websphere Datapower XI 52 Development/Administration

Learning objectives: After completing this course, students should be able to:

• Describe the key use cases and architectural scenarios for the IBM WebSphere DataPower SOA Appliances
• Describe how WebSphere DataPower Appliances are configured, including the role of XSL Transformations (XSLT)
• Configure an XML firewall to protect against a new class of XML-based threats
• Create a Web service proxy to virtualize Web service applications
• Implement Web services security
• Create and configure cryptographic objects
• Configure Secure Sockets Layer (SSL) to and from WebSphere DataPower SOA Appliances
• Configure a multi-protocol gateway (MPG) to handle multiple protocols for a single service
• Configure a service level monitoring (SLM) policy to handle service processing violations
• Enforce service level policies to manage traffic to and from WebSphere DataPower SOA Appliances
• Configure support for IBM WebSphere MQ and Java Message Service (JMS)
• Troubleshoot services using logs and probes
• Handle errors in service policies

Course agenda

Course introduction
Duration: 30 minutes

Unit 1. Introduction to DataPower SOA Appliances
Duration: 1 hour
Learning objectives: After completing this unit, students should be able to:
• Describe and define the role of an SOA appliance
• Identify the products in the WebSphere DataPower SOA Appliance product line
• Describe how to use WebSphere DataPower SOA Appliances in an enterprise architecture

Unit 2. DataPower administration overview

Duration: 1 hour
Learning objectives: After completing this unit, students should be able to:
• List the methods that can be used to administer WebSphere DataPower SOA Appliances
• Manage user accounts and domains on the appliance
• Work with files on the WebSphere DataPower SOA Appliance

Exercise 1. Exercises setup

Duration: 45 minutes
Learning objectives: After completing this exercise, students should be able to:
• Import the files used in the exercises
• Install open source software such as cURL and OpenSSL
• Populate the table containing all of the port numbers

Unit 3. Introduction to XSL transformations

Duration: 1 hour
Learning objectives: After completing this unit, students should be able to:
• Describe the Extensible Stylesheet Language (XSL) model
• Construct XPath expressions
• Create XSL stylesheets to apply XSL transformations
• Use and apply XSL templates in XSLT
• Describe the use of DataPower variables and extensions in XSL stylesheets

Exercise 2. Creating XSL transformations

Duration: 45 minutes
Learning objectives: After completing this exercise, students should be able to:
• Create an XSL stylesheet
• Create an XML firewall service
• Transform an XML file using the compiled XSL stylesheet
• Describe the use of DataPower variables and extensions in XSL stylesheets

Unit 4. DataPower services overview

Duration: 1 hour
Learning objectives: After completing this unit, students should be able to:
• List the supported services on the WebSphere DataPower SOA Appliance
• Compare and contrast the features supported by each WebSphere DataPower service

Exercise 3. Creating a simple XML firewall

Duration: 45 minutes
Learning objectives: After completing this exercise, students should be able to:
• Create an XML firewall
• Create a document processing policy with message schema validation and transformation
• Test the message flow using the command line tool cURL

Unit 5. XML firewall service

Duration: 1 hour 15 minutes
Learning objectives: After completing this unit, students should be able to:
• List the features and functions of an XML firewall service
• Configure an XML firewall service on a WebSphere DataPower SOA Appliance

Unit 6. Problem determination tools

Duration: 45 minutes
Learning objectives: After completing this unit, students should be able to:
• Capture information using system logs from messages passing through the WebSphere DataPower SOA Appliance
• Configure a multistep probe to examine detailed information about actions within rules
• List the problem determination tools available on the WebSphere DataPower SOA Appliance

Exercise 4. Creating an advanced XML firewall

Duration: 2 hours
Learning objectives: After completing this exercise, students should be able to:
• Create an XML firewall from a WSDL definition
• Configure a document processing policy with additional actions
• Configure content-based routing using a Route action
• Test the XML firewall policy using the command line tool cURL
• Perform basic debugging using the system log and multistep probe

Unit 7. Handling errors in a service policy

Duration: 10 minutes
Learning objectives: After completing this unit, students should be able to:
• Configure an On Error action in a service policy
• Configure an Error rule in a service policy
• Describe how On Error actions and Error rules are selected during error handling

Exercise 5. Adding error handling to a service policy

Duration: 20 minutes
Learning objectives: After completing this exercise, students should be able to:
• Configure a service policy with an On Error action
• Configure a service policy with an Error rule

Unit 8. DataPower cryptographic tools

Duration: 45 minutes
Learning objectives: After completing this unit, students should be able to:
• Generate cryptographic keys using the WebSphere DataPower tools
• Create a crypto identification credential object containing a matching public and private key
• Create a crypto validation credential to validate certificates
• Set up certificate monitoring to ensure that certificates are up to date

Exercise 6. Creating cryptographic objects

Duration: 30 minutes
Learning objectives: After completing this exercise, students should be able to:
• Generate cryptographic keys using the WebSphere DataPower crypto tools
• Upload key files to the WebSphere DataPower SOA Appliance
• Create a crypto identification credential using a crypto key object
• Validate certificates using a validation credential object

Unit 9. Securing connections using SSL

Duration: 45 minutes
Learning objectives: After completing this unit, students should be able to:
• Configure the WebSphere DataPower SOA Appliance to communicate using SSL
• Associate an SSL proxy profile with keys and certificates
• Configure a user agent to initiate requests

Exercise 7. Securing connections using SSL

Duration: 1 hour
Learning objectives: After completing this exercise, students should be able to:
• Create an SSL proxy profile to accept SSL connections from a client to the WebSphere DataPower SOA Appliance
• Create an SSL proxy profile to initiate an SSL connection from the WebSphere DataPower SOA Appliance to a back-end service
• Create a Hypertext Transfer Protocol (HTTP) service to handle HTTP requests

Unit 10. XML threat protection

Duration: 45 minutes
Learning objectives: After completing this unit, students should be able to:
• Explain possible attack scenarios involved in XML-based applications
• Describe the various types of XML attacks
• Use the WebSphere DataPower SOA Appliance to protect against XML attacks

Exercise 8. Protecting against XML threats

Duration: 30 minutes
Learning objectives: After completing this exercise, students should be able to:
• Run a recursive entity attack simulation
• Perform a recursive entity threat protection test
• Enable excessive attribute count threat protection
• Enable SQL injection attack prevention

Unit 11. Web service proxy service

Duration: 1 hour
Learning objectives: After completing this unit, students should be able to:
• Describe the Web service proxy architecture
• List and explain the configuration steps needed to create a Web service proxy
• Create and configure a Web service proxy policy at various levels of the Web Services Description Language (WSDL) file

Exercise 9. Configuring a Web service proxy

Duration: 1 hour
Learning objectives: After completing this exercise, students should be able to:
• Configure a WS-Proxy to virtualize an existing set of Web services
• Create a policy within the WS-Proxy

Unit 12. XML and Web services security overview

Duration: 45 minutes
Learning objectives: After completing this unit, students should be able to:
• Describe the features of the WS-Security specification
• Enable message confidentiality using XML Encryption
• Provide message integrity using XML Signature

Exercise 10. Web service encryption and digital signatures

Duration: 1 hour
Learning objectives: After completing this exercise, students should be able to:
• Create an XML firewall to generate a message with XML encryption
• Create an XML firewall to generate a message with an XML digital signature
• Perform field-level encryption and decryption on XML messages
• Create a rule to decrypt messages and verify digital signatures contained in a message within a Web service proxy policy

Unit 13. Authentication, authorization, and auditing (AAA)

Duration: 1 hour
Learning objectives: After completing this unit, students should be able to:
• Describe the authentication, authorization, and auditing framework within the WebSphere DataPower SOA Appliance
• Explain the purpose of each step in an access control policy
• Authenticate and authorize Web service requests with:
• WS-Security Username and binary security tokens
• HTTP Authorization header claims
• Security Assertion Markup Language (SAML) assertions

Exercise 11. Web service authentication and authorization

Duration: 1 hour
Learning objectives: After completing this exercise, students should be able to:
• Configure an action to enforce authentication and authorization policies
• Configure an action to verify an SAML assertion token for authentication and authorization purposes

Unit 14. Configuring LDAP using AAA

Duration: 30 minutes
Learning objectives: After completing this unit, students should be able to:
• Describe the fundamentals of configuring the Lightweight Directory Access Protocol (LDAP) and deploying directory services
• Authenticate and authorize user credentials using LDAP by creating a AAA policy

Exercise 12. Creating a AAA policy using LDAP

Duration: 45 minutes
Learning objectives: After completing this exercise, students should be able to:
• Add entries to the IBM Tivoli Directory Server LDAP server
• Authenticate users on an LDAP server by configuring a AAA policy

Unit 15. Multi-protocol gateway service

Duration: 1 hour
Learning objectives: After completing this unit, students should be able to:
• Configure a multi-protocol gateway to provide a service over a set of different protocols
• Configure a connection to a static back-end service
• Configure a processing rule to select a back-end service at run time

Exercise 13. Configuring a multi-protocol gateway service

Duration: 1 hour 15 minutes
Learning objectives: After completing this exercise, students should be able to:
• Configure a multi-protocol gateway to accept messages over HTTP and HTTPS
• Forward messages from a multi-protocol gateway to a static back-end service

Unit 16. Monitoring objects

Duration: 30 minutes
Learning objectives: After completing this unit, students should be able to:
• Identify messages that will be monitored
• Configure a message count monitor
• Set up a message duration monitor

Unit 17. Service level monitoring

Duration: 30 minutes
Learning objectives: After completing this unit, students should be able to:
• Identify the service level monitoring (SLM) functionality provided by the WebSphere DataPower SOA Appliance
• Implement a basic SLM policy using the Web service proxy WebGUI
• Create an advanced SLM policy using the SLM Statement construct

Unit 18. Integration with WebSphere MQ

Duration: 45 minutes
Learning objectives: After completing this unit, students should be able to:
• Create a multi-protocol gateway with a WebSphere MQ front-side handler
• Configure a WebSphere MQ back-end uniform resource locator (URL)
• Manage transactionality between WebSphere MQ queue managers

Exercise 14. Configuring a multi-protocol gateway service with WebSphere MQ

Duration: 1 hour 15 minutes
Learning objectives: After completing this exercise, students should be able to:
• Create a WebSphere MQ front-side handler (FSH) that gets messages from a queue and puts responses on a queue
• Send messages from a multi-protocol gateway service to a queue in WebSphere MQ in a fire-and-forget messaging pattern
• Configure transactionality between WebSphere DataPower and WebSphere MQ when errors occur during message processing

Unit 19. DataPower and Java Message Service (JMS)

Duration : 45 minutes
Learning objectives: After completing this unit, students should be able to:
• Describe the components of the service integration bus on WebSphere Application Server V6
• Configure a JMS front-side handler to send JMS messages to the default messaging provider in WebSphere Application Server V6
• Configure a JMS front-side handler to send JMS messages to TIBCO EMS

Unit 20. DataPower architectural scenarios

Duration: 45 minutes
Learning objectives: After completing this unit, students should be able to:
• Identify the security scenarios involved when deploying a WebSphere DataPower SOA Appliance
• Describe use cases that include the WebSphere DataPower SOA Appliance in enterprise architectures

Unit 21. Course summary

Duration: 15 minutes
Learning objectives: After completing this unit, students should be able to:
• Explain how the course met its learning objectives
• Submit an evaluation of the class
• Identify other WebSphere Education courses related to this topic
• Access the WebSphere Education Web site
• Locate appropriate resources for further study

Appendix Unit A. Web application firewall service

Duration: 45 minutes
Learning objectives: After completing this unit, students should be able to:
• Configure a Web application firewall to protect a back-end Web application
• Use a AAA policy to protect access via the Web application firewall
• Validate parameters from an HTTP request using Name-value profiles
• Protect the Web application from phishing attacks using built-in threat protection

Appendix Exercise A. Creating a firewall and HTTP proxy for a Web application

Duration: 45 minutes
Learning objectives: After completing this exercise, students should be able to:
• Use the Web application firewall wizard to create a Web application firewall
• Implement a security policy on a Web application firewall
• Create a reverse-proxy to virtualize requests to Web applications

Appendix Exercise B. Configuring WebSphere JMS

Duration: 30 minutes
Learning objectives: After completing this exercise, students should be able to:
• Identify the fields in the service integration bus configuration on WebSphere Application Server V6.0 or V6.1
that are needed to configure the WebSphere DataPower JMS object
• Create a multi-protocol gateway service that invokes the East Address Search Web service over the JMS transport



Our Courses

WebSphere
SAP
Oracle
Java
Microsoft
Tibco
PROFESSIONAL COURSES

Address

Rakesh Kumar

+91 9700330693

+1 234 200 0813

[email protected]

[email protected]