Activation level overview

Each activation level on the IBM® Security Access Manager appliance offers different features. Consider the needs of your environment to determine which activation levels you require.

Security Access Manager Supporting Components: No activation key is required
The Supporting Components provide:
  • Appliance management: local management interface and REST APIs
  • Policy Server
  • Embedded LDAP server
  • Authorization Server
Security Access Manager Platform: Activation key is required
The IBM Security Access Manager Platform secures web applications. To use the web security features, you must activate the Security Access Manager Platform. This activation level includes the following key components:
Web Reverse Proxy
Web Reverse Proxy is a high performance, multi-threaded Web server that applies fine-grained security policy to the IBM Security Access Manager protected web object space. Web Reverse Proxy can provide single sign-on solutions and incorporate back-end web application server resources into its security policy.

For more information, see Web Reverse Proxy administration.

Front-end load balancer
Optimizes resource use and ensures high availability of services. The front-end load balancer accepts requests from clients and determines which backend server is the most suitable to handle the request. It forwards each request to the appropriate server. The front-end load balancer provides persistence for existing sessions.

For more information, see Front-end load balancer.

Web application firewall
Helps protect your web servers from malicious traffic and blocks attempts to compromise the system. See Configuring Web Application Firewall.
Distributed session cache
Maintains session state in clustered server environments. See Distributed session cache overview.
Advanced Access Control Module: Activation key is required
The Advanced Access Control Module secures mobile transactions. This activation level includes features, such as:
Context-based access and an authentication service framework
Provides enhanced authentication assurance, context-based access control, and protection from web-based threats.
API protection
Uses the OAuth protocol, which provides API protection for native mobile and other API-based applications.
Device fingerprinting and registration
Stores the device fingerprint of the user in the context-based access database.

To activate this module, you must first activate the IBM Security Access Manager Platform offering.

Federation Module: Activation key is required
The Federation Module provides support for the SAML 2.0 and OpenID Connect protocols.

To activate this module, you must first activate the IBM Security Access Manager Platform offering.

Figure 1 summarizes the key features and product activation levels.

Figure 1. Product activation levels for the IBM Security Access Manager product
Product activation levels for the IBM Security Access Manager product