(Optional) CA Business Intelligence is a set of reporting and analytic software that various CA products use for the purposes of presenting information and supporting business decisions. CA products use CA Business Intelligence to integrate, analyze, and then present, through various reporting options, information required for effective enterprise IT management.
Included in CA Business Intelligence is SAP BusinessObjects Enterprise XI 3.1 SP3, a complete suite of information management, reporting, and query and analysis tools. CA Business Intelligence installs SAP BusinessObjects Enterprise XI 3.1 SP3 as a stand–alone component. In this guide, this stand–alone component is referred to as the Report Server. Installing the Report Server is a separate step within the overall SiteMinder installation process. Installing the Report Server separately from SiteMinder–specific components lets other CA products share the same Business Intelligence Services.
The Report Server compiles reports to help you analyze your SiteMinder environment. The purpose of this component it to create the following types of reports:
The Report Server communicates with the following components to compile reports:
A SiteMinder implementation contains multiple data stores. Some stores are required, while others are optional, or only required to implement specific features.
The following descriptions detail:
(Required) The SiteMinder policy store (policy store) is an entitlement store that resides in an LDAP directory server or ODBC database. The purpose of this component is to store all policy-related objects, including the:
The Policy Server uses this information, collectively known as an Enterprise Policy Management (EPM) application or SiteMinder policy, to determine if a resource is protected and if an authenticated user is authorized to access the requested resources.
(Required) A SiteMinder user store connection (user store connection) is a connection to an existing user directory or database in your enterprise network. You are not required to use a proprietary SiteMinder user store. The purpose of the user store connection is to make user data available to the Policy Server, which includes the following:
The Policy Server uses these connections to:
Note: For more information about configuring a user store connection, see the documentation roadmap.
(Optional) By default, the Administrative UI uses the policy store as its source for SiteMinder administrator credentials. This default configuration lets you manage the environment immediately after configuring a policy store and installing the Administrative UI. When you configure a policy store, the default SiteMinder super user account (siteminder) is created. This account has maximum system privileges, and is used to access the Administrative UI for the first–time and to create additional SiteMinder administrators.
You can configure the Administrative UI to use an external administrator user store, for example, a corporate directory. An external administrative user store is a connection to an LDAP directory server or ODBC database in your enterprise network. Consider the following:
Note: For more information about SiteMinder administrators and configuring an external administrative user store, see the documentation roadmap.
(Required) The purpose of this component is to store the encryption keys that the Policy Servers and the agents use to encrypt sensitive data, which include:
You can collocate the key store with the policy store or you can store encryption keys in a separate directory or database. The need to deploy a separate key store depends on:
Note: If you use the Policy Server Configuration wizard to configure a policy store, the key store is automatically collocated with the policy store.
(Optional) The SiteMinder certificate data store (CDS) makes the following components and functions available to a SiteMinder environment:
Note: SiteMinder federation features use the certificate data store. The user certificates that the X.509 certificate authentication scheme uses for authentication are not stored in the certificate data store. These user certificates are stored in an LDAP/AD user directory or ODBC store.
By default, the certificate data store is automatically configured and colocated with the policy store. As a result:
(Optional) By default, the Policy Server writes audit events to a text file, which is known as the Policy Server log. The purpose of audit logs is to track information about all user activity, including:
However, you can configure a stand–alone SiteMinder audit database (audit database). When deciding where to store audit events, consider that:
Note: For more information about configuring an audit database, see the documentation roadmap.
(Optional) When SiteMinder authenticates a user, the Policy Server issues a session ticket. A session ticket contains basic information about the user and authentication information for the user. By default, SiteMinder implements session management through non–persistent sessions. If non–persistent sessions are enabled, an Agent writes the session ticket to a cookie on the browser of the users. However, some SiteMinder features require persistent sessions.
If persistent sessions are enabled, an Agent must write the session ticket to a stand–alone database.
You deploy a SiteMinder session store (session store) for the following primary reasons:
Agents use this information to identify users and provide session information to the Policy Server.
Note: For more information about configuring a session store, see the documentation roadmap.
(Required) The SiteMinder Administrative UI (Administrative UI) is a web–based administration console that is installed independent of the Policy Server. The Administrative UI is intended for managing all tasks that are related to access control, reporting, and policy analysis.
|
Copyright © 2012 CA Technologies.
All rights reserved.
|
|