enforcing Privacy Within an Enterprise Using IBM Tivoli Privacy Manager for e-business
This paper describes how to use Privacy Manager to protect sensitive data within an enterprise. Privacy Manager allows an organization to separate the privacy policy from its applications, so that applications can enforce and audit to the policy without it having to be encoded into the applications themselves. This reduces both initial implementation costs and also longer term maintenance costs. It also improves the speed at which an organization can implement a new privacy policy.
|
|
Articles |
|
01 Jul 2002 |
|
| |
Hacking techniques
Password and user account exploitation is one of largest issues in network security. In this article Rob Shimonski will look at password cracking: the how and why of it. Rob will explain just how easy it is to penetrate a network, how attackers get in, the tools they use, and ways to combat it.
|
|
Articles |
|
01 Jul 2002 |
|
| |
Secure your Web server
This tutorial details how to "lock down" a Web server in less than an hour. It covers physical security, the importance of firewalls, correct application installation, file permissions, application configuration, and techniques that allow Web page maintainers to do their job without sacrificing system integrity.
|
|
Tutorials |
|
23 Jul 2002 |
|
| |
Create effective passwords
Passwords. These days it seems that everyone has five to 10 of these annoying creatures where a few years ago most people had maybe one or two. Today, having up to 10 passwords at a time is often the norm and it's not going to get any easier to manage them. This article looks at password usage: why it's a problem and what you can do about it. It introduces a simple system for creating secure and easy-to-remember passwords.
|
|
Articles |
|
01 Sep 2002 |
|
| |
Cross-site scripting
Cross-site scripting is a potentially dangerous security exposure that should be considered when designing a secure Web-based application. In this article, Paul describes the nature of the exposure, how it works, and has an overview of some recommended remediation strategies.
|
|
Articles |
|
01 Sep 2002 |
|
| |
Cross-site scripting
Cross-site scripting is a potentially dangerous security exposure that should be considered when designing a secure Web-based application. In this article, Paul describes the nature of the exposure, how it works, and has an overview of some recommended remediation strategies.
|
|
Articles |
|
01 Sep 2002 |
|
| |
Access Manager Policy Server Clusters
This paper describes how to use load balancing and clustering to ensure high availability and scalability for the Access Manager Policy Server. This paper includes configuration and coding examples to assist administrators in creating this environment.
|
|
Articles |
|
01 Dec 2002 |
|
| |
Intranet Single Sign-On for Windows and Tivoli Access Manager
Microsoft Windows based intranets provide the ability to use desktop credentials to sign-on to intranet infrastructure based on Microsoft Internet Information Services (IIS). This is implemented using Microsoft’s SPNEGO HTTP authentication protocol to sign-on using NTLM or Kerberos credentials. Until IBM Tivoli Access Manager for e-business (TAM) 4.1 was released there was no way to achieve the same sign-on to TAM’s WebSEAL web resource authorization engine. With TAM 4.1 this sign-on can be achieved by combining the SPNEGO sign-on capability of TAM Plugin for IIS with e-Community single sign-on capabilities of WebSEAL. This article describes in detail the configuration steps required to make this work.
|
|
Articles |
|
01 May 2003 |
|
| |
Toughen Web application security: Multiphased authentication with Tivoli Access Manager
Carelessly chosen passwords have made many password-protected systems vulnerable to outside attack. This tutorial shows you how you can use Tivoli Access Manager WebSEAL to build a multiphased authentication system that locks Web applications down more tightly. The tutorial includes sample C code that you can use as a basis for your own applications.
|
|
Tutorials |
|
01 May 2003 |
|
| |
Real-time Web site data collection: Analyzing high-traffic sites with Tivoli Web Site Analyzer
Do you have a high-traffic Web site and need to analyze the viewing habits of your visitors? You may have noticed that it is difficult to keep up with data volume and need more timely access to data than you can get by using logs and batch processing. In this tutorial, you'll learn how to implement a dynamic page-level data capture method using Tivoli Web Site Analyzer's Web Tracker. Web Tracker collects data in real time from visitors as they use a Web site and returns it to the database for immediate processing. This method allows you to gather information on Web site visitor behavior and the client (browser) environment which is not available through standard Web log processing.
|
|
Tutorials |
|
06 May 2003 |
|
| |
Secure your Web resources: Integrating WebSphere and Tivoli Access Manager
This tutorial steps you through three WebSphere Application Server/Tivoli Access Manager integration scenarios. You'll learn how to share the user registry, and to protect Web resources with WebSEAL via both LTAP and TAI. Setup and configuration details are provided for testing and configuring all the scenarios in the tutorial.
|
|
Tutorials |
|
29 May 2003 |
|
| |
Installing Tivoli Access Manager on Linux
Linux is quickly becoming a dominant platform for e-business and enterprise applications. The recent release of Fixpack 2 for IBM Tivoli Access Manager recognized this fact by adding support for Linux on the Intel platform. In this tutorial, you'll learn how to install and configure IBM Tivoli Access Manager on Linux. You'll also walk through some simple steps that will test your installation, including the creation of a WebSEAL junction.
|
|
Tutorials |
|
08 Aug 2003 |
|
| |
User provisioning with Tivoli Identity Manager
The process of creating user accounts and permissions for employees on a diverse array of systems can potentially consume much of an IT department's time and resources. In this tutorial, you'll learn how IBM Tivoli Identity Manager, working in conjunction with other Tivoli products, can help streamline this user provisioning process. You'll build a sample application that automatically creates user accounts with appropriate permissions based on data entered into a human resources database. The resulting environment also helps the establishment of single sign-on authentication for the newly provisioned users.
|
|
Tutorials |
|
12 Sep 2003 |
|
| |
ITM resource model creation
IBM Tivoli Monitoring (ITM) is a powerful environment that gives you the ability to monitor virtually any type of resource. This tutorial shows you how easily you can build custom monitoring capabilities into ITM using the ITM Resource Model Builder. Resource Models provide a structured environment to provide resource status analysis, notification of significant events, and even automatic corrective measures. ITM Resource Model Builder is an IDE that simplifies the process of creating and debugging Resource Models.
|
|
Tutorials |
|
22 Sep 2003 |
|
| |
Model for Self-Managing Java Server
Autonomic computing systems are capable of managing themselves in today's environment. Four main aspects of self-managed systems are self configuration, self healing, self optimization, and self protection. This article describes the Model for Self-Managing Java Server, which will be a working model of a non-stopping Java technology-based server (a Web server or application server, and so on). The server has the self configuration and self healing aspects of an autonomic computing self-managed server.
|
|
Articles |
|
09 Dec 2003 |
|
| |
IBM WebSphere Developer Technical Journal: Using the WebSphere V5.0 Trust-association Interceptor with IBM Tivoli Access Manager for e-Business WebSEAL V4.1
This article describes how to enable a security proxy server to be trusted by WebSphere Application Server using TAI for the WebSEAL reverse proxy security server in IBM Tivoli Access Manager for e-business.
|
|
Articles |
|
10 Dec 2003 |
|
| |
Understand autonomic maturity levels
Five different levels of maturity exist within the autonomic computing model from IBM. This article introduces and details these levels and evaluates the potential impact of this maturation process on key specific areas of Information Technology (IT).
|
|
Articles |
|
18 Feb 2004 |
|
| |
Create an administrative suite
The Integrated Solutions Console is a single platform for consolidating all administrative console functions (setup, configuration, monitoring, and control) for server, software, and storage products. In this tutorial, you learn how you can use the Integrated Solutions Console to administer different products using a single Web-based console. The tutorial details the dependencies required to successfully run a deployed component and describes the mechanism for controlling access to the components. Finally the tutorial reviews the process for creating an Integrated Solutions Console component that performs administrative functions.
|
|
Tutorials |
|
19 Feb 2004 |
|
| |
Help in the Integrated Solutions Console
This article takes you through the features of a common help framework for Web-based applications that are deployed to the IBM Integrated Solutions Console Version 5.0.1. It explains how the Integrated Solutions Console Toolkit supports the development and deployment of online user assistance for administrative components. Examples of help screens for Integrated Solutions Console components at each level are shown, as well as a brief treatment of how they are created and packaged using the WebSphere Portal, WebSphere Studio Application Developer, and WebSphere Studio Device Developer after successfully installing the Console Toolkit.
|
|
Articles |
|
20 Feb 2004 |
|
| |
Self-optimizing storage allocation: Using Tivoli Storage Resource Manager with ESS
With applications and data consuming growing amounts of space, and storage administrative staff spends an increasing amount of time allocating new storage. Tivoli Storage Resource Manager and ESS deliver self-optimizing capabilities with their LUN provisioning capabilities, which can extend file systems and provision LUNs as new storage is needed. The intent with this automation in place, is to spend less time allocating storage and more time actively managing storage. This tutorial describes the automation options offered by ESS and IBM Tivoli Storage Resource Manager.
|
|
Tutorials |
|
24 Feb 2004 |
|
| |
Understand problem determination
IBM has put immense effort into the drive toward autonomic computing systems -- that is, systems that are self-optimizing, self-healing, self-protecting, and self-configuring. This tutorial looks at the fundamental issue of problem determination and what it takes to transform this from a human process to an autonomic one. The tutorial describes the state of problem determination today, looks at what logging options exist, and shows how events can be recognized as part of larger situations. It also describes the Common Base Events and provides an autonomic computing example.
|
|
Tutorials |
|
02 Mar 2004 |
|
| |
Installation of IBM Directory Server Web Administration tool into existing WebSphere Application Server V5.0.x
If you have existing WAS 5.0.x on your system and you don't want to install WAS Express which comes with Tivoli Directory Server 5.x, this paper explains how to install webadmin tool in to existing WAS and use webadmin tool instead of having another instance of WAS on your system.
|
|
Articles |
|
15 Mar 2004 |
|
| |
Hello Autonomic Computing!
Autonomic computing architecture is a range of software technologies that enable you to build an information infrastructure that can, to lesser and greater degrees, manage itself, saving countless hours (and dollars) in human management. And all this without giving up control of the system. This tutorial explains the concepts behind autonomic computing and looks at the tools at your disposal for making it happen -- today.
|
|
Tutorials |
|
07 Apr 2004 |
|
| |
Enable a help system within the Integrated Solutions Console
This article discusses how the Eclipse help infocenter is integrated with the Integrated Solutions Console run time. Using a downloadable sample file, you'll step through the complete cycle of creating a help plug-in, creating help links for the Integrated Solutions Console components, and packaging the plug-in in the console component .war file.
|
|
Articles |
|
04 May 2004 |
|
| |
Develop a custom agent for IBM Tivoli Identity Manager with IBM Tivoli Directory Integrator
This article assists developers and integrators in connecting new applications to IBM Tivoli Identity Manager (Identity Manager). The ability to use IBM Tivoli Directory Integrator as an Identity Manager Version 4.5 custom agent simplifies agent development and increases the ability to centrally manage identities. This article walks you through the necessary development and configuration steps, while demonstrating the overall account provisioning's life cycle.
|
|
Articles |
|
26 May 2004 |
|
| |
Understand the Autonomic Management Engine
The idea of an autonomic computing system is attractive -- who wouldn't want a system that knows what to look for, and what to do if it finds it? But, building one from scratch is too much of an undertaking for most shops. Fortunately, the Autonomic Management Engine simplifies the process. This tutorial explains how AME works and shows you how to embed it into one of your own applications.
|
|
Tutorials |
|
01 Jun 2004 |
|
| |
Model your data center: Using Tivoli to simplify your on demand operating environment
This tutorial provides an overview of IBM Tivoli Intelligent ThinkDynamic Orchestrator and describes the data center model, a virtual model of your data center. This tutorial introduces you to the product, along with some of the end-to-end concepts and the relationships that exist within the data center. You'll see two different ways to set up a data center model with Tivoli Intelligent ThinkDynamic Orchestrator: by using the graphical interface, and by importing structured XML documents.
|
|
Tutorials |
|
08 Jun 2004 |
|
| |
Create a resource model for use with the Autonomic Management Engine
The tutorial demonstrates the basics of creating a model, testing a resource model, packaging the model, and deploying the model. It also discusses specific concepts and considerations about creating and developing resource models as well as using the Autonomic Management Engine's command-line interface to manage a resource model you have created.
|
|
Tutorials |
|
09 Jun 2004 |
|
| |
Automate software release management and deployment
The development of software applications is an evolutionary process, moving towards some predetermined end goals. These goals are usually in the form of a release, either internal or external, to deliver a set of required functionality. Software release management is often a manual and laborious process and consequently, sometimes error prone. In this tutorial you will learn how to use IBM Rational ClearCase, ClearQuest, and Unified Change Management to automate the construction and documentation of releases. You'll also learn how to use IBM Tivoli Configuration Manager to transition (deploy) the releases.
|
|
Tutorials |
|
09 Jun 2004 |
|
| |
Using the Generic Log Adapter with the Log and Trace Analyzer
This tutorial introduces you to the Generic Log Adapter, which converts text-based logs to the Common Base Events format for use with autonomic computing tools such as the Log and Trace Analyzer. You will see how to use the Eclipse IDE to create adapters and then use them to transform the logs. You will also see the role of the GLA in preparing logs for use by the Log and Trace Analyzer (LTA). The LTA and its symptom database provide the ability to diagnose situations reported in the log and recommend a solution based on past experience.
|
|
Tutorials |
|
15 Jun 2004 |
|
| |
Create a simple resource model for processing Common Base Events from a file
This article describes how to create a simple resource model for processing Common Base Events that are stored in a file. First, it describes how to build a new resource model management project that can read Common Base Events. It then shows how to modify the decision tree script associated with this resource model to add trace statements to validate that the Common Base Events are being passed to the resource model. Finally, it demonstrates how to export the resource model as an AME package and how to deploy and test this package on AME using a simple logfile containing Common Base Events.
|
|
Articles |
|
15 Jun 2004 |
|
| |
On Demand with IBM Tivoli Intelligent Orchestrator and Citrix MetaFrame
This article describes the implementation and value of an On-Demand solution within a Citrix Metaframe environment using the IBM Tivoli Intelligent Orchestrator.
|
|
Articles |
|
16 Jun 2004 |
|
| |
Extending IBM Tivoli Intelligent Orchestrator with WebSphere Process Choreographer
This article will discuss Business Process Integration, the specific workflow functionality of IBM Tivoli Intelligent ThinkDynamics Orchestrator (ITITO), and how to extend this functionality leveraging the Web Services SOAP interface. The article shall then discuss ITITO workflow invocation using WebSphere Process Choreographer. We will share diagrams and code used to implement a simple process integration exercise between WebSphere Process Choreographer and IBM Tivoli Intelligent ThinkDynamics Orchestrator.
|
|
Articles |
|
20 Jun 2004 |
|
| |
Improve the run-time performance of the Generic Log Adapter, Part 1: A guide to writing efficient rule sets
Data collection is an important aspect of autonomic computing problem determination and self-healing systems. Consequently, a performance bottleneck in data collection slows down the entire operation of the autonomic computing system. It also can be difficult to re-engineer because the data collection components are often built first. This article describes different techniques for writing efficient regular expressions that form the basis for rules in the Generic Log Adapter and discusses various issues with building custom plug-in components. By reducing the performance bottleneck at the lowest levels of granularity, it is possible to improve the run-time performance of the adapter over multiple operational cycles. This article also discusses other factors that might affect adapter performance and provides a guide for when you're designing rule sets and custom components for the Generic Log Adapter.
|
|
Articles |
|
22 Jun 2004 |
|
| |
Calling Java classes from AME
The Autonomic Management Engine, a primary component of the IBM Autonomic Computing Toolkit, allows the use of JavaScript to define decision tree scripts that can be used for analysis, planning, and so on. Given that Java code is more powerful than JavaScript, it might be preferable to use Java code for creating the analysis components, whereas JavaScript might be suitable when simpler functionality is required. This article shows you how to call Java classes from the decision tree scripts as well as the associated setup. It also provides some guidance on issues that can potentially cause your decision tree scripts to fail and hints on what you can do to smoothly integrate Java code with the decision tree script.
|
|
Articles |
|
22 Jun 2004 |
|
| |
Use autonomic computing for problem determination
The goal of the IBM autonomic computing initiative is to make IT systems self managing. Self-managed systems can adapt to changing environments and react to error conditions very efficiently. This ability to respond quickly helps reduce application downtime, which, in turn, can help prevent catastrophic loss of revenue. This article describes how an autonomic system, based on autonomic computing technologies, can be used to diagnose an error condition in an IT system and provide corrective actions.
|
|
Articles |
|
29 Jun 2004 |
|
| |
Installing IBM Tivoli Storage Manager on Linux for iSeries and pSeries
This article offers installation basics, as well as steps to get you started with backing up and restoring your IT environment effortlessly using the IBM Tivoli Storage Management (ITSM) server on Linux for IBM eServer iSeries and pSeries servers.
|
|
Articles |
|
30 Jun 2004 |
|
| |
Improve the run-time performance of the Generic Log Adapter, Part 2: A guide to writing efficient custom plug-ins
The Generic Log Adapter (GLA) is an important tool that can be used in autonomic computing systems to collect data from different data sources with many different formats. The performance of the GLA, which is typically used in problem determination, becomes critical to the performance of the entire autonomic computing system. Part 1 of this series took a look at an important dimension of the performance of the GLA, the performance of the rules that the GLA executes at run time. The GLA's performance is also affected by the performance of the individual components that are configured to execute the various functions of the Generic Log Adapter. This article looks at the performance aspects of these individual components as well as other general factors and configurations that influence the performance of the GLA. It also looks at the feature of running multiple contexts provided by the adapter and builds a custom outputter that can be shared among these contexts.
|
|
Articles |
|
30 Jun 2004 |
|
| |
Make autonomic computing a reality with IBM Tivoli
Businesses, and their IT environments, must adapt to constantly changing market demands. Many over provision IT resources based on their worst-case scenario, peak demands, and often on an application-by-application basis, with specific servers dedicated to specific business processes. For an IT organization to become adaptive, proactive, and responsive, it must move from just-in-case provisioning to On Demand. This article describes how the IBM Tivoli Provisioning Manager and IBM Tivoli Intelligent Orchestrator can provide the autonomic computing capabilities needed to get you to On Demand.
|
|
Articles |
|
13 Jul 2004 |
|
| |
Integrate event management with Common Event Infrastructure
Todayâs diverse interconnected e-business components typically come with an inconsistent assortment of event infrastructures, event data repositories, viewers, and formats. This makes the integration and operation of the growing e-business environment more labor intensive and less flexible. It also impedes the process of integrating the e-business components into an on demand operating environment.
|
|
Articles |
|
20 Jul 2004 |
|
| |
Meet the experts: Kathryn Britton on autonomic computing's Integrated Solutions Console
Learn how the Integrated Solutions Console works, how you can preview it, and how you can participate in the development and use of this key autonomic computing technology. Kathryn Britton, IBM Senior Technical Staff Member and lead architect for the Integrated Solutions Console, provides this information in this question and answer article.
|
|
Articles |
|
17 Aug 2004 |
|
| |
Diagnose the IBM BladeCenter the autonomic way
Learn how to create custom sensors and rulesets that can be plugged into the Generic Log Adapter to diagnose problems with components of the IBM BladeCenter. The skills described in this article can be applied to your own sensors and rulesets for other components of the BladeCenter.
|
|
Articles |
|
24 Aug 2004 |
|
| |
Tivoli Access Manager Trust Association Interceptor (TAI++)
With the release of WebSphere Application Server 5.1.1 and 6.0, there is a new enhanced implementation of the Tivoli Access Manager Trust Association Interceptor. The existing TAI continues to be supported, but many will wish to use the new TAI as it has significant enhancements. This article describes the new functionality provided by the new TAI and provides configuration instructions and trouble shooting tips.
|
|
Articles |
|
01 Sep 2004 |
|
| |
Create GLA sensors and outputters
The Generic Log Adapter provides a way to read any log, monitor it for events, extract information from those events, and output the results. It provides an architecture that enables you to customize the components that provide these functions. An earlier tutorial showed you how to create a very basic component, an outputter that sends events to Standard.out. Now you'll learn how to create a sensor component that checks for events reported through e-mail and an outputter that sends an e-mail notification if it finds any.
|
|
Tutorials |
|
02 Sep 2004 |
|
| |
Setting up Replication in IBM Directory Server 5.1
This article provides step by step instructions on how to set up replication for IBM Directory Server 5.1. After setup, server replication improves the availability of the directory service. The combination of a master and multiple replicated servers ensures that directory data is always available when needed. If any server fails, the directory server continues to be available from another replicated server.
|
|
Articles |
|
03 Sep 2004 |
|
| |
Integrating Lotus Workplace and Domino LDAP using IBM Tivoli Directory Integrator
Managing multiple corporate directories can be a lot easier with IBM Tivoli Directory Integrator. This article explains how we used Tivoli Directory Integrator to maintain multiple LDAP directories in an integrated Lotus Workplace and Domino environment.
|
|
Articles |
|
07 Sep 2004 |
|
| |
Autonomic features of the IBM Virtualization Engine
Learn about the many autonomic capabilities of the IBM Virtualization Engine and see how they improve the availability of resources and the efficiency of systems and storage administrators. This sophisticated suite of products manages the servers, storage, systems, and networks across a cross-platform distributed IT environment. It is a key component of an on demand solution to optimize the management of your infrastructure according to your business goals.
|
|
Articles |
|
14 Sep 2004 |
|
| |
Add policy-based automation to the Problem Determination Scenario
How do you define the decision algorithms that lie at the heart of autonomic computing systems? In this article, learn how an autonomic management system with a decision algorithm written in JavaScript can be extended by adding a set of business policies, which can be created and maintained by non-technical business administrators.
|
|
Articles |
|
22 Sep 2004 |
|
| |
The features and facets of the Agent Building and Learning Environment (ABLE)
Learn about the major features and facets of the Agent Building and Learning Environment (ABLE), including the ABLE architecture and how to manipulate data beans, rule beans, and learning beans to be used in a wide variety of applications. After reading this article, you should have a solid understanding of the basic ABLE elements and be prepared to work with each of these elements represented as examples in the ABLE Examples Project.
|
|
Articles |
|
06 Oct 2004 |
|
| |
Using Java class callouts with the Generic Log Adapter
Learn how the Generic Log Adapter lets you embed class callouts. Using these callouts you can customize the parsing component of the Generic Log Adapter. The article discusses how class callouts work and develops some examples with the correct rules to invoke them.
|
|
Articles |
|
13 Oct 2004 |
|
| |
Understand the autonomic manager concept
The autonomic computing reference architecture lays out the framework for building an autonomic computing system. As its central theme, the architecture defines a control loop that handles events within an autonomic system. The control loop is manifested within an autonomic manager. This article presents both a basic scenario of a working autonomic manager and a more detailed example using a simple thermostat application from the Emerging Technologies Toolkit along with examples of IBM software applications that have autonomic functionality.
|
|
Articles |
|
21 Oct 2004 |
|
| |
Standardize messages with the Common Base Event model
For an analysis tool to understand an application's messages, those messages have to be in an expected form, using expected terminology. An open standard that fits this requirement is the Common Base Event model. The Common Base Event model provides a basis for sounder problem determination and is a cornerstone of automatic computing system management, which is also known as autonomic computing. Furthermore, Common Base Events are XML messages targeted for use in a Web services environment. This opens the possibilities for autonomic management across products, even those from different vendors. (Note: Updated for Release 2 of the IBM Autonomic Computing Toolkit.)
|
|
Articles |
|
21 Oct 2004 |
|
| |
An autonomic computing roadmap
If autonomic computing is the process of making computers behave like living, sentient creatures, then you, as a developer, are the doctor who makes sure your products and systems are performing properly. If there's an area of concern, you must diagnose it and make sure it has what it needs to function properly. This article gives you a roadmap to begin integrating autonomic computing concepts into your products. (Note: Updated for Release 2 of the IBM Autonomic Computing Toolkit.)
|
|
Articles |
|
21 Oct 2004 |
|
| |
Create a Correlation Engine for the Log and Trace Analyzer
Learn how to correlate log and trace files generated by different products in various formats. Correlating log files is the first step in the problem determination process. This article shows you the procedure for developing a custom correlation engine as a plug-in for the Log and Trace Analyzer (LTA). Using examples from the IBM WebSphere Application server activity log and the IBM DB2 diagnostic log, you learn how the LTA can correlate the log records visually as a UML sequence diagram. (Note: Updated for Release 2 of the IBM Autonomic Computing Toolkit.)
|
|
Articles |
|
28 Oct 2004 |
|
| |
Products
Find information on specific Tivoli software products, including product-related articles, news, downloads, and forums.
|
|
|
|
05 Nov 2004 |
|
| |
Ric Telford on the state of autonomic computing today
This question and answer article features Ric Telford, Director for Autonomic Computing at IBM. developerWorks talked with Ric about the state of autonomic computing today, and the challenges of developing with, and for, next-generation autonomic systems.
|
|
Articles |
|
02 Dec 2004 |
|
| |
Writing a Custom Scanner for the Inventory Component of Tivoli Configuration Manager
This article provides an example of how to create a custom software scanner for the Inventory component of Tivoli Configuration Manager to determine detailed WebSphere Application Server version information. Using this example scanner, you will be easily able to determine which fixpacks and temporary fixes have been applied to each WAS endpoint in your environment. We will describe the Level Reporting Tool for the WebSphere Platform which provides the basis of the scanner, how custom scanners work in TCM, and provide the detailed steps to configure and run the scanner on Linux endpoints.
|
|
Articles |
|
03 Dec 2004 |
|
| |
Understand WebSphere Extended Deployment
Get a high-level overview of the autonomic features of WebSphere Extended Deployment, which manages a high volume of system transactions and simplifies the complexity of deploying applications.
|
|
Articles |
|
07 Dec 2004 |
|
| |
Create GLA components using Release 2 of the Autonomic Computing Toolkit
The Generic Log Adapter (GLA) lets you to process log files and transform their contents into events that follow the Common Base Event (CBE) format. Internally, the GLA consists of a chain of components that have different roles in the transformation process. The last member in the chain is the outputter, the component that externalizes a CBE instance generated by the GLA. Typical destinations for CBE instances include the console, a file, or an autonomic computing log agent, and the GLA ships with outputters for each of these destinations. However, your specific needs might not be addressed by the standard GLA outputters. This tutorial shows you how to write custom outputters. By following the same general pattern you can write any type of GLA component.
|
|
Tutorials |
|
14 Dec 2004 |
|
| |
Advanced resource model concepts
Gain advanced skills in designing, modifying, and troubleshooting resource models. You can use the skills described in this article to customize the Problem Determination Scenario resource model to enable database logging.
|
|
Articles |
|
21 Dec 2004 |
|
| |
HA DB2 (Partitioned Database) using Tivoli System Automation
This document is primarily a Supplemental Guide to an existing White Paper High Availability for partitioned databases using Tivoli System Automation (July 2004) By Enrico Joedecke (IBM Boeblingen Lab), Steve Raspudic and Baris Naciterhan (IBM Toronto Lab).
|
|
Articles |
|
24 Dec 2004 |
|
| |
Create custom sensors and outputters using Release 2 of the Autonomic Computing Toolkit
The Generic Log Adapter provides a way to read any log, monitor it for events, extract information from those events, and output the results. It provides an architecture that enables you to customize the components that provide these functions. An earlier tutorial showed you how to create a very basic component, an outputter that sends events to Standard.out. Now you'll see how to create a sensor component that checks for events reported through e-mail and an outputter that sends an e-mail notification if it finds any.
|
|
Tutorials |
|
04 Jan 2005 |
|
| |
Meet the experts: Thomas Studwell on driving an autonomic computing standards-based strategy
This question and answer article features Thomas Studwell, a Senior Technical Staff Member for Autonomic Computing Technology at IBM. developerWorks talked with Thomas about current efforts and strategies for creating open, autonomic computing standards.
|
|
Articles |
|
25 Jan 2005 |
|
| |
Autonomic data protection, your file system life saver
Automatically and transparently back up laptops and workstations by exploiting disks and networks. It is estimated that nearly 70% of corporate digital assets are now stored on laptops and other non-server endpoints; typically, only 10% of those systems are backed up in most corporations (even lower in households). The new world of fast and inexpensive disks and broadband offers great hope for a new style of data protection: transparent real-time to multiple targets.
|
|
Articles |
|
09 Feb 2005 |
|
| |
Adding rules to applications
Write and run simple business rules or complex inferencing rules using the Agent Building and Learning Environment (ABLE) and its ABLE Rule Language (ARL). Example rulesets show ARL's syntax and capabilities, how to work with Java objects from ARL, how to write and debug rules in Eclipse, how to run rulesets from Java applications, demonstrate procedural and inferencing rule engines, and see the benefits of using rules written for inferencing rule engines.
|
|
Articles |
|
15 Feb 2005 |
|
| |
The Autonomic Computing Edge: Autonomic computing heats up in Japan
Autonomic computing is gaining momentum throughout the information technology industry and in many geographical areas, but its uptake in Japan is especially rapid. This article examines recent events in Japan related to autonomic computing, presents an overview of the Japanese IT marketplace, and offers opinions about why autonomic computing is hot in Japan.
|
|
Articles |
|
22 Feb 2005 |
|
| |
Meet the experts: Mickey Nix on life in the trenches
This question and answer article features Mickey Nix, an IT Architect/Consultant for Autonomic Computing technology at IBM. developerWorks talked with Mickey about the procedures and practices when implementing and deploying an autonomic computing solution for partners and customers.
|
|
Articles |
|
23 Feb 2005 |
|
| |
Autonomic Computing Expression Language
This tutorial shows how to use the Autonomic Computing Expression Language (ACEL), an XML-based expression language, to create an expression, parse it, prepare input for it, and evaluate it. ACEL was originally developed as a part of the Autonomic Computing Policy Language to describe conditions when a policy should be applied to a managed system. To learn more about how policies can be used to manage an IT system, download IBM Policy Management for Autonomic Computing (PMAC) from alphaWorks. However, ACEL is applicable in many other contexts such as specifying service level agreements, pricing, scheduling, and provisioning of services. In general, ACEL can be used to specify various types of expressions (numeric expression, Boolean expression, string expression, and so on) in XML documents.
|
|
Tutorials |
|
28 Feb 2005 |
|
| |
New to Tivoli
This area is designed for people new to Tivoli.
|
|
|
|
08 Mar 2005 |
|
| |
High-performance rule writing for the Generic Log Adapter
The Generic Log Adapter, which converts log records into the Common Base Event format, is dependent on the rule sets it is configured with. These rules affect the run-time performance of the Generic Log Adapter. Using examples from DB2 db2diag.log and Websphere MQ FDC.log logs, this article describes methods for writing rules that enhance the performance of the Generic Log Adapter.
|
|
Articles |
|
08 Mar 2005 |
|
| |
Build a highly available application platform for J2EE, Part 1: Delivering on the continuous computing promise
Interested in learning how to build a highly available solution platform for J2EE? Follow along as the Continuous Computing Team uses existing hardware and software from multiple IBM divisions to produce a complete solution that offers high availability. Explore what's possible using current technologies from WebSphere, DB2, Tivoli, IBM TotalStorage to and other IBM products. And later in the series, discover how the design of the system can be enhanced to take advantage of emerging technologies in automation, faster failure detection, and multisite failover.
|
|
Articles |
|
08 Mar 2005 |
|
| |
Use the Event Catalog in the IBM Common Event Infrastructure
See how the Common Event Infrastructure (CEI) Event Catalog builds on the foundation set by the Common Base Event specification in order to offer a higher-level of agreement for the applications exchanging event data through CEI.
|
|
Articles |
|
09 Mar 2005 |
|
| |
Globalizing an Integrated Solutions Console portal application
The world of autonomic computing is a global world. Developers need to be ever conscious of global issues in designing user interfaces and in making their applications available to the international marketplace. The IBM Integrated Solutions Console (ISC) enables the common systems administration feature of autonomic computing. Internationalizing your portlet application opens up common systems administration to administrators not just around the country, but around the world. This tutorial shows how to globalize a portlet for the Integrated Solutions Console. This tutorial is written for software developers who need to globalize their portlet application. Basic knowledge of Java programming, JavaServer pages files, portlet development, and the Integrated Solutions Console will help you complete the tasks described.
|
|
Tutorials |
|
15 Mar 2005 |
|
| |
An Introduction to Policy for Autonomic Computing
Policy has been described as "a set of considerations designed to guide decisions of courses of action." In an IT setting, policies are used to guide decisions relating to the management of the IT infrastructure. This article introduces the concept of policy-based management, talks briefly about key standards, and discusses how policies can be structured.
|
|
Articles |
|
22 Mar 2005 |
|
| |
Embed the Integrated Solutions Console installation
The Integrated Solutions Console administers different
products using a single Web-based console. This article
focuses on how to use and embed the Integrated Solutions
Console installer. It discusses how to generate a response
file (which provides input parameters to the install
program), how to validate your response file, how to invoke
the installer, and finally how to fix or overcome common
install problems encountered.
|
|
Articles |
|
23 Mar 2005 |
|
| |
The Autonomic computing edge: The "Standard" way of autonomic computing
Autonomic computing technology is gaining momentum throughout the information technology industry. This article discusses why the standardization of key areas of autonomic computing technology is important, surveys the standards landscape, describes some recent activities and examines standards, both existing and newly developed, that support autonomic computing architecture.
|
|
Articles |
|
29 Mar 2005 |
|
| |
Using Aspects to autonomic-enable legacy applications
Learn how to use Aspects to generate Common Base Events in any legacy Java application, without modifying the original application source. This article shows you how and also provides an example framework that can be used with your applications today.
|
|
Articles |
|
29 Mar 2005 |
|
| |
Time-based filtering for the Log and Trace Analyzer
Learn how to add time based filtering to log parsers for the Log and Trace Analyzer, which allows selective parsing of native log data into the Common Base Event format and minimizes the log processing time. It also reduces the amount of Common Base Event data sent over the network when performing remote file imports.
|
|
Articles |
|
05 Apr 2005 |
|
| |
Introduction to LDAP: Part 1: Installation and simple Java LDAP Programming
This article will provide you with a general overview of LDAP (Lightweight Directory Access Protocol).
|
|
Articles |
|
07 Apr 2005 |
|
| |
Common Base Event logging
This tutorial shows you how to configure Common Base Event logging in the Java language. This gives you a rich source of activity and control-flow information to accelerate problem determination and increase system serviceability and quality. The Log and Trace Analyzer can then use logged Common Base Events to detect and resolve configuration errors, performance degradation, exception states, resource starvation, security failures, communication delays, deadlocking, and other problems.
|
|
Tutorials |
|
12 Apr 2005 |
|
| |
Use Policy Management for Autonomic Computing
This tutorial shows how to use the Policy Management for Autonomic Computing (PMAC) tool V1.2.1, downloadable from alphaWorks, to experiment with policy management in your application.
|
|
Tutorials |
|
12 Apr 2005 |
|
| |
Simulate autonomic resources in your IT system
This tutorial shows how to build and test an autonomic manager with the help of the IBM Touchpoint Simulator. You will learn how to create simulation projects that offer realistic test scenarios for your manager code. Additionally, you will learn what your manager needs in order to comply with autonomic computing standards, and how the Touchpoint Simulator can help you achieve that compliance.
|
|
Tutorials |
|
19 Apr 2005 |
|
| |
