Course Description

________________________________________________________________________
Preparing for an IBM Tivoli Identity Manager 4.6 Implementation
________________________________________________________________________

Table of Contents:
• Course Description
• Objectives
• Who Will Benefit From This Course
• Required Skills/Knowledge
• Recommended Courses
• Course Outline

Duration: 2 Days
Delivery Method: Classroom
Language: English
Geography: All

Course Description
Preparing for an IBM Tivoli Identity Manager 4.6 Implementation teaches the student to build a comprehensive deployment strategy for Tivoli Identity Manager. The students step through the planning required to ensure a successful Tivoli Identity Manager deployment that is aligned with business objectives.

During class students first learn to identify key business requirements. Then, through lecture and group discussions, they learn to design a deployment strategy modeled around the business requirements as well as the security policy. Important planning considerations covered in class will include user repositories, access control, organization trees, policies, and so on. At the completion of this two-day course, the students will be able to help plan the IBM Tivoli Identity Manager implementation project for their organizations.

Objectives
After taking this course, the student will be able to:

• Describe the planning steps that will enable a successful IBM Tivoli Identity Manager deployment.
• Identify the components of the system architecture.
• Describe the deployment architecture.
• Assist in planning an IBM Tivoli Identity Manager deployment. 

Who Will Benefit From This Course
People who will participate in the IBM Tivoli Identity Manager implementation project

Required Skills/Knowledge

Recommended Courses

• IBM Tivoli Identity Manager 4.6 Introduction Self-paced
• Tivoli Implementation Foundation Skills: JavaScript Fundamentals Self-paced
• Tivoli Implementation Foundation Skills: LDAP Fundamentals Self-paced

Course Outline

1. Identifying Requirements

• Identify the authoritative sources of users (HR, external companies, customers database, and so on).
• Identify the services whose accounts are to be managed.
• Decide whether to provision used on a role basis or on demand.

2. The Security Policy

• Review the corporate security policy to identify elements that IBM Tivoli Identity Manager could implement or help to implement.
• Identify which IBM Tivoli Identity Manager features are needed in an environment using the business requirements.
• Identify other security products in the environment, such as IBM Tivoli Access Manager and single sign-on, and choose their level of interaction with IBM Tivoli Identity Manager.
• Decide the appropriate approvals for each service, along with escalations.

3. The Centralized User Repository

• Explain why creating a centralized user repository is an important part of most ITIM implementations.
• Decide which information will need to be held in the centralized user repository.
• Develop a strategy to collect that information.
• Decide whether or not to standardize user IDs, and if so, what will be the main ID for existing users.
• Decide how new users will be allocated a main ID.
• Design an appropriate user naming standard.

4. Access Control

• Identify delegated administrators and their portions of the organization. 
• Describe the purpose of ITIM groups.
• Explain Access Control Items (ACIs) and their importance.

5. The Organization Tree

• List the considerations in designing an organization tree.
• List the advantages and disadvantages various organization trees.
• Identify the appropriate organization tree for an ITIM installation.
• Decide where in the organization tree to locate users, roles, and services.
• Describe admin domains and explain where it is appropriate to use them.

6. Service Policies

• Explain provisioning policies.
• Identify where in the organization tree to locate provisioning policies.
• Explain service selection policies.
• Identify where in the organization tree to locate service selection policies.

7. User Policies

• Explain identity policies.
• Identify where in the organization tree to locate identity policies.
• Locate the current password rules on common services.
• Choose password rules that make sense for a particular organization.
• Identify the advantages and disadvantages of password synchronization.
• Choose the appropriate method for users to receive new passwords.

8. Existing Accounts

• Describe the purpose of reconciliation.
• Define and identify system accounts.
• Decide whether system accounts should be managed by ITIM or not.
• Identify the changes to the organizational tree that might be required to manage system accounts.

9. Entitlement Workflows

• Define entitlement workflows.
• Decide which approval process is appropriate for services based on a security policy.

10. Physical Architecture

• Choose a redundancy option for IBM Tivoli Identity Manager.
• Identify the information needed to decide on server capacity for the servers.
• Decide on the topological location of the servers.

11. The Implementation Plan

• Identify people to assist in the planning, design, and implementation of IBM Tivoli Identity Manager.
• Choose whether to use a phased approach, and if so which services to provision first.
• Explain the advantages and disadvantages of having separate IBM Tivoli Identity Manager setups for development and quality assurance.
• Identify the possibly synergies and problems that can be caused by other security related IT projects.

<< Go Back