nv-l
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[nv-l] Three tier Architecture for Tivoli Identity Manager

from [Karl Prinelle] [Permanent Link][Original]
To: <nv-l@lists.us.ibm.com>
Subject: [nv-l] Three tier Architecture for Tivoli Identity Manager
From: "Karl Prinelle" <Karl.Prinelle@elyzium.co.uk>
Date: Tue, 13 Sep 2005 11:32:48 +0100
Delivery-date: Tue, 13 Sep 2005 11:33:53 +0100
Envelope-to: nv-l-archive@lists.skills-1st.co.uk
Reply-to: nv-l@lists.us.ibm.com
Sender: owner-nv-l@lists.us.ibm.com
Thread-index: AcW4TnwJT7BTzhSHSVq+cXrfZ+xNRg==
This isn't the right list - use tme10@lists.us.ibm.com for the Tivoli product set, or DeveloperWorks on the IBM site.
 
That said, in answer to your question;
 
You seem to be talking about a functional cluster - but these are being depreciated afaik - ITIM 4.6 only supports a regular cluster.
 
It very much depends on system load & sizing to be honest.  You can put it all on one machine, or you can have many.  Assuming you use IDS (which uses DB2) and you need multiple servers;
 
 
Server#1: WAS & ITIM Application
Server#2: IBM Directory Server (ITIM instance), DB2 (LDAP instance), DB2 (ITIM Audit db instance)
 
OR
 
Server#1: WAS & ITIM Application - node 1
Server#2: WAS & ITIM Application - node 2
Server#3: WAS Cluster Manager, IBM Directory Server (ITIM instance), DB2 (LDAP instance), DB2 (ITIM Audit db instance)
Server#4: HTTP server (points to Server#1, Server#2)
 
In terms of DMZ's, all the ports are documented for inter-app communication so that should be ok, although personally I'd put the ITIM solution within it's own DMZ & not each box.  Put the HTTP server (server#4) outside the DMZ if necessary.  That way you limit the DMZ config's needed yet don't really loose that much by way of security.
 
K
 

Karl Prinelle
Principal Architect
Elyzium Ltd
www.elyzium.co.uk

Disclaimer:

This email transmission is confidential and intended solely for the person or organisation to whom it is addressed.  If you are not the intended recipient, you must not copy, distribute or disseminate the information, or take any action in reliance of it. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of any organisation or employer.  If you have received this message in error, do not open any attachment but please notify the sender (above) deleting this message from your system.  Please rely on your own virus check, no responsibility is taken by the sender for any damage rising out of any bug or virus infection.
 
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [nv-l] invoking nvsnmptrap 58916871 from within an application, Swapna Prasad
Next by Date:  Re: [nv-l] trapd.log on Netview unix, James Shanks
Previous by Thread:  [nv-l] Three tier Architecture for Tivoli Identity Manager, seema pa
Next by Thread:  RE: [nv-l] trapd.log on Netview unix, Colin Mulkerrins
Indexes:  [Date] [Thread] [Top] [All Lists]

Archive operated by Skills 1st Ltd

See also: The NetView Web