IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway V6.2.2 help deliver federated access management for secure collaboration

IBM United States Software Announcement 211-480
November 15, 2011

Table of contents
Overview Overview Publications Publications
Key prerequisites Key prerequisites Technical information Technical information
Planned availability date Planned availability date Ordering information Ordering information
Description Description Terms and conditions Terms and conditions
Product positioning Product positioning Prices Prices
Program number Program number Order now Order now


Top rule
At a glance
Bottom rule

IBM® Tivoli® Federated Identity Manager V6.2.2 provides:

  • Federated single sign-on (SSO) for secure information sharing across private, public, and hybrid cloud deployments
  • SSO across separately managed infrastructure domains, both within an organization and across organizations
  • Modular federation deployments enablement and interoperability by integrating with access management solution and application servers
  • Support for cloud-based application such as LotusLive™, Salesforce.com, and GoogleApps
  • An identity mediation service for cloud, Software as a Service (SaaS), and web services implementation that helps reduce administrative costs, establish trust, and facilitate compliance by managing, mapping, and propagating user identities
  • Support for the Open Authorization (OAuth), an open standard for authorization, allowing users to share their private information with others without the need for sharing user identity and password

IBM Tivoli Federated Identity Manager Business Gateway V6.2.2 adds expanded token support, adding to the existing Security Assertion Markup Language (SAML) support.

For ordering, contact Your IBM representative or an IBM Business Partner.
For more information contact the Americas Call Centers at
800-IBM-CALL (426-2255).
 
Reference: YE001


Back to topBack to top
 
Top rule
Overview
Bottom rule

Collaboration across an organization's business ecosystem plays a key role in businesses extending their application access to business partners, customers, and consumers. Additionally, internal users need access to externally hosted applications, including cloud-based applications and business partner applications. By providing a federated approach, end users can have a seamless sign-on experience to these applications, helping eliminate the need for providing multiple user IDs and passwords.

IBM Tivoli Federated Identity Manager V6.2.2 is an access management solution that provides web and federated single sign-on (SSO) to end users across multiple applications. With browser-based integration and open standards, it can provide quick gains in user productivity, user experience, and a reduction in administration costs by delivering federated SSO. End users authenticate once, and then seamlessly obtain access to applications and services inside and outside their network infrastructure.

Tivoli Federated Identity Manager provides federated SSO capability in a way that can minimize the impact on business applications to help reduce costs and deployment timeframes for integrating applications into a collaboration infrastructure.

Tivoli Federated Identity Manager provides flexible web services identity services using the Security Token Service (STS) that enable the ability to validate and issue a wide variety of identity formats and flow auditable identities between applications and services across multiple security domains and the enterprise. To aid compliance activities, Tivoli Federated Identity Manager also provides integrated audit data collection and reporting.

IBM Tivoli Federated Identity Manager Business Gateway V6.2.2 is built especially for small-to-midsize organizations to bring together customers, business partners, and suppliers. It delivers fast time-to-market for e-business initiatives, provides a lightweight, easily deployable application for straightforward SSO needs, and provides simplified integration with online business partners.

IBM Tivoli Federated Identity Manager V6.2.2 packages IBM Tivoli Federated Identity Manager Business Gateway V6.2.2 as well as IBM Tivoli Access Manager for e-business V6.1.1. Refer to the Software requirements section for additional products packaged with Tivoli Federated Identity Manager and Tivoli Federated Identity Manager Business Gateway.

What's new

  • Support for the emerging Open Authorization (OAuth) open standard for authorization, which enables users to share private resources stored on one site with another site, for example, photos, files, and contact lists, without having to hand out their credentials.
  • Predefined federations that provide configuration assistance to ease definitions and setup.
  • Support for Secure Hash Algorithm (SHA-2), a set of cryptographic hash functions, designed by the US National Security Agency.
  • IBM Tivoli Federated Identity Manager Business Gateway includes additional federated SSO protocols, which provide support for SAML, WS-Federation, Information Card Profile, and OpenID. It also provides a security token service, which provides support for WS-Trust, username, SAML, RACF®, X509, and Kerberos tokens.


Back to topBack to top
 
Top rule
Key prerequisites
Bottom rule

Refer to the Hardware requirements and Software requirements sections.



Back to topBack to top
 
Top rule
Planned availability date
Bottom rule

December 2, 2011 for electronic availability

January 6, 2012 for media availability



Back to topBack to top
 
Top rule
Description
Bottom rule

Collaboration through federation

IBM Tivoli Federated Identity Manager is a management solution that provides web and federated single sign-on (SSO) to end users across multiple applications that can result in improved user experience and reduction in administration costs. It provides:

  • Federated SSO for information sharing across private, public, and hybrid cloud deployments. It enables central management of access, enhanced user productivity, and facilitates trust by delivering SSO across separately managed infrastructure domains, both within an organization and across organizations.
  • Support for cloud-based application such as LotusLive, Salesforce.com, and GoogleApps by using open standards like Security Assertion Markup Language (SAML), Liberty, WS-Federation, WS-Securit, WS-Trust, and OpenID.
  • An identity mediation service for cloud, Software as a Service (SaaS), and web services implementation and helps reduce administrative costs, establish trust, and facilitate compliance by managing, mapping, and propagating user identities.
  • New Open Authorization (OAuth) service provider support, an emerging open standard for authorization, which enables users to share private resources, for example, photos, files, and contact lists stored on one site, with another site, without having to hand out credentials.

IBM Tivoli Federated Identity Manager Business Gateway provides web SSO capabilities. While Tivoli Federated Identity Manager uses open standards to provide a smooth migration pathway to an enterprise-level application in a single, easy-to-deploy application, Tivoli Federated Identity Manager Business Gateway is built especially for small-to-midsize organizations to bring together customers, business partners, and suppliers. It can deliver fast time-to-market for e-business initiatives, provides a lightweight, easily deployable application for straightforward SSO needs, and provides simplified integration with online business partners. It generates audit logs, and tracking and incident reports, as well as security best practices, to help meet compliance policies. Tivoli Federated Identity Manager Business Gateway adds expanded token support to the existing SAML support.

Tivoli Federated Identity Manager Business Gateway also offers a smooth migration to the enterprise level Tivoli Federated Identity Manager solution, with little or no business application changes. Moreover, both solutions use a consistent management user interface, so administration training and transition costs can be minimized.

Service-oriented architecture (SOA) Identity Service

Tivoli Federated Identity Manager has a Security Token Service (STS) that provides identity mediation services for an SOA by managing, mapping, and propagating identities. The functionality provided by the STS can also be accessed from leading XML firewalls gateways, including IBM Datapower SOA Appliances, to provide identity mediation services to these boundary devices for XML-based interactions with external organizations. Many organizations are moving from using application-level user IDs and passwords to individual user identities. Tivoli Federated Identity Manager STS can be used to map distributed user IDs to RACF user IDs and associated RACF passtickets (one-time passwords for authentication to RACF). The RACF ID and passticket can then be used to connect to z/OS® hosted resources using individual user identities. Tivoli Federated Identity Manager STS, in this use case, can be hosted on z/OS or a supported distributed platform.

IBM Tivoli Federated Identity Manager STS can also be leveraged as a critical component within IBM federated enterprise service bus (ESB). An ESB is a flexible connectivity infrastructure for integrating disparate applications and services. But many ESBs have identity and compliance challenges. They are not able to efficiently connect and track identities across separately managed domains leading to significant administrative costs and auditing difficulties. The federated ESB simplifies administration and ensures compliance by making an organization's ESB identity aware. Tivoli Federated Identity Manager:

  • Offers a command line infrastructure and an enhanced trust chain editor for quick deployment of the STS
  • Enables key management via a console that can change key store passwords and manage certificate operations
  • Provides the ability to develop additional Tivoli Federated Identity Manager plug-ins using Eclipse extensions and support organization and application-specific deployments

Key enhancements

  • Support for OAuth service provider, an emerging open standard for authorization, which enables users to share private resources, for example, photos, files, and contact lists, stored on one site with another site, without having to hand out credentials
  • Predefined federations provides configuration assistance to ease definitions and setup
  • Support for Secure Hash Algorithm (SHA-2), a set of cryptographic hash functions, designed by the US National Security Agency

Accessibility by people with disabilities

A U.S. Section 508 Voluntary Product Accessibility Template (VPAT) containing details on accessibility compliance can be requested at

http://www.ibm.com/able/product_accessibility/index.html

Section 508 of the US Rehabilitation Act

Tivoli Federated Identity Manager is capable, when used in accordance with IBM's associated documentation, of satisfying the applicable requirements of Section 508 of the Rehabilitation Act, provided that any assistive technology used with the product properly interoperates with it. A US Section 508 Voluntary Product Accessibility Template (VPAT) can be requested on the following website

http://www.ibm.com/able/product_accessibility/index.html


Back to topBack to top
 
Top rule
Product positioning
Bottom rule

Do not mistake the name! IBM Tivoli Federated Identity Manager is an access management solution that has two distinct value propositions. First, it is a robust access control solution that facilitates collaboration inside and outside the enterprise by delivering federated SSO. Second, it is a SOA identity service solution that provides end-to-end identity mediation and token validation across diverse applications, services, and mash-ups through its Security Token Service (STS).

Within the IBM Tivoli security portfolio, IBM Tivoli Federated Identity Manager's federated SSO capabilities directly complement the web SSO and enterprise SSO capabilities of IBM Tivoli Access Manager for e-business and IBM Tivoli Access Manager for Enterprise SSO, respectively. Together, they can deliver SSO inside and outside the enterprise.

As these solutions manage authentication and authorization to applications, Tivoli Identity Manager focuses on managing the user lifecycle by offering user provisioning through the management of user identities and passwords in a closed-loop, workflow-based solution.



Back to topBack to top
 
Top rule
Program number
Bottom rule

 
Program                Program
number         VRM     name

5724-L73       6.2.2   IBM Tivoli Federated Identity Manager
5724-Q82       6.2.2   IBM Tivoli Federated Identity Manager
                         Business Gateway


Back to topBack to top
 
Top rule
Education support
Bottom rule

Comprehensive education for IBM Tivoli products is offered through Worldwide Tivoli Education Delivery Services. A wide range of training options are available, including classes led by instructors, learning on demand, on-site training, and blended learning solutions.

For additional information, visit

http://www-306.ibm.com/software/tivoli/education/


Back to topBack to top
 
Top rule
Offering Information
Bottom rule

Product information is available via the Offering Information website

http://www.ibm.com/common/ssi

Also, visit the Passport Advantage® website

http://www.ibm.com/software/passportadvantage


Back to topBack to top
 
Top rule
Publications
Bottom rule

IBM Tivoli Federated Identity Manager V6.2.2 and IBM Tivoli Federated Identity Manager Business Gateway V6.2.2

Tivoli Federated Identity Manager Quick Start Guide English and translated publications are delivered on a separate publications CD-ROM with the basic machine-readable material. They can also be downloaded at general availability from the following website

Tivoli Federated Identity Manager

http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/topic/com.ibm.tivoli.fim.doc_6.2.2/ic/ic-homepage.html

The following English publications may be downloaded, at general availability, from

http://www.ibm.com/software/tivoli/library

Note: The Tivoli Federated Identity Manager Business Gateway V6.2.2 publications have been consolidated into a single set of books. Within each book are details common to both Tivoli Federated Identity Manager and Tivoli Federated Identity Manager Business Gateway licenses.

English publications:

Title                                              Order number

Tivoli Federated Identity Manager:
 Quick Start Guide                                 GI11-6490-04
 Installation Guide                                GC27-2718-01
 Configuration Guide                               GC27-2719-01
 Administration Guide                              SC23-6191-02
 Web Services Security Management Guide            GC32-0169-04
 Error Message Reference                           GC32-2289-04
 Auditing Guide                                    GC32-2287-04
 Troubleshooting Guide                             GC27-2715-01

The IBM Publications Center

http://www.ibm.com/shop/publications/order

The Publications Center is a worldwide central repository for IBM product publications and marketing material with a catalog of 70,000 items. Extensive search facilities are provided. Payment options for orders are via credit card (in the U.S.) or customer number for 20 countries. A large number of publications are available online in various file formats, and they can all be downloaded by all countries, free of charge.



Back to topBack to top
 
Top rule
Technical information
Bottom rule

Specified operating environment

Hardware requirements

Minimum and recommended processor, disk space, and memory requirements for IBM Tivoli Federated Identity Manager V6.2.2:

 
                                     Minimum    Recommended
                                     
Processor                            300 MHz    400 MHz

Disk space excluding WebSphere
web server, or web browser           1 GB       1.5 GB
 
Memory excluding WebSphere
web server, or web browser           1 GB       2.0 GB

Minimum and recommended processor, disk space, and memory requirements for IBM Tivoli Federated Identity Manager Business Gateway V6.2.2:

 
                                     Minimum    Recommended
                                     
Processor                            300 MHz    400 MHz

Disk space                           1 GB       1.5 GB
 
Memory                               1 GB       2.0 GB
Software requirements

IBM Tivoli Federated Identity Manager V6.2.2 and IBM Tivoli Federated Identity Manager Business Gateway V6.2.2 support the following:

  • AIX® V5.3 TL4, AIX V6.1, AIX V7.1 on POWER® Systems
  • Red Hat Enterprise Linux™ (RHEL) 3 Update 5 AS/ES x86-32
  • Red Hat Enterprise Linux (RHEL) 4 Update 2 AS/ES x86-32
  • Red Hat Enterprise Linux (RHEL) 5 Advanced Platform x86-32 and x86-64
  • Red Hat Enterprise Linux (RHEL) Server 6 x86-32 and x86-64
  • Red Hat Enterprise Linux (RHEL) 4 Update 2 AS/ES POWER System
  • Red Hat Enterprise Linux (RHEL) 5 Advanced Platform POWER System
  • Red Hat Enterprise Linux (RHEL) Server 6 POWER System
  • Red Hat Enterprise Linux (RHEL) 4 Update 4 AS/ES System z®
  • Red Hat Enterprise Linux (RHEL) 5 Advanced Platform System z
  • Red Hat Enterprise Linux (RHEL) Server 6 System z
  • SUSE Linux Enterprise Server (SLES) 9 SP2, 10, 11 x86-32 and x86-64
  • SUSE Linux Enterprise Server (SLES) 9 SP2, 10, 11 POWER System
  • SUSE Linux Enterprise Server (SLES) 9 SP2, 10, 11 System z
  • Solaris 9 and 10 SPARC
  • Solaris 10 x86-64
  • Windows™ Server 2003 SP1 Standard Edition and Enterprise Edition x86-32
  • Windows Server 2008 Standard Edition and Enterprise Edition x86-32
  • Windows Server 2008 Standard Edition and Enterprise Edition x86-64
  • Windows Server 2008 R2 Standard Edition, Enterprise Edition, Datacenter Edition x86-64

Included with the program package for use restricted to IBM Tivoli Federated Identity Manager V6.2.2 are:

  • IBM Tivoli Access Manager for e-business V6.1.1
  • IBM WebSphere® Application Server Network Deployment V6.1
  • IBM WebSphere Application Server Network Deployment V7.0
  • IBM WebSphere Application Server Network Deployment V8.0
  • IBM Tivoli Directory Integrator V6.1.1
  • IBM Tivoli Directory Integrator V7.0
  • IBM Tivoli Directory Server V6.1
  • IBM Tivoli Common Reporting V1.2

Included with the program package for use restricted to IBM Tivoli Federated Identity Manager Business Gateway V6.2.2 are:

  • IBM WebSphere Application Server V6.1
  • IBM WebSphere Application Server Network Deployment V7.0
  • IBM WebSphere Application Server Network Deployment V8.0
  • IBM Tivoli Directory Integrator V6.1.1
  • IBM Tivoli Directory Integrator V7.0
  • IBM Tivoli Directory Server V6.1
  • IBM Tivoli Common Reporting V1.2

The program's specifications and specified operating environment information may be found in documentation accompanying the program, if available, such as a readme file, or other information published by IBM, such as an announcement letter. Documentation and other program content may be supplied only in the English language.

Planning information

Software Subscription and Support (also referred to as Software Maintenance) is included with licenses purchased through Passport Advantage and Passport Advantage Express®. Product upgrades and technical support are provided by the Software Subscription and Support (Software Maintenance) offering as described in the Agreements. Product upgrades provide the latest versions and releases to entitled software, and technical support provides voice and electronic access to IBM support organizations, worldwide.

IBM includes one year of Software Subscription and Support (also referred to as Software Maintenance) with each program license acquired. The initial period of Software Subscription and Support (Software Maintenance) can be extended by the purchase of a renewal option, if available.

Packaging

IBM Tivoli Federated Identity Manager V6.2.2 is distributed with:

  • International Program License Agreement (Z125-3301)
  • Quick Start Guide
  • Quick Start Guide CD-ROM
  • CD ROMs
  • Publications (refer to the Publications section)

IBM Tivoli Federated Identity Manager Business Gateway V6.2.2 is distributed with:

  • International Program License Agreement (Z125-3301)
  • Quick Start Guide
  • Quick Start Guide CD-ROM
  • CD ROMs
  • Publications (refer to the Publications section)

This program, when downloaded from a website, contains the applicable IBM license agreement and License Information, if appropriate, and will be presented for acceptance at the time of installation of the program. For future reference, the license and License Information will be stored in a directory such as LICENSE.TXT.

Security, auditability, and control

IBM Tivoli Federated Identity Manager V6.2.2 uses the security and auditability features of the operating system software. The customer is responsible for evaluation, selection, and implementation of security features, administrative procedures, and appropriate controls in application systems and communication facilities.



Back to topBack to top
 
Top rule
Software Services
Bottom rule

IBM Software Services has the breadth, depth, and reach to manage your services needs. You can leverage the deep technical skills of our lab-based, software services team and the business consulting, project management, and infrastructure expertise of our IBM Global Services team. Also, we extend our IBM Software Services reach through IBM Business Partners to provide an extensive portfolio of capabilities. Together, we provide the global reach, intellectual capital, industry insight, and technology leadership to support a wide range of critical business needs.

To learn more about IBM Software Services or to contact a Software Services sales specialist, visit

http://www.ibm.com/software/sw-services/


Back to topBack to top
 
Top rule
Licensing metric definitions and pricing examples
Bottom rule

Licensing metric definitions

Processor Value Unit (PVU)

PVU is a unit of measure by which the program can be licensed. The number of PVU entitlements required is based on the processor technology (defined within the PVU Table by processor value, brand, type, and model number at

http://www.ibm.com/software/lotus/passportadvantage/pvu_licensing_for_customers.html

and the number of processors made available to the program. IBM continues to define a processor, for the purpose of PVU-based licensing, to be each processor core on a chip. A dual-core processor chip, for example, has two processor cores.

Licensee can deploy the program using either full capacity licensing or virtualization capacity (sub-capacity) licensing according to the Passport Advantage Sub-Capacity Licensing Terms (refer to the webpage below). If using full capacity licensing, licensee must obtain PVU entitlements sufficient to cover all activated processor cores* in the physical hardware environment made available to or managed by the program, except for those servers from which the program has been permanently removed. If using virtualization capacity licensing, licensee must obtain entitlements sufficient to cover all activated processor cores made available to or managed by the program, as defined according to the Virtualization Capacity License Counting Rules at

http://www.ibm.com/software/lotus/passportadvantage/Counting_Software_licenses_using_specific_virtualization_technologies.html

* An activated processor core is a processor core that is available for use in a physical or virtual server, regardless of whether the capacity of the processor core can be or is limited through virtualization technologies, operating system commands, BIOS settings, or similar restrictions.

User Value Unit (UVU)

UVU is a unit of measure by which the program can be licensed. UVU Proofs of Entitlement (PoEs) are based on the number and type of users for the given program. Licensee must obtain sufficient entitlements for the number of UVUs required for licensee's environment as specified in the table below. The UVU entitlements are specific to the program and type of user and may not be exchanged, interchanged, or aggregated with UVU entitlements of another program or type of user.

Server

Server is a unit of measure by which the program can be licensed. A server is a physical computer that is comprised of processing units, memory, and input/output capabilities and that executes requested procedures, commands, or applications for one or more users or client devices. Where racks, blade enclosures, or other similar equipment is being employed, each separable physical device (for example, a blade or a rack-mounted device) that has the required components is considered itself a separate server. Licensee must obtain server entitlements for each server which is made available to the program, regardless of the number of processor cores or partitions in the server or the number of copies of the program on the server.

Pricing examples

Tivoli Federated Identity Manager can be purchased via user-based pricing (User Value Units) or processor-based pricing (Processor Value Units). A minimum of 14 processors is required in order to utilize the processor-based pricing model. The processor-based pricing provides for an unlimited amount of users. Multiple Tivoli Federated Identity Manager components, for example the policy server and the authorization server, that are run on the same processor, only count as a single processor, for the purpose of calculating the number of Processor Value Units to order.

Tivoli Federated Identity Manager Business Gateway is purchased on a server basis.

References to processor-based licensing do not represent the actual number of entitlements required. Entitlement requirements are Processor Value Unit based (PVU). Processors referenced in these examples represent the designated measurement on which the required number of Processor Value Unit entitlements will be calculated. The number of PVUs required per processor will depend on the processor type. For more information, refer to the Value Unit definition in IBM Tivoli Enhanced Value-Based Pricing terminology definitions. To determine the number of Processor Value Unit entitlements required per processor, refer to the processor Value Unit conversion table on the Passport Advantage website

http://www.ibm.com/software/passportadvantage

References to all other non-processor-based metrics do represent the actual number of entitlements required, unless other designated measurements are referenced or unless otherwise specified.

The pricing examples below should be used to determine required license entitlements for IBM Tivoli Federated Identity Manager, which is managed by the licensed user or processor basis.

Products also have program-specific licensing terms, which are described later in this document. Consult the program- specific licensing terms to determine total licensing requirements for the applicable products.

User Value Unit (UVU) pricing table

The following scalable usage table is used to determine the required User Value Units per 1,000 users. There are 8 usage levels defined.

Usage level           1            2         3         4
 
Number of users     1-5K        >5K-15K   >15K-50K  >50K-150K
 
User Value Units    1,000       500       300       200
 per 1,000 users
 
Scalable
usage level           5            6         7         8
 
Number of users    >150K-500K   >500K-1M  >1M-3M    >3M
 
User Value Units      100        50        25        10
 per 1,000 users
 

The pricing model for IBM Tivoli Federated Identity Manager helps significantly reduce costs for many customers whose systems support a large number of external users. Infrequent users, user IDs that are utilized less than five times per year, are also counted at a reduced rate.

  • Each Internal user equals one chargeable user for the purpose of calculating UVUs.
  • A ratio of 15 external users equals 1 chargeable user for the purpose of calculating UVUs.
  • A ratio of 15 infrequent internal users equal 1 chargeable user for the purpose of calculating UVUs.

    In order to ensure tracking and auditing, it is recommended infrequent users are defined in a separate group in your user directory.

Chargeable users are added up and the User Value Unit table is utilized to calculate the total UVUs required to cover entitlements. You may mix internal users, external users, and infrequent internal users within your total UVUs. This mix of user types can be changed as needed as long as the total number of UVUs does not exceed what has been purchased.

User Value Unit pricing examples

1. All internal users

Assume customer ABC initially has 12,000 internal employees. The total chargeable users are calculated as follows:

Pricing    Chargeable user      User Value Units     User Value Units
metric     quantity in          per 1,000            required
           customer environment chargeable users     

Level 1    5,000                1,000                5,000

Level 2    7,000                  500                3,500

                          Total User Value Units     8,500

Customer ABC would purchase 8,500 UVUs to cover their 12,000 internal employees.

2. Internal users and external users

Customer DEF has 20,000 company employees and 1,380,000 external users (customers, business partners, and suppliers). The total chargeable users are calculated as follows:

  • 20,000 internal users = 20,000 chargeable users (20,000 chargeable users at 1:1)
  • 1,380,000 external users = 1,380,000/15 = 92,000 chargeable users (at 15:1)

A total of 112,000 UVUs (20,000 plus 92,000) will need to be purchased by Customer DEF. Using the UVU pricing table from above:

Pricing     Chargeable user       User Value Units     User Value Units
metric      quantity in           per 1,000            required
            customer environment  chargeable users     

Level 1        5,000              1,000                 5,000

Level 2        7,000                500                 3,500

Level 3       35,000                300                10,500

Level 4       62,000                200                12,400

Total       112,000         Total User Value           32,900
 users                      Units               

Customer DEF would need to purchases 32,900 UVUs.

Processor Value Unit pricing examples

Assume Customer ABC prefers unlimited user access for their environment and has the following configuration:

  • Two 2-way servers to run Tivoli Access Manager Reverse Proxy (WebSEAL)
  • One 4-way server to run the Tivoli Access Manager Policy Server and Authorization Server
  • One 6-way server running Federated Identity Manager management and run-time servers

Customer ABC will be required to purchase the appropriate number of Processor Value Units (PVUs) to entitle the total number of processors as identified in the following table:

Tivoli Federated Identity Manager - Unlimited user option (PVUs) table

Tivoli Federated         Quantity in customer  Total processors
Identity Manager server  environment           requireing PVUs

2-way                    2                      4

4-way                    1                      4
-
6-way                    1                      6

Total processors for calculating PVUs to order 14*

* There is a minimum order quantity of 14 processors for the IBM Tivoli Federated Identity Manager Unlimited User Option.

In this example, the appropriate number of Processor Value Units must be purchased to entitle the 14 processors. For more information on Processor Value Units (PVUs), access the following

http://www-306.ibm.com/software/lotus/passportadvantage/pvu_licensing_for_customers.html

Note: Processors are only counted once under the Tivoli Federated Identity Manager license. If the policy server and the authorization server run on the same processors, they are only counted once for the purpose of determining PVUs to order.

Trading up from Tivoli Access Manager for e-business

Customer XYZ currently owns 40,500 User Value Units (150,000 chargeable users) of IBM Tivoli Access Manager for e-business, and plans to trade up to Tivoli Federated Identity Manager. The customer can take their existing User Value Unit entitlement of IBM Tivoli Access Manager for e-business and trade it in for 150,000 chargeable users of IBM Tivoli Federated Identity Manager using the announced trade-up part number. Customer XYZ would then have 40,500 User Value Units of IBM Tivoli Federated Identity Manager.

Pricing examples for Tivoli Federated Identity Manager Business Gateway V6.2.2

Example 1: Single server deployment - full product on a single server

Customer ABC deploys Tivoli Federated Identity Manager Business Gateway on one server in order to connect with its ten retailing customers. Customer ABC must purchase one entitlement for the one server.

Example 2: Two-server deployment - full product on each server

Customer DEF deploys Tivoli Federated Identity Manager Business Gateway on two servers in order to connect with its ten retailing customers. Customer DEF must purchase two entitlements, one for each of the two servers.

Example 3: Multiple server deployment - separate product components on separate servers

Customer ABC deploys Tivoli Federated Identity Manager Business Gateway on two servers. One server will host the Policy Server and the other server will host the Authorization Server. Customer ABC must purchase two entitlements, one for each of the two servers.



Back to topBack to top
 
Top rule
Ordering information
Bottom rule

This product is only available via Passport Advantage. It is not available as shrinkwrap.

 
Product group: IBM Tivoli
  Product Identifier Description                        PID

  IBM Tivoli Federated Identity Manager V6.2.2          5724-L73
  IBM Tivoli Federated Identity Manager                 5724-Q82
       Business Gateway V6.2.2
 
Product category: Tivoli Security

Passport Advantage customer: Media pack entitlement details

Customers with active maintenance or subscription for the products listed are entitled to receive the corresponding media pack.

 
Entitled maintenance offerings
description                                                 Part number

IBM TIVOLI FEDERATED IDENTITY MGR V6.2.2 MEDIA CD MP ML     BJ105ML
IBM TIVOLI FEDERATED ID BGWAY MGR V6.2.2 MEDIA CD MP ML     BJ106ML
IBM TIV FIM BGWAY SINGLE PARTNER V6.2.2 MEDIA CD ML         BJ107ML

Current licensees

Customers current on maintenance will be able to access this new release on Passport Advantage.

New licensees

Orders for new licenses will be accepted now.

Shipment will begin on the planned availability date.

Basic license

Ordering information for Passport Advantage

Passport Advantage allows you to have a common anniversary date Software Subscription and Support (SW S&S) renewals, which can simplify management and budgeting for eligible new versions and releases (and related technical support) for your covered products. The anniversary date, established at the start of your Passport Advantage Agreement, will remain unchanged while your Passport Advantage Agreement remains in effect. New software purchases will initially include twelve full months of Software Subscription and Support (also referred to as Software Maintenance). Software Subscription and Support in the second year (the first year of renewal) can be prorated to be coterminous with your common anniversary date. Thereafter, all Software Subscription and Support (Software Maintenance) will renew at the common anniversary date for twelve full months of Software Subscription and Support (Software Maintenance).

Refer to the IBM International Passport Advantage Agreement and to the IBM Software Support Handbook for specific terms relating to, and a more complete description of, technical support provided through Software Subscription and Support (Software Maintenance).

The quantity to be specified for the Passport Advantage part numbers in the following table is per required number of User Value Units, Processor Value Units and Servers. To order for Passport Advantage, specify the desired part number and quantity.

IBM Tivoli Federated Identity Manager V6.2.2

Description                                              Part number

Tivoli Federated Identity Manager User Value Unit        D0432LL
Lic and SW S&S 12 Months
 
Tivoli Federated Identity Manager User Value Unit        E04TXLL
Annual SW S&S Renewal
 
Tivoli Federated Identity Manager User Value Unit        D0433LL
SW S&S Reinstatement 12 Months
 
IBM Tivoli Federated Identity Manager User Value Unit    D0434LL
from Tivoli Access Manager for e-business Trade Up
License + SW Subscription & Support 12 Months
 
IBM Tivoli Federated Identity Manager Unlimited          E0277LL
User Option Processor Value Unit (PVU) Annual SW
S&S Renewal
 
IBM Tivoli Federated Identity Manager Unlimited          D55ZJLL
User Option Processor Value Unit (PVU) License and
SW S&S 12 Months
 
IBM Tivoli Federated Identity Manager Unlimited          D55ZKLL
User Option Processor Value Unit (PVU)
SW S&S Reinstatement 12 Months
 
IBM Tivoli Federated Identity Manager Unlimited User     D56NYLL
Option Processor Value Unit (PVU) from Tivoli Access
Manager for eBusiness Trade Up License + SW Subscription
& Support 12 Months
 
IBM Tivoli Federated Identity Manager Unlimited          E025YLL
User Option zEnterprise™ BladeCenter® Extension and
Linux on System z Processor Value Unit (PVU)
Annual SW S&S Renewal
 
IBM Tivoli Federated Identity Manager Unlimited          D55X9LL
User Option for zEnterprise BladeCenter Extension and
Linux on System z Processor Value Unit (PVU)
License and SW S&S 12 Months
 
IBM Tivoli Federated Identity Manager Unlimited          D55XALL
User Option for zEnterprise BladeCenter Extension and
Linux on System z Processor Value Unit (PVU) SW S&S
Reinstatement 12 Months
 
IBM Tivoli Federated Identity Manager                    D0AUNLL
for zEnterprise BladeCenter Extension and
Linux on System z User Value Unit Lic + SW S&S 12 Mo
 
IBM Tivoli Federated Identity Manager                    E07P7LL
for zEnterprise BladeCenter Extension and
Linux on System z User Value Unit Annual SW S&S Rnwl
 
IBM Tivoli Federated Identity Manager                    D0AUPLL
for zEnterprise BladeCenter Extension and
Linux on System z User Value Unit SW S&S Reinstate 12 Mo

IBM Tivoli Federated Identity Manager Business Gateway V6.2.2

Description                                              Part number

IBM Tivoli Federated Identity Manager Business           D59UYLL
Gateway Server License and SW S&S 12 Months
 
IBM Tivoli Federated Identity Manager Business           D59UZLL
Gateway Server SW S&S Reinstatement 12 Months
 
IBM Tivoli Federated Identity Manager Business           D6123LL
Gateway for Single Partner User License and SW
S&S 12 Months
 
IBM Tivoli Federated Identity Manager Business Gateway   D612PLL
Server from IBM Tivoli Federated Identity Manager
Business Gateway for Single Partner Trade Up License +
SW Subscription & Support 12 Months
 
IBM Tivoli Federated Identity Manager Business           D6124LL
Gateway for Single Partner Server License and SW
S&S Reinstatement 12 Months
 
IBM Tivoli Federated Identity Manager Business           E035CLL
Gateway Server Annual SW S&S Renewal
 
IBM Tivoli Federated Identity Manager Business           E03TNLL
Gateway for Single Partner Server Annual SW
S&S Renewal
 
IBM Tivoli Tivoli Federated Identity Manager Business    D0AU7LL
Gateway for Single Partner for zEnterprise BladeCenter
Extension and Linux on System z Server License +
SW Subscription & Support 12 Months
 
IBM Tivoli Federated Identity Manager Business Gateway   D0AU5LL
zEnterprise BladeCenter Extension and Linux on System z
Server Lic + SW S&S 12 Mo
 
IBM Tivoli Federated Identity Manager Business Gateway   E07NYLL
zEnterprise BladeCenter Extension and Linux on System z
Server Annual SW S&S Rnwl
 
IBM Tivoli Federated Identity Manager Business Gateway   D0AU6LL
zEnterprise BladeCenter Extension and Linux on System z
Server S&S Reinstate 12 Mo
 
IBM Tivoli Federated Identity Manager Business Gateway   D0AU7LL
for Single Partner for zEnterprise BladeCenter Extension
and Linux on System z Server Lic + SW S&S 12 Mo
 
IBM Tivoli Federated Identity Manager Business Gateway   E07NZLL
for Single Partner zEnterprise BladeCenter Extension
and Linux on System z Server Annual SW S&S Rnwl
 
IBM Tivoli Federated Identity Manager Business Gateway   D0AU8LL
for Single Partner zEnterprise BladeCenter Extension
and Linux on System z Server SW S&S Reinstate 12 Mo
 

To order a media pack for Passport Advantage, specify the part number in the desired quantity from the following table:

Description                                                Part number

IBM TIVOLI FEDERATED IDENTITY MGR V6.2.2 MEDIA CD MP ML    BJ105ML
 
IBM TIVOLI FEDERATED IDENTITY BUSINESS GATEWAY V6.2.2      BJ106ML
MEDIA CD MP ML
 
IBM TIVOLI FEDERATED IDENTITY BUSINESS GATEWAY FOR SINGLE  BJ107ML
PARTNER V6.2.2 MEDIA CD MP ML

Withdrawal of Passport Advantage part numbers

The following Passport Advantage media packs will be withdrawn on December 18, 2011:

Description                                             Part number

IBM Tivoli Federated Identity Manager Unlimited         BJ0P8ML
User Option Processor for Multiplatforms Version 6.2
Multilingual CD ROM 128 Bit Encryption Media Pack
 
IBM Tivoli Federated Identity Manager Business          BJ0P5ML
Gateway Version 6.2, Multiplatforms, Multilingual
CD ROM 128 Bit Encryption Media Pack
 
IBM Tivoli Federated Identity Manager Business Gateway  BJ0PEML
for Single Partner Version 6.2, Multiplatforms,
Multilingual CD ROM 128 Bit Encryption Media Pack

Subscription and Support

Subscription and Support must be ordered to receive voice technical support via telephone during normal business hours, and future releases and versions, at no additional charge. The capacity of Subscription and Support (for example, Processor Value Units or terabytes) must be the same as the capacity ordered for the product licenses.

To order, specify the Subscription and Support program product number and the appropriate license or charge option.

IBM is also providing Subscription and Support for these products, via a separately purchased offering, under the terms of the IBM International Agreement for Acquisition of Support Maintenance. This offering:

  • Includes and extends the support services provided in the base support to include technical support via telephone during normal business hours.
  • Entitles you to future releases and versions, at no additional charge. Note that you are not entitled to new products.

When Subscription and Support is ordered, the charges will automatically renew annually unless cancelled by you.



Back to topBack to top
 
Top rule
Terms and conditions
Bottom rule

The information provided in this announcement letter is for reference and convenience purposes only. The terms and conditions that govern any transaction with IBM are contained in the applicable contract documents such as the IBM International Program License Agreement, IBM International Passport Advantage Agreement, and the IBM Agreement for Acquisition of Software Maintenance.

This product is only available via Passport Advantage. It is not available as shrinkwrap.

Licensing

IBM International Program License Agreement including the License Information document and Proof of Entitlement (PoE) govern your use of the program. PoEs are required for all authorized use. Part number products only, offered outside of Passport Advantage, where applicable, are license only and do not include Software Maintenance.

This software license includes Software Subscription and Support (also referred to as Software Maintenance).

These programs are licensed under the IBM Program License Agreement (IPLA) and the associated Agreement for Acquisition of Software Maintenance, which provide for support with ongoing access to releases and versions of the program. IBM includes one year of Software Subscription and Support (also referred to as Software Maintenance) with the initial license acquisition of each program acquired. The initial period of Software Subscription and Support (also referred to as Software Maintenance) can be extended by the purchase of a renewal option, if available. These programs have a one-time license charge for use of the program and an annual renewable charge for the enhanced support that includes telephone assistance (voice support for defects during normal business hours), as well as access to updates, releases, and versions of the program as long as support is in effect.

License Information form number
L-JSCK-8FAPHZ - IBM Tivoli Federated Identity Manager V6.2.2 (5724-L23)
L-JSCK-8KYNZL - IBM Tivoli Federated Identity Manager Business Gateway V6.2.2 (5724-Q82)
L-JSCK-8LAS5Q - IBM Tivoli Federated Identity Manager Business Gateway - Single Partner V6.2.2 (5724-Q82)

The program's License Information will be available for review on the IBM Software License Agreement website

http://www.ibm.com/software/sla/sladb.nsf
Limited warranty applies

Yes

Limited warranty

IBM warrants that when the program is used in the specified operating environment, it will conform to its specifications. The warranty applies only to the unmodified portion of the program. IBM does not warrant uninterrupted or error-free operation of the program or that IBM will correct all program defects. You are responsible for the results obtained from the use of the program.

IBM provides you with access to IBM databases containing information on known program defects, defect corrections, restrictions, and bypasses at no additional charge. For further information, consult the IBM Software Support Handbook found at

http://www.ibm.com/support/handbook

IBM will maintain this information for at least one year after the original licensee acquires the program (warranty period).

Program technical support

Technical support of a program product version or release will be available for a minimum of five years from the general availability date, as long as your Software Subscription and Support (also referred to as Software Maintenance) is in effect. This technical support allows you to obtain assistance (via telephone or electronic means) from IBM for product-specific, task-oriented questions regarding the installation and operation of the program product. Software Subscription and Support (Software Maintenance) also provides you with access to updates (modifications or fixes), releases, and versions of the program. You will be notified, via announcement letter, of discontinuance of support with 12 months' notice. If you require additional technical support from IBM, including an extension of support beyond the discontinuance date, contact your IBM representative or IBM Business Partner. This extension may be available for a fee.

Money-back guarantee

If for any reason you are dissatisfied with the program and you are the original licensee, you may obtain a refund of the amount you paid for it, if within 30 days of your invoice date you return the program and its PoE to the party from whom you obtained it. If you downloaded the program, you may contact the party from whom you acquired it for instructions on how to obtain the refund.

For clarification, note that (1) for programs acquired under the IBM International Passport Advantage offering, this term applies only to your first acquisition of the program and (2) for programs acquired under any of IBM's On/Off Capacity on Demand (On/Off CoD) software offerings, this term does not apply since these offerings apply to programs already acquired and in use by you.

Other terms
Volume orders (IVO)

No

IBM International Passport Advantage Agreement
Passport Advantage applies

Yes, and through the Passport Advantage website at

http://www.ibm.com/software/passportadvantage
Usage restriction

Yes. Usage is limited to the quantity of Value Units licensed

For additional information, refer to the License Information document that is available on the IBM Software License Agreement website

http://www.ibm.com/software/sla/sladb.nsf
Software Subscription and Support applies

Yes. Software Subscription and Support (also referred to as Software Maintenance) is included with licenses purchased through Passport Advantage and Passport Advantage Express. Product upgrades and Technical Support are provided by the Software Subscription and Support offering as described in the Agreements. Product upgrades provide the latest versions and releases to entitled software and Technical Support provides voice and electronic access to IBM support organizations, worldwide.

IBM includes one year of Software Subscription and Support with each program license acquired. The initial period of Software Subscription and Support can be extended by the purchase of a renewal option, if available.

While your Software Subscription and Support is in effect, IBM provides you assistance for your routine, short duration installation and usage (how-to) questions, and code-related questions. IBM provides assistance via telephone and, if available, electronic access, only to your information systems (IS) technical support personnel during the normal business hours (published prime shift hours) of your IBM support center. (This assistance is not available to your end users.) IBM provides Severity 1 assistance 24 hours a day, 7 days a week. For additional details, consult your IBM Software Support Handbook at

http://www.ibm.com/support/handbook

Software Subscription and Support does not include assistance for the design and development of applications, your use of programs in other than their specified operating environment, or failures caused by products for which IBM is not responsible under the applicable agreements.

For additional information about the International Passport Advantage Agreement and the IBM International Passport Advantage Express Agreement, visit the Passport Advantage website at

http://www.ibm.com/software/passportadvantage
System i Software Maintenance applies

No

Variable charges apply

No

Educational allowance available

Not applicable.



Back to topBack to top
 
Top rule
IBM Electronic Services
Bottom rule

IBM has transformed its delivery of hardware and software support services to help you achieve higher system availability. Electronic Services is a web-enabled solution that offers an exclusive, no-additional-charge enhancement to the service and support available for IBM servers. These services are designed to provide the opportunity for greater system availability with faster problem resolution and preemptive monitoring. Electronic Services comprises two separate, but complementary, elements: Electronic Services news page and Electronic Services Agent.

The Electronic Services news page is a single Internet entry point that replaces the multiple entry points traditionally used to access IBM Internet services and support. The news page enables you to gain easier access to IBM resources for assistance in resolving technical problems.

The Electronic Service Agent™ is no-additional-charge software that resides on your server. It monitors events and transmits system inventory information to IBM on a periodic, client-defined timetable. The Electronic Service Agent automatically reports hardware problems to IBM. Early knowledge about potential problems enables IBM to deliver proactive service that may result in higher system availability and performance. In addition, information collected through the Service Agent is made available to IBM service support representatives when they help answer your questions or diagnose problems. Installation and use of IBM Electronic Service Agent for problem reporting enables IBM to provide better support and service for your IBM server.

To learn how Electronic Services can work for you, visit

http://www.ibm.com/support/electronic


Back to topBack to top
 
Top rule
Prices
Bottom rule

Business Partner information

If you are an IBM Business Partner -- Distributor for Workstation Software acquiring products from IBM, you may link to Passport Advantage Online for resellers where you can obtain Business Partner pricing information. An IBM ID and password are required.

https://www.ibm.com/software/howtobuy/passportadvantage/paoreseller

Information on charges is available at Web site

http://www.ibm.com/support

In the Electronic tools category, select the option for Purchase/upgrade tools.

Passport Advantage

For Passport Advantage and charges, contact your IBM representative or your authorized IBM Business Partner. Additional information is also available at

http://www.ibm.com/software/passportadvantage


Back to topBack to top
 
Top rule
Order now
Bottom rule

To order, contact your local IBM representative or your IBM Business Partner.

To identify your local IBM Business Partner or IBM representative, call 800-IBM-4YOU (426-4968). For more information, contact the Americas Call Centers.

Phone:     800-IBM-CALL (426-2255)
Fax:       800-2IBM-FAX (242-6329)

For IBM representative: callserv@ca.ibm.com


For IBM Business Partner: pwswna@us.ibm.com
 
Mail:      IBM Teleweb Customer Support
           ibm.com® Sales Execution Center, Americas North
           3500 Steeles Ave. East, Tower 3/4
           Markham, Ontario
           Canada  L3R 2Z1
 
Reference: YE001

The Americas Call Centers, our national direct marketing organization, can add your name to the mailing list for catalogs of IBM products.

Note: Shipments will begin after the planned availability date.

Trademarks

LotusLive, zEnterprise and Electronic Service Agent are trademarks of IBM Corporation in the United States, other countries, or both.

IBM, Tivoli, RACF, z/OS, Passport Advantage, AIX, POWER, System z, WebSphere, Express, BladeCenter and ibm.com are registered trademarks of IBM Corporation in the United States, other countries, or both.

Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both.

Windows is a trademark of Microsoft Corporation in the United States, other countries, or both.

Other company, product, and service names may be trademarks or service marks of others.

Terms of use

IBM products and services which are announced and available in your country can be ordered under the applicable standard agreements, terms, conditions, and prices in effect at the time. IBM reserves the right to modify or withdraw this announcement at any time without notice. This announcement is provided for your information only. Additional terms of use are located at:

http://www.ibm.com/legal/us/en/

For the most current information regarding IBM products, consult your IBM representative or reseller, or visit the IBM worldwide contacts page

http://www.ibm.com/planetwide/us/

Terms of use