Rocket LDAP Bridge^TM 3.2 for z/OS

Base Product

The Rocket LDAP Bridge base product includes the following functionality:

• Exposes all database fields for RACF, CA-ACF2, and CA-TopSecret.

• All database fields are searchable using filters of any complexity.

• Fully modifiable schema exposes only those database fields needed by LDAP applications.

• Consolidates various data sources into a single directory.

• Exports and synchronizes data with any other LDAP directory.

• Eliminates or greatly reduces the need to administer multiple directories.

• Designed and tested to integrate with Netegrity SiteMinder and RSA ClearTrust.

• Fast implementation and rapid deployment.

• Robust: designed for 24x7 operation over long periods of time.

Plug-ins

The Rocket LDAP Bridge serves as the foundation for a suite of plug-in products.

Each plug-in enables you to customize your LDAP repository by incorporating new mainframe data sources, or by adding new functionality to existing data sources.

The Rocket LDAP Bridge plug-ins include:

• racf2ldap – This plug-in provides automatic outbound synchronization functionality between RACF and both local and remote LDAP directories. Whenever a change is made within RACF, racf2ldap immediately detects the change and propagates the new data to the LDAP directories. Racf2ldap is designed to support enterprise provisioning and identity management products.

• ldap2racf – This plug-in provides write access to the RACF database and allows you to update any RACF field in real-time. Ldap2racf is designed to support enterprise provisioning and identity management products by providing inbound RACF synchronization via LDAP.

• racfPticket – This plug-in provides single-sign on functionality to any mainframe environment. Often a user’s network and mainframe user accounts differ, requiring users to authenticate several times when attempting to access mainframe resources. RacfPticket provides authorized users and applications one-time RACF credentials that can access mainframe resources without requiring multiple authentications. RacfPticket is designed to support enterprise single-sign-on products via LDAP.

Architecture Fully compliant LDAP support

• Complete LDAP V3 support

• SSL/TLS support

• Referral support

Cost Saving Benefits

• Using LDAP to directly access the enormous amount of information stored on multiple directories can eliminate a whole host of middleware components and simplify the administration of multiple directories.

• Rocket LDAP Bridge negates the need to define or maintain users in yet another directory, thus eliminating deployment expenses and administration expenses for years to come.

• Reduces help desk calls (when used with existing z/OS security).

Required z/OS System Software:

• z/OS V1R1M0 or later

• z/OS Unix System Services

• z/OS TCP/IP

Software solutions developed by Rocket Software are sold by IBM and its Business Partners worldwide --including data management, business intelligence, and systems and storage management -on the entire range of IBM platforms, including zSeries, iSeries, pSeries, Linux, AIX, WebSphere, and Windows. Rocket Software has been an IBM Business Partner since 1990.

Rocket Software, Inc., is a member of the RSA Secured Partner Program, an RSA SecurWorld Channel Partner and an authorized RSA reseller. RSA Security, Inc. and its partners are the most trusted names in e-security.

iTrust Security Ltd Innovation Centre 2 Adelaide Street Luton LU1 5DU 0845-057-3333 www.itrustsecurity.com info@itrustsecurity.com

Rocket Agent for SecurID and z/OS, Rocket Web Security for z/OS, Rocket LDAP Bridge for z/OS, External Security Manager (ESM) Mode and Rocket Software are trademarks of Rocket Software Inc. IBM, OS/390, z/OS, VTAM, CICS, RACF, Language Environment, and WebSphere are registered trademarks of IBM. RSA, RSA SecurID, and RSA ACE/Server are registered trademarks of RSA Security Inc. All other trademarks are trademarks of their respective owners.