| < Day Day Up > |
|
This topic provides hardware and software requirements that are supported for WebSphere Portal and Tivoli Access Manager for e-business products. It also provides the high-level implementation steps needed to install and configure these products.
The following figure depicts the hardware and software configurations used in the lab for implementing a secure portal.
Refer to "Security node" on page 26 and "Application node" on page 26 for a description of each of these nodes.
This section provides data for hardware and software configurations that have been tested by IBM.
Use the following information as a guide for the installation of WebSphere Portal for secure portal implementation.
Processor: CPU speeds of late model, mid-range to high-end servers are recommended: Pentium® 800MHz or the equivalent at a minimum. Production environments should consider the Pentium 4 processor at 1.4GHz or higher.
Physical memory: 1024 MB or more per processor
Disk space: the following disk space is required if you use the installation program to install WebSphere Application Server, extensions, and fixes, IBM HTTP Server, and WebSphere Portal.
Note | You can perform a custom installation of the components. |
The following list shows the space recommendations by component:
Component | Install directory | /tmp | |||
---|---|---|---|---|---|
WebSphere Portal | 1124 MB | 50 MB | |||
WebSphere Application Server, extensions and fixes | 968 MB | 245 MB | |||
IBM HTTP Server | 30 MB | n/a | |||
Total | 2413 MB | 295 MB minimum
|
Virtual memory/swap space: it is recommended that this be equal to double your physical memory. At a minimum, this should be at least equal to your physical memory.
File system: the NTFS file system is recommended.
Note | Because the installation program does not check cluster sizes on a file system, install on an NTFS file system to ensure that you have enough disk space. If you intend to install on a FAT file system, make sure that you have enough disk space prior to installation. For information, refer to the Microsoft® support Web site, http://support.microsoft.com, and search for content about default cluster sizes for FAT file systems. |
Network connectivity: to use Portal across a network, the following is required for the Portal machine:
Network adapter and connection to a physical network that can carry IP packets. For example, Ethernet, Token Ring, ATM, and so on.
Static IP address.
Configured fully-qualified hostname. The portal system must be able to resolve an IP address from its fully-qualified hostname. To ensure that this is configured correctly, you can issue the ping command from a command line. An example command is: ping hostname.yourco.com, where hostname.yourco.com is the fully-qualified hostname.
The minimum WebSphere Portal components that should be installed are as follows:
Software | Notes® |
---|---|
WebSphere Portal 5.0 | Runs on WebSphere Application Server |
IBM WebSphere Application Server Enterprise V5.0 with Fix Pack 1 | All of the fixes listed in the for WebSphere Portal 5.0 Release Notes are required. |
IBM HTTP Server 1.3.26.1 | Used by WebSphere Application Server as a Web (HTTP) Server. |
Cloudscape V5.1.26 (required for initial WebSphere Portal Installation) | Cloudscape must be installed on the same machine where WebSphere Portal is installed. |
A Web browser (Supported Web Browsers are Microsoft IE 5.5 or above, Mozilla 1.0.2 or above, Netscape Communicator 6.2 or above) | The Java Script option must be enabled in the Web browser. |
Note | In our environment, we implemented Windows 2000 Server with SP3 and WebSphere Portal for Multiplatforms V5.0 Enable Edition. Please refer to the following URL for more information about installing WebSphere Portal on other operating systems:
|
Use the following information as a guide for the secure portal implementation.
Base Servers: consist of the following:
Tivoli Access Manager policy server, pdmgrd
Tivoli Access Manager authorization server, pdacld
These form the backbone of the Tivoli Access Manager secure domain.
Base Clients: we install two of the base clients, which are used to interact with the base servers and enforce security policy:
Tivoli Access Manager runtime component, PDRTE
Tivoli Access Manager Java runtime environment component
WebSEAL: Tivoli Access Manager WebSEAL is the security resource manager responsible for managing and protecting Web-based information and resources. WebSEAL provides Single Sign-On capabilities and fine-grained security policy to the protected Web object space.
Tip | For information about other Tivoli Access Manager 4.1 components, visit the info center at the URL:
|
Tivoli Access Manager system recommendations are shown in Table 4-3.
Component | Disk Space (MB) | Memory (MB) | ||||
---|---|---|---|---|---|---|
Minimum | Recommended | Additional for ACL database | Additional for Log Files | Minimum | Recommended | |
Policy Server | 20 | 30 | 10 | 32 | 64 | |
Authorization Server | 10 | 20 | 10 | 32 | 64 | |
Runtime | 75 | 85 | 10 | 64 | 128 | |
Java runtime | 5 | 15 | 10 | 64 | 128 | |
WebSEAL | 10 | 100 | 90 | 64 | 256 |
Note | In general, more disk space and more memory improve performance. |
Memory sizes for the runtime components represent total system memory, including the base operating system, and assume no other Tivoli Access Manager components are installed on the same system. Memory sizes for other components are in addition to the base operating system and other components installed on the same system.
The software recommendations for Tivoli Access Manager for e-business are listed below:
Operating System: Windows 2000 Advanced Server with Service Pack 3 (Service Pack 2 is the minimum requirement).
Tivoli Access Manager 4.1 Components: Policy Server, Authorization Server, WebSEAL Server. Refer to Table 4-4 on page 45 for the prerequisite software for WebSEAL.
Product | Required Patches or Service Level |
---|---|
Java Runtime Environment | Windows Version 1.3.1 with Service Pack2 See Note 1. |
IBM Global Security Toolkit (GSKit) | 5.0.5.74 |
IBM Directory Server, Version 4.1 | Fix Pack FP411W-02. See note 2. |
Tivoli Access Manager 4.1 Fix Pack 6: the release notes of WebSphere Portal V5.0 state that the Portal V5.0 and Tivoli Access Manager4.1 integration requires installation of Tivoli Access Manager V4.1 Fix Pack 2. At the time of this writing, the most current release was Tivoli Access Manager V4.1 Fix Pack 6 (which supersedes Fix Pack 2). We installed this Fix Pack release for secure portal implementation.
Patches required for associated software: Table 4-4 lists the patches required for associated software and the following notes gives URLs to download the fix packs that are not available on CDs.
Note |
|
The following are the high-level steps used to implement the runtime environment for secure portal. The remaining sections of this and the next chapter provide the detailed implementation information for each of these steps. The section "Hardware and software configurations" on page 41 provides a list of all of the software components that are needed. We will install the components in the order shown below:
Installing the WebSphere Portal for Multiplatforms V5.0 Enable Edition.
Create a new user with Administrator privileges before installing the Portal software (this step is optional, but you still must give administrator privileges to a specific user).
When you install WebSphere Portal, it will also install the following components.
IBM HTTP Server V1.3.26
WebSphere Application Server Enterprise Edition V5.0 (from CD#1-1)
IBM Cloudscape V5.1.26
WebSphere Application Server Fix Pack 1 and eFixes (from CD#1-6)
WebSphere Portal Server V5.0.1 (from CD#2)
Installing the LDAP server
When you install IBM Directory Server, it will also install the following components in the order shown below:
IBM DB2 Server
IBM HTTP Server
IBM Directory Server
IBM Directory Client
Installing Tivoli Access Manager V4.1.5 Components
This consists of the following steps:
Installing Policy Server
Installing Authorization Server
Installing WebSEAL
Checking Tivoli Access Manager Installation
Installing Fix Packs for Tivoli Access Manager
Modifying LDAP Access Control
Installing Tivoli Access Manager Java RunTime Environment
Installing Tivoli Access Manager Fix Pack
| < Day Day Up > |
|