Course Overview
This fundamental class teaches the basic administration of Access Management. This role-based training approach is from the perspective of a team of security administrators building a solution from scratch, implementing an innerweb and access to and from the internet via a series of proxy services. It explores security scenarios through encrypted technologies, certificate management, authentication, and authorization. Along the way learning how important it is to protect the network using Risk Services to stealthily determine the risk of each login. We learn data injection, auto form fill, multi-homing, role-based decision making, along with a host of other features of the software. This course provides demonstrations and hands-on activities using a practical, solutions-based approach.
Highlights:
- Building Reverse Proxies
- Understanding and Configuring x.509 Certificates
- Configuring Risk Management
- Configuring Policies with Role-Based Decision Making
- Introduction to Identity Injection
Who should attend
All members of the project team, including security teams, architects, project managers, developers, administrators, and operations personnel.
Prerequisites
To be successful in this course, you should have the following prerequisites or knowledge:
- A basic understanding of the concept of Access Management.
- An understanding of NetIQ eDirectory, NetIQ Identity Manager and Linux.
- A familiarity with basic web services, HTTP Requests and Responses, HTML tags, and serverside dynamic content (JSP, ASP or similar) and having familiarity with php, or JavaScript, or ECMAscript, or RESTful scripting is requested.
Course Objectives
On completion of this course, participants should be able to:
- Identify the Access Manager Solution
- Describe the difference between appliance and component installations
- Build and configure a Reverse Proxy
- Know how to configure SSL for a selfsigned environment
- Understand Risk Management
- Create and utilize Classes, Methods, and Contracts and how to use them in policy and in proxies.
- Create and utilize role-based decision making
Course Content
Chapter 1: Install Console and Identity Server
- Access Manager Concepts
- Planning Access Manager
- Installing Access Manager
- Configuring the Administrative Console
- Additional Adjustments
- Troubleshooting Installation Issues
Chapter 2: Configuring Access Gateway Service
- Connecting the IDP to the IDM Server
- NAM Clusters
- Access Gateway Configuration
- Advanced File Configurator
- Adding Additional Administrators
Chapter 3: Rewriting Web Code
- Rewriting Web Content
- Validating Web Content
- Pin List and Other Options
Chapter 4: Configuring Reverse Proxies
- Configuring Network settings to Support Multiple Web Sites
- Web Acceleration
- Proxy Logging
- Proxy Logic
- Creating Additional Power Users
Chapter 5: Enable and Protect NAM Web Sites
- What is SSL
- SSL Mechanics
- Enabling SSL inside Proxies
- Enable and Protect NAM Web Sites with SSL Certs
Chapter 6: Authentication
- Authentication Framework
- Authenticating to a Site
- Classes, Methods, and Contracts
Chapter 7: Configuring Domain and Multi Homing
- Preparing for Multi-Homing
- Configuring Multi-Homing
- Web Server Acceleration
- Proxy Options
- Proxy Configurations
Chapter 8. Mitigating Risk
- Policy Introduction
- Risk Policy Creation
- How Does Risk Work?
- Integration
Chapter 9: Modifying the Portal Interface
- Customizing the Identity Server Pages
- Customizing the Identity Server Messages
- Customizing the Access Gateway Error Messages
- Customizing the Access Gateway Logout Requests
Chapter 10: Using Appmarks and Enabling Mobile
- Understanding the Web Access Portal
- Configuring Mobile Access
Chapter 11: Applications Configuration Using Roles
- Policy Review
- Access Manager Roles
- Access Manager Authorization
- How Does it Work (Business Case)
- Policy Troubleshooting Tools
- Troubleshooting Steps
Chapter 12: Advanced Applications Configuration
- Identity Injection Overview
- Basic and Custom Header Options
- Form Fill Options
- Form Fill Shared Secrets