TIBCO ActiveMatrix Policy Manager
TIBCO ActiveMatrix™ Policy Manager enables organizations to centrally define policies across services hosted on heterogeneous SOA environments, mediated by the TIBCO ActiveMatrix™ Service Bus and through TIBCO ActiveMatrix BusinessWorks™ for authentication and authorization, encryption, logging, auditing, and service versioning.
ActiveMatrix Policy Manager separates a service's business logic from these policies and replaces policy hard-coding with more flexible rules. This separation allows organizations to apply policies uniformly across all services regardless of location or underlying technology such as Java or .NET. It also means companies can implement security, regulatory requirements, and service level agreements much faster than before because changes are no longer required to the existing applications. This results in much greater flexibility, lower costs, and the ability to deliver applications that are driven by the rules of the business.
- Policy-based runtime security to easily define, enforce and monitor security policies.
- Full range of policies for authentication, authorization, crypto, censorship, and credential mapping.
- Manage security events and exceptions within a distributed environment across both message requests and responses.
- Last-mile security – Enforce policies within the service to prevent any exposure of the message "on-the-wire."
- First-mile security – Enforce policies on the client side.
Key Features
Policy Manager and Services Console
- Easy-to-use graphical configuration of security policies for authentication (leveraging third-party products), authorization, encryption/decryption, signature/validation, credential mapping and censorship.
- Policy creation, mediation across endpoints, administration, and storage.
- Applicable for input, output, or fault processing of SOAP messages.
- Interactive where clause to preview how the policy will be applied across the SOA.
- Role-based policies.
Extensible Policies
Create fine-grained custom policies that utilize powerful tools (indexed instruments, contextual documents, drag-and-drop XPATH editor, custom actions, etc.) that leverage existing security infrastructure as needed.
Policy Monitoring
View representations of your policies across your entire SOA and the impact over the last hour and 24-hours.
Distributed Agents for Policy Enforcement and Decisions
- Command-and-control runtime components for application-specific policies.
- Lightweight, easily proliferated across the enterprise as needed.
- Efficiently combines security and management actions.
- Runtime policy enforcement and decision points distributed as-needed across the enterprise – on endpoints or clients. Agents process XML documents and take appropriate actions.
Content and Context Awareness
- Enables fine-grained security policies defined on content of SOAP header and/or body.
- Extend access control policies beyond username, password, and protected resource.
- Utilize contextual information (inherent, retrieved, or calculated) about XML requests and responses.
- Easy-to-use editor for drag-and-drop creation of XPATH expressions.
XML Encryption/Decryption and XML Signatures/Validation
- WS-Security compliant, apply to parts of message, across multiple hops.
- Transport, language, and vendor independent.
Role-Based security
- ActiveMatrix Administrator enables role-based security of the managed web services.
- Businesses can define selected views based on user roles within the organization.
- ActiveMatrix Administrator can leverage existing authentication mechanisms to verify identity.
