Filter
Top Products
86 Building a Network Access Control Solution with IBM Tivoli and Cisco Systems
The diagram in Figure 4-4 provides a high-level graphical overview of the existing
ABBC security infrastructure. We see that ABBC is using the IBM Tivoli Access
Manager best-practice deployment methodology by incorporating dual multiple
firewalls to secure the core network from external and internal users.
Figure 4-4 Armando Banking Brothers Company security and middlware infrastructure
Also note that in this diagram no distinction is made between the type of Internet
users; in other words, local wired and wireless workstations, authorized remote
access VPN sessions, and branch office connections are all considered part of
the intranet and must pass through the internal firewall to access the secured
applications.
We also see the Security Compliance Manager server in the core network.
4.2.4 Middleware and application infrastructure
In addition to illustrating the existing security infrastructure, Figure 4-4 provides a
bit of data about the ABBC middleware and application infrastructure. Noting the
external application server, we must understand that this one block represents a
External
Networks
WebSEAL
(External
users)
Intranet
Internet
DMZ
Internal Production Network (core)
LDAP
Directory
Middleware
Server
(MQ Integrator)
External
Application
Server
Wireless
Gateway
Clearing
System
Business
Partners
Customers
Temporary
Users
Public
(Guest)
Internal
Application
Server
WebSEAL
(intranet
users)
Mobile
Devices
Corporate
Users
Backend
database
Statement
System
Account
System
CRM
Tivoli Access
Manager
Policy Server
*Also connected to
LDAP
*Authorized
VPN Users are
logically
included here
as well.
Tivoli Security
Compliance
Manager
Server
Firewall
Firewall
Firewall
Browser
Internet
Browser