IBM Tivoli and Cisco manual Middleware and application infrastructure, Dmz

The diagram in Figure 4-4provides a high-level graphical overview of the existing ABBC security infrastructure. We see that ABBC is using the IBM Tivoli Access Manager best-practice deployment methodology by incorporating dual multiple firewalls to secure the core network from external and internal users.

Figure 4-4 Armando Banking Brothers Company security and middlware infrastructure

Also note that in this diagram no distinction is made between the type of Internet users; in other words, local wired and wireless workstations, authorized remote access VPN sessions, and branch office connections are all considered part of the intranet and must pass through the internal firewall to access the secured applications.

We also see the Security Compliance Manager server in the core network.

4.2.4 Middleware and application infrastructure

In addition to illustrating the existing security infrastructure, Figure 4-4provides a

bit of data about the ABBC middleware and application infrastructure. Noting the external application server, we must understand that this one block represents a

86Building a Network Access Control Solution with IBM Tivoli and Cisco Systems