IBM Security Access Manager WebSEAL overview
WebSEAL is a high performance, multi-threaded web server that applies fine-grained security policies to the Security Access Manager protected web object space. Use WebSEAL so that you can manage access to your private and internal resources.
- Introduction to IBM Security Access Manager
IBM Security Access Manager is a complete authorization and network security policy management solution. It provides end-to-end protection of resources over geographically dispersed intranets and extranets. - WebSEAL introduction
WebSEAL is a resource manager that protects web-based information and resources. It can provide single sign-on solutions and incorporate back-end web application server resources into its security policy. - IBM Security Access Manager appliance
The IBM Security Access Manager appliance provides access and authentication management for user to web application sessions and helps protect applications from threats. - WebSEAL functionality on the appliance
The appliance web reverse proxy includes most of the features offered by a standard software installation of WebSEAL. However, there are some differences, as detailed in this section. - Security concepts for a WebSEAL deployment
You must understand the security model concepts so that you can successfully deploy WebSEAL and protect your resources. Basic concepts include protected object space, access control lists, and protected object policies. - Authorization process
The authorization process determines whether an authenticated user has the right to perform an operation on a specific resource in a secure domain. - Security policy planning and implementation
A corporate security policy for web resources identifies the web resources that require protection and the level of protection. You can implement the security policy by applying the appropriate security mechanisms to the objects requiring protection. - Content types and levels of protection
As the security administrator of your web space, you must correctly identify the types of content available to various user types. Some content must be highly protected and available only to specific users; other content is for general public view. - WebSEAL authentication
Authentication is the method of identifying an individual process or entity that is attempting to log in to a secure domain. WebSEAL can enforce a high degree of security in a secure domain by requiring each user to provide proof of its identity. - Standard WebSEAL junctions
A WebSEAL junction is a TCP/IP connection between a front-end WebSEAL server and a back-end server. - Web space scalability
WebSEAL junctions create a scalable web space. As the demands on the web space grow, more servers can easily be added to expand the capabilities of the site.
Parent topic: Administration