WA1392 WebSphere Portal v5.1 Security Training and Courseware

Quick Enroll

This training course introduces the students to the security features of WebSphere Portal Server v5. During the course, students get introduced to the architecture of WebSphere Portal Server and understand the portal server security model and integration with external security tools. The course also lists the common security vulnerabilities covers some best practices for reducing those vulnerabilities.

Basic objectives of the course are as follows:

Understand the various WebSphere Portal Components
Describe Portal Server and Portal Engine Architecture
Understand the relationship between WAS and WPS
Understand the various types of security and security policies.
Describe the various types of Defense mechanism such as authentication, authorization, delegation, firewalls and encryption
Describe a Portal Document Manager
Learn to configure a PDM portlet
Learn to assign users and groups to various roles in portal server
Understand the process of approval workflow
Understand the various configuration utilities that come with portal server.
Describe the process involved in moving the portal server database (Cloudscape) to DB2 or Oracle.
Explain the process of enabling security with Member Manager Database
Enable security with LDAP
Understand the structure and components of Credential Vault
Learn to perform Vault Administration
Understand the need for External Authentication
Understand the features of Tivoli Access Manager (TAM)
Describe the security policy in TAM
Explain the concept of Trust Association Interceptor (TAI) in WebSphere Application Server and it's role in integrating with third party security tools
List top 10 Internet Security Vulnerabilities for Windows and UNIX
Understand the Best Practices for Reducing Vulnerabilities
List the points for Risk Control Checklist and understand Best Practices

Prepare a Security Checklist for security both software and network systems

Topics
	WPS Introduction Security Concepts WP Roles and Authorization WP Security - Authentication Document Manager Configuration Management Implementing Portal Security TAM Implementation with WPS V5 Risks and Controls in Web and distributed systems

What you will learn
	After completing this course, the student should be able to: Protect pages and portlets based on user role. Configure WebSphere Portal Server v5.1 to use a LDAP user registry. Migrate portal server to use DB2 or Oracle as data storage. Use an external security manager such as Tivoli Access Manager (TAM).

Audience
	The class is designed for students who already know WebSphere Portal Server v5.1 administration.

Prerequisites
	Knowledge of WebSphere Application Server administration. Basic knowledge of WebSphere Portal Server 5.1 administration.

Duration
	2 days

Course Outline

1. Introduction to the WebSphere Portal Server
	Objectives What is a Portal General Portal Architecture WebSphere Portal Components WebSphere Portal Components – cont’ WebSphere Portal Enable A Typical Network Architecture for WebSphere Portal WebSphere Portal Server Architecture Portal Engine Architecture Relationship Between WAS and WPS Relationship Between WAS and WPS … Summary

2. Security Concepts
	Objectives Security Types of Security Security Policy Security Policy for different types of attack Security Policy - Example Security Functionality Authentication Single Sign-On (SSO) Authorization Authorization -- Access Control List (ACL) Authorization -- Capability List Delegation Encryption Encoding and Encryption Kerberos Firewalls Features of Firewalls Summary

3. WebSphere Portal Server Roles and Authorization
	Objectives J2EE Security Goals Roles and Authorization J2EE Authorization Model WebSphere Application Server Authorization Model Authorization - WebSphere Portal Server How Does Authorization Work? Roles Role Membership More on Authorization Resources Common Access Rights Managing Users and Groups User Group Permissions Portlet Resource Permissions Portlet Manage Users and User Groups Portlet Access Control List (ACL) Support for J2EE Security Model Summary

4. WebSphere Portal Security - Authentication
	Topics Web Servers Using an external web server Web Request Processing Plugin Configuration User Registries LDAP Security Basics LDAP Data Structure Example Distinguished Name (DN) DN and RDN Example Searching Public Key Cryptography Cryptography in WebSphere Portal Certificates Authentication Lightweight Third Party Authentication (LTPA) Using LTPA Configuring SSO in WebSphere WebSphere SSL Configuration SSL Configuration Repertoire SSL Repertoires Creating an SSL Repertoire Dummy Certificates Key File Trust File Default Key Stores Obtaining a Certificate Generate a Self-Signed Certificate Getting a CA Signed Certificate Specify the Key Store Different SSL Interactions Web Client to Web Server Enable SSL For IBM HTTP Server Web server to WebSphere Web server to WebSphere (cont.) Java Client to WebSphere Summary

5. Document Manager
	Objectives What is Portal Document Manager (PDM)? Configuring the PDM Portlet Management Functions Access Control Approval Workflow Summary

6. Configuration Management
	Objectives Configuration Utilities Configuration Utilities & Security WPSconfig Utility ANT Script File How WPSConfig Uses ANT? More on Properties Property Precedence What Can You Do With WPSConfig? Migrating Database Migrate to DB2 Migrate to DB2… Migrate to Oracle Migrate to Oracle… Summary

7. Security
	Objectives Key Concepts Authentication Portal User Registry WebSphere Member Manager The Member Manager Configuring Member Manager Enabling Security with Member Manager Database WebSphere Security Changes Enabling Security with LDAP Security with LDAP… Single Sign On (SSO) Enabling SSL Credential Vault Credential Components of Credential Vault Structure of the Credential Vault Slot Scope Credential Access Level Active Credentials Passive Credentials Credential Vault Application Programming Interface (API) Credential Vault Application Programming Interface (API) Single Sign-on Scenario Vault Administration Vault Administration… Summary

8. TAM Implementation with WPS V5
	Objectives External Authentication Tivoli Access Manager (TAM) Protected Object Space Security Policy Access Control List (ACL) Access Control List (ACL).. Protected Object Policy (POP) Authorization Rules Implementing security in Tivoli Access Manager Administration Users and Groups Advantages of TAM Tivoli Access Manager Tivoli Access Manager Security Administration Tivoli Access Manager WebSEAL WebSEAL Junction Policy Server TAM - Complete authorization Picture Trust Association Interceptor (TAI) Trust Association Interceptor (TAI) Interfaces Supported TAIs in WPS Trust Association Interceptor (TAI) - Functioning Trust Association Interceptor… Using TAI for Single Sign On Summary

9. Risks & Controls in Web-based & Distributed Systems
	Objectives SANS Top 10 Internet Security Vulnerabilities for Windows SANS Top 10 Internet Security Vulnerabilities for Unix Risk Control in Web Application Security Vulnerabilities in Authentication Risk Control Checklist Best Practices for Reducing Vulnerabilities Vulnerabilities of Access Control Forceful Browsing Risk Control Checklist and Best Practices Vulnerabilities of Sensitive Data Protection Risk Control Checklist and Best Practices Summary of Risks and Risk Control Best Practices Summary of Risks and Risk Control Best Practices – cont’ Do this now.... Summary

We regularly offer classes in these and other cities. Atlanta, Austin, Baltimore, Calgary, Chicago, Cleveland, Dallas, Denver, Detroit, Houston, Jacksonville, Miami, Montreal, New York City, Orlando, Ottawa, Philadelphia, Phoenix, Pittsburgh, Seattle, Toronto, Vancouver, Washington DC.