Web Access Management Agent deployment table

This table describes the important configuration options for a Web Access Management (WAM) agent deployment.

For specific use case information, see Deploying for Agent Web Access Management.

Deploy PingAccess agent using the following steps:

Install PingAccess agent on web server. For more information, see instructions in PingAccess Agent for Apache Installation or PingAccess Agent for IIS Installation, depending on your specific web server.
Define the agents and download agent bootstrap.properties file using the download field in the Shared Secrets field.
Deploy the agent bootstrap.properties file to agents. For more information, see PingAccess Agent Configuration.

The rest of PingAccess deployment is similar to Web Access Management Gateway Deployment.

Step	Description
Configure the connection to the PingFederate.	PingAccess uses PingFederate to manage web session and authentication.
Configure the OpenID Connect Relying Party Client for PingAccess.	The client must be registered with PingFederate and the client credentials configured in PingAccess to identify PingAccess when requesting authentication for users trying to access web applications.
Configure Web session details to enable protection of Web Resources.	Configures settings for secure web sessions such as timeout values, cookie parameters, and cryptographic algorithms.
Generate or Import Key Pairs and configure HTTP Listeners.	Defines the certificates and keys used to secure access to the PingAccess administrative console and secure incoming HTTPS requests at runtime.
Set up your cluster for high availability.	Facilitates high availability of critical services, and increases performance and overall system throughput.
Add trusted CA certificates.	Defines trust to certificates presented during outbound secure HTTPS connections.
Create a trusted certificate group.	Provides a trusted set of anchor certificates for use when authenticating outbound secure HTTPS connections.
Define virtual servers for protected resources.	Allows one server to share PingAccess resources without requiring all sites on the server to use the same host name. If SNI is available (Java 8), specific key pairs can be assigned to virtual hosts.

Step

Description

Configure the connection to the PingFederate.

PingAccess uses PingFederate to manage web session and authentication.

Configure the OpenID Connect Relying Party Client for PingAccess.

The client must be registered with PingFederate and the client credentials configured in PingAccess to identify PingAccess when requesting authentication for users trying to access web applications.

Configure Web session details to enable protection of Web Resources.

Configures settings for secure web sessions such as timeout values, cookie parameters, and cryptographic algorithms.

Generate or Import Key Pairs and configure HTTP Listeners.

Defines the certificates and keys used to secure access to the PingAccess administrative console and secure incoming HTTPS requests at runtime.

Set up your cluster for high availability.

Facilitates high availability of critical services, and increases performance and overall system throughput.

Add trusted CA certificates.

Defines trust to certificates presented during outbound secure HTTPS connections.

Create a trusted certificate group.

Provides a trusted set of anchor certificates for use when authenticating outbound secure HTTPS connections.

Define virtual servers for protected resources.

Allows one server to share PingAccess resources without requiring all sites on the server to use the same host name. If SNI is available (Java 8), specific key pairs can be assigned to virtual hosts.