Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    IBM Security Identity Manager

    The IBM® Security Identity Manager DSM for JSA accepts audit, recertification, and system events from IBM® Security Identity Manager appliances.

    To collect events with JSA, you must have the IBM® Security Identity Manager JDBC protocol that is installed, which allows JSA to poll for event information in the ITIMDB database. IBM® Security Identity Manager events are generated from the audit table along with several other tables from the database.

    Before you configure JSA to integrate with IBM® Security Identity Manager, create a database user account and password in IBM® Security Identity Manager for JSA. Your JSA user needs read permission for the ITIMDB database, which stores IBM® Security Identity Manager events.

    The IBM® Security Identity Manager protocol allows JSA to log in and poll for events from the database. Creating a JSA account is not required, but it is suggested for tracking and securing your event data.

    Note: Ensure that no firewall rules are blocking the communication between your IBM® Security Identity Manager appliance and JSA.

    1. Click the Admin tab.
    2. Click the Log Sources icon.
    3. Click Add.
    4. In the Log Source Name field, type a name for your log source.
    5. In the Log Source Description field, type a description for the log source.
    6. From the Log Source Type list, select IBM® Security Identity Manager.
    7. Using the Protocol Configuration list, select IBM® Security Identity Manager JDBC.
    8. Configure the following values:

      Table 1: IBM Security Identity Manager JDBC Parameters

      Parameter

      Description

      Log Source Identifier

      Type the identifier for the log source. The log source identifier must be defined in the following format:

      ITIMDB@<hostname>

      Where <hostname> is the IP address or host name for your IBM® Security Identity Manager appliance.

      The log source identifier must be unique for the log source type.

      Database Type

      From the Database Type list, select a database to use for the event source.

      The options include the following databases:

      • DB2® - Select this option if DB2® is the database type on your IBM® Security Identity Manager appliance. DB2® is the default database type.

      • MSDE— Select this option if MSDE is the database type on your IBM® Security Identity Manager appliance

      • Oracle— Select this option if Oracle is the database type on your IBM® Security Identity Manager appliance

      Database Name

      Type the name of the database to connect to. The default database name is ITIMDB.

      The table name can be up to 255 alphanumeric characters in length. The table name can include the following special characters: dollar sign ($), number sign (#), underscore (_), en dash (-), and period(.).

      IP or Hostname

      Type the IP address or host name of the IBM® Security Identity Manager appliance.

      Port

      Type the port number that is used by the database server. The default that is displayed depends on the selected Database Type. The valid range is 0 - 65536. The default for DB2® is port 50000.

      The JDBC configuration port must match the listener port of the database. The database must have incoming TCP connections that are enabled to communicate with JSA.

      The default port number for all options include:

      • DB2® - 50000

      • MSDE - 1433

      • Oracle - 1521

      If you define a database Instance when you use MSDE as the database type, you must leave the Port parameter blank in your configuration.

      Username

      Type the database user name. The user name can be up to 255 alphanumeric characters in length. The user name can also include underscores (_).

      Password

      Type the database password.

      The password can be up to 255 characters in length.

      Confirm Password

      Confirm the password to access the database.

      Table Name

      Type ITIMUSER.AUDIT_EVENT as the name of the table or view that includes the event records. If you change the value of this field from the default, events cannot be properly collected by the IBM® Security Identity Manager JDBC protocol.

      The table name can be up to 255 alphanumeric characters in length. The table name can include the following special characters: dollar sign ($), number sign (#), underscore (_), en dash (-), and period(.).

      Select List

      Type * to include all fields from the table or view.

      You can use a comma-separated list to define specific fields from tables or views, if needed for your configuration. The list must contain the field that is defined in the Compare Field parameter. The comma-separated list can be up to 255 alphanumeric characters in length. The list can include the following special characters: dollar sign ($), number sign (#), underscore (_), en dash (-), and period(.).

      Compare Field

      Type TIMESTAMP to identify new events added between queries to the table by their time stamp.

      The compare field can be up to 255 alphanumeric characters in length. The list can include the special characters: dollar sign ($), number sign (#), underscore (_), en dash (-), and period(.).

      Start Date and Time

      Optional. Configure the start date and time for database polling.

      The Start Date and Time parameter must be formatted as yyyy-MM-dd HH: mm with HH specified by using a 24-hour clock. If the start date or time is clear, polling begins immediately and repeats at the specified polling interval.

      Polling Interval

      Type the polling interval in seconds, which is the amount of time between queries to the database table. The default polling interval is 30 seconds.

      You can define a longer polling interval by appending H for hours or M for minutes to the numeric value. The maximum polling interval is 1 week in any time format. Numeric values without an H or M designator poll in seconds.

      EPS Throttle

      Type the number of Events Per Second (EPS) that you do not want this protocol to exceed. The default value is 20000 EPS.

      Authentication Domain

      If you select MSDE as the Database Type, the Authentication Domain field is displayed. If your network is configured to validate users with domain credentials, you must define a Windows™ Authentication Domain. Otherwise, leave this field blank.

      The authentication domain must contain alphanumeric characters. The domain can include the following special characters: underscore (_), en dash (-), and period(.).

      Database Instance

      If you select MSDE as the Database Type, the Database Instance field is displayed.

      Type the instance to which you want to connect, if you have multiple SQL server instances on one server.

      If you use a non-standard port in your database configuration, or access to port 1434 for SQL database resolution is blocked, you must leave the Database Instance parameter blank in your configuration.

      Use Named Pipe Communication

      If you select MSDE as the Database Type, the Use Named Pipe Communication check box is displayed. By default, this check box is clear.

      Select this check box to use an alternative method to a TCP/IP port connection.

      When you use Named Pipe connection, the user name and password must be the appropriate Windows™ authentication user name and password and not the database user name and password. Also, you must use the default Named Pipe.

      Use NTLMv2

      If you select MSDE as the Database Type, the Use NTLMv2 check box is displayed.

      Select the Use NTLMv2 check box to force MSDE connections to use the NTLMv2 protocol when they communicate with SQL servers that require NTLMv2 authentication. The default value of the check box is selected.

      If the Use NTLMv2 check box is selected, it has no effect on MSDE connections to SQL servers that do not require NTLMv2 authentication.

      Database Cluster Name

      If you select the Use Named Pipe Communication check box, the Database Cluster Name parameter is displayed. If you are running your SQL server in a cluster environment, define the cluster name to ensure Named Pipe communication functions properly.

    9. Click Save.
    10. On the Admin tab, click Deploy Changes.

      The configuration is complete.

    Modified: 2017-09-13