IAG-1959 DataPower Web and Mobile Gateway – How to Lower

IAG-1959 DataPower Web and
Mobile Gateway – How to Lower
Costs and Improve Efficiencies
Timothy Smith
DataPower Lead Engineer
Sr Sw Eng, IBM
Anil Ambati
WAS Component Lead
Software Engineer, IBM
© 2014 IBM Corporation
Please Note
IBM’s statements regarding its plans, directions, and intent are subject to change
or withdrawal without notice at IBM’s sole discretion.
Information regarding potential future products is intended to outline our general
product direction and it should not be relied on in making a purchasing decision.
The information mentioned regarding potential future products is not a
commitment, promise, or legal obligation to deliver any material, code or
functionality. Information about potential future products may not be incorporated
into any contract. The development, release, and timing of any future features or
functionality described for our products remains at our sole discretion.
Performance is based on measurements and projections using standard IBM
benchmarks in a controlled environment. The actual throughput or performance
that any user will experience will vary depending upon many factors, including
considerations such as the amount of multiprogramming in the user’s job stream,
the I/O configuration, the storage configuration, and the workload processed.
Therefore, no assurance can be given that an individual user will achieve results
similar to those stated here.
2
Session Overview
• WebSphere™ DataPower Overview
• A Case for Consolidation
• Link Aggregation
• WebSockets
• JSON and GatewayScript
• Patterns
• Caching
• HTTP Enhancements
• Application Optimization Feature
• Self Balancing
• Intelligent Load Distribution
• On Demand Router
3
DataPower Gateway Appliances
Over a decade of innovation & over 2000 worldwide installations
Government
Agencies and ministries
Defense and security organizations
Crown corporations
Banking
Majority of the big US and European banks
All of the big 5 Canadian banks
Numerous regional banks and credit unions
Insurance
Used by 95% of top global insurances firms
SaaS providers, ASPs, regulators, etc.
Many, many, more
Healthcare, Retailers
Utilities, Power, Oil and Gas
Telecom, Airlines, …
4
DataPower Family
Service Gateway XG45






Entry-level device, slim footprint (1U)
Security gateway (AAA, XML threat, etc)
Service level management and monitoring
Intelligent load distribution & dynamic routing
Lightweight integration functions (optional)
Available in Virtual Edition
Integration Appliance XI52
B2B Appliance XB62









High density 2U form, XG45 functionality plus
“Any-to-Any” conversion at wire-speed
Bridges multiple transport protocols
Mainframe integration & enablement
Available in Virtual Edition
High density 2U form, XI52 functionality plus
B2B Messaging (AS1/AS2/AS3/ebMS)
Trading Partner Profile Management
B2B Transaction Viewer
Engaging Enterprise
DataPower Web Gateway for Security and Connectivity
Public Cloud
Master Data
Management
Private Cloud
Big Data
Enterprise
DMZ
APP
Mobile, PoS,
ATMs
APP
Service
DB
Service
DMZ
APP
APP
DB
APP
DB
Internet
Internet
Social &
Internet Data
sources
API
Internet of Things
Sensors
Developer & Customer
communities
Secure appliances
enable controlled &
optimized access to
enterprise resources
6
Secure appliances
integrate
apps/data/services and
partners while controlling
and optimizing
transactions
Trading partner
communities
DataPower Web Gateway Strategy
Enable additional use-cases with a single, policy-driven converged gateway
Focus so far
Web Service
Gateway
•
•
•
•
DMZ-ready
Security
gateway (AAA,
XML threat)
Service level
management
and monitoring
Intelligent load
distribution &
dynamic routing
Expanded focus
Integration
Gateway
•
•
•
“Any-to-Any”
conversion at
wire-speed
Bridges multiple
transport
protocols
Mainframe
integration &
enablement
B2B Gateway
•
•
•
•
DMZ-ready
B2B Messaging
(AS1/AS2/AS3/
ebMS)
Trading Partner
Profile
Management
B2B
Transaction
Viewer
Web
Application
Gateway
•
•
•
•
•
DMZ-ready
First-class
integration with
WAS
Cache response
content
Web application
security
Traffic mgmt
On-premise
API
Management
•
•
•
•
DMZ-ready
Web API
security
Monitor API use
Enforce API
consumption
policies
Form factors
Physical Appliance for hardware performance & security
Virtual Appliance for deployment flexibility
7
Mobile
Application
Gateway
•
•
•
•
DMZ ready
Mobile
application
security
Support
Worklight
mobile platform
Monitor and
control mobile
app access
WebSphere™ DataPower Elastic Web Gateway
Build a simple, robust, performant, secure, fast TTV, low TCO, policy-driven gateway
with consistent enforcement of business methodologies across a broad set of
application traffic patterns focused on these business priorities:
SECURE your mobile application from advanced threats
INTEGRATE with backend systems to deliver the data
OPTIMIZE the data, transport and delivery of your application
SCALE with intelligent load distribution and self-balancing
RESILIENCE of the application delivery infrastructure
CONSOLIDATE and simplify your infrastructure footprint
GOVERN and enforce policy, such as quality of service
MONITOR and analyze to empower decision making
8
Infrastructure -- Complex, Fragmented, and Brittle
Internet
DMZ
IP-Based
Load
Balancing
Link
Aggregation
Trusted Domain
SSL
Offloading
Link
Aggregation
System z
Web Sockets
IP-Based
Load
Balancing
Consumer
Authentication Access
Control
Transformation
Application
Caching
Identity
Federation
Consumer
Protocol
Mediation
Monitoring
Caching
Application
Validation
Traffic
Shaping
JSON
9
Discussed
Use DataPower to Consolidate your Infrastructure
Internet
DMZ
Trusted Domain
System z
Application
DataPower
Consumer
Application
Trading partners
10
Benefits of Consolidation
TCO dramatically reduced
• Fewer boxes to purchase
• Fewer boxes to keep current, manage, and
configure
• Reduction in separate learning curves for
each hardware and software package
Network infrastructure simplified
• One tier of appliances versus a collection of
networking equipment, appliances, and
specialized software packages.
Performance enhanced
• Fewer network hops means fewer trips up
and down protocol stacks
– Lower Latency
– Higher throughput
Better security with a secure device.
١١
Link Aggregation (New in 7.0)
Make multiple physical interfaces act as
one logical interface
• Simplify your configuration
• Increase your bandwidth
• Add high availability automatically
Characteristics
•
•
•
•
Any number of physical interfaces
Treated as a single logical interface
Failover occurs without disruption
** Must be consistent with network design
12
Link Aggregated DMZ Pattern
Redundancy With Multiple NICs – Non-Aggregated
NICs
Load Balancer
Group
Front Side
Protocol Handlers
IP 1
NICs
IP 3
MPGW Service
IP 2
IP 4
Complex Routing Table
Redundancy With Multiple NICs – Using Link Aggregation
NICs
Load Balancer
Group
Front Side
Protocol Handler
NICs
2
1
IP 1
IP 2
MPGW Service
Simplified Routing Table
Aggregation 1
3
1. Single IP per aggregation
2. Single Front Side Handler
3. Simplified Routing Table
13
1
Aggregation 2
WebSockets in DataPower (New in R7.0)
WebSockets (RFC 6455) – Client to server direct connectivity
• Full Duplex connection
– Server can send to client without waiting for a request
– Good for mixing video with text
– Good for gaming interactions
• Supported by all major browsers
• 2 Stage setup
– Initial stage is with an HTTP exchange
– Once negotiated, existing connection is used as a bi-directional pipe
14
WebSockets – DataPower Implementation
During negotiation
• Full multistep capabilities (e.g. AAA, SLM concurrent request, etc.)
available on initial upgrade request
Once WebSocket handshake completed
• Request and Response rule processing is bypassed
• SSL characteristics remain unchanged
– SSL Proxy Profile for Front and Back side continues
• Optional inactivity timeout will break TCP connection to client and
server
Can override configuration via stylesheets or GatewayScript
•
•
•
•
var://service/http/websocket-upgrade (read/write)
Only valid in request rule
DP sets to ‘1’ when upgrade request is received
May write to ‘0’ to disable upgrade.
15
WebSockets Config
Configured via HTTP or HTTPS
front side protocol handler
• ‘HTTP version to client’ -- must
be set to HTTP 1.1
• ‘HTTP 1.1’ allowed version must
be enabled
• ‘GET’ method must be enabled
• ‘Allow WebSocket Upgrade’
must be enabled
• ‘WebSocket Idle Timeout’
(optional) 0 – 86400 seconds
– 0 is no timeout (default)
16
Extended HTTP Support (New in V7.0)
Proxy Support for Extended Methods and Status Codes
• Custom Method support:
– Includes methods not defined or reserved in HTTP 1.1 Specification
– Only in MPGW
– var://service/protocol-method (read and write) populated upon request
reception.
– Custom method may be set or proxied from front end to back.
– Once enabled, ALL custom method values must be addressed
– No support for the following:
– side calls (dp:urlopen())
– Header Rewrite action
– SLM, Count, Duration or other monitoring based on ‘custom’ method name
• Custom Status Code support:
– Includes status codes not defined or reserved in the HTTP Specification
– 0XX through 9XX (Updated in 7.0); Does not include 1XX series responses
– Write via x-dp-responsecode or service variable.
17
Extended HTTP Support – Enable Custom Methods
Enable custom
method handling
on the Front Side
Protocol Handler
Select to allow
custom methods
to be processed.
18
Extended HTTP Support – Matching Action
Matching against a custom Method
• Select ‘custom’, and provide the custom method name
• Matching action accepts no wild cards
Select ‘custom’
Specific method
name to match.
(case insensitive)
19
JSON Processing in DataPower
JSON is a critical technology for Web 2.0 and Mobile Apps
Use DataPower to secure and manipulate any JSON payload
• Schema Validation
• JSONiq
• GatewayScript
DP 7.0
JSON threat protection
DP 6.0
DP 5.0.0
GatewayScript R1
(JavaScript based)
DP 3.8.0
JSON schema validation
High speed JSON parsing
JSONiq - extract, filter, query,
transform
Ensure JSON is well-formed
Native JSON no XML required
Generic JSON to XML (JSONx)
REST Policy Framework
Web and Mobile Patterns
Web Proxy Enhancements
20
Focus on Input and
Output
JSON Schema Validation (6.0)
Verify the integrity of your JSON payload
Payload:
{ " name"
JSON Schema:
: " John Smi t h" ,
" sku"
: " 20223" ,
" pr i ce"
: " 23. 95" ,
{
"type": "object",
"properties": {
"name": { "type": "string" },
"sku": { "type": "string" },
"price": { "type": "number" },
"shipTo": {
"type": "object",
"properties": {
"name": { "type": "string" },
"address": { "type": "string" },
"city": { "type": "string" },
"state": { "type": "string" },
"zip": { "type": "string" }
}
},
"billTo": {
"type": "object",
"properties": {
"name": { "type": "string" },
"address": { "type": "string" },
"city": { "type": "string" },
"state": { "type": "string" },
"zip": { "type": "string" }
}
}
}
" shi pTo" : { " name" : " Jane Smi t h" ,
" addr es s" : " 123 Mapl e St r eet " ,
" ci t y" : " Pr et endvi l l e" ,
" st at e" : " NY" ,
" zi p" : " 12345" },
" bi l l To" : { " name" : " John Smi t h" ,
" addr es s" : " 123 Mapl e St r eet " ,
" ci t y" : " Pr et endvi l l e" ,
" st at e" : " NY" ,
" zi p" : " 12345" }
}
}
21
JSONiq Query Example (6.0)
• An SQL like language for transforming JSON
• Example: Query all people who made purchases of at least $100
Input:
[{
{
{
{
{
{
" gi
" gi
" gi
" gi
" gi
" gi
ven"
ven"
ven"
ven"
ven"
ven"
:
:
:
:
:
:
"J ohn" ,
" Al i c e" ,
" J ohn" ,
" Bob" ,
" Sc ot t " ,
" J i m" ,
"s ur name"
" s ur name"
" s ur name"
" s ur name"
" s ur name"
" s ur name"
:
:
:
:
:
:
"Smi t h",
" Br own" ,
" Smi t h" ,
" Gr een" ,
" J ones " ,
" Lee" ,
"s ku"
" s ku"
" s ku"
" s ku"
" s ku"
" s ku"
JSONiq transform:
dec l ar e opt i on j s oni q- ver s i on " 0. 4. 42" ;
f or $x i n j n: member s ( . )
wher e $x( " pr i c e" ) >= 100. 00
or der by $x( " s ur name" )
r et ur n c onc at ( $x( " gi ven" ) , ' ' , $x( " s ur name" ) ,
' 
 ' )
Output:
Al i c e Br own
Bob Gr een
Sc ot t J ones
J ohn Smi t h
22
:
:
:
:
:
:
" 20223" ,
" 54321" ,
" 23420" ,
" 90231" ,
" 54321" ,
" 89820" ,
" pr i
" pr i
" pr i
" pr i
" pr i
" pr i
c e"
c e"
c e"
c e"
c e"
c e"
:
:
:
:
:
:
23.
199.
104.
300.
199.
46.
95} ,
95} ,
95} ,
00} ,
95} ,
50} ]
GatewayScript (New in 7.0) – the Right Tool for the Right Job
Debugger
GatewayScript Action
•
•
•
•
•
‘INPUT’
context
Context Variables
JavaScript Based
Familiar and friendly APIs
Secure execution
Native JSON manipulation
Comprehensive access to
DataPower libraries and
internal variables
• Modular, extendable
foundation
• Very high performance
• For more details, please
join session IAG1760
V
1
V
2
error()
Console
(log)
…
V
n
Body
Meta data
modules /
libraries
‘input’ readAs….()
context
GS Action
write() ‘output’
context
‘named’
context
metadata
‘named’
context
Utilities
Logging
JavaScript Engine
23
Testing
DataPower Templates and Patterns
Too much choice may not be a good thing
• Limit the configuration options to only the important things.
• Make a pattern to enforce consistency
• Make an overlay of default configuration options
24
DataPower Side Caching
Documents that are retrieved off box
•
•
•
•
Schemas
Transforms
Other documents
Held in Document Cache



transform.xslt
schema.dtd
...
2 3
1
4
5
User
Client
Improved
Response
Time
DataPower XI/XG/XB
Appliances
25
Provider
Static/Dynamic Content Back-end Caching (6.0)
Investments in caching on-box
• Take advantage of the larger memory space



picture.jpg
index.html
...
DataPower XI/XG/XB Appliances
GET /picture.jpg HTTP/1.1
1
Large Response Time
2
3
User
Client
Improved
Response
Time
Web Server
26
Response Caching (V6)
'Document Cache‘ (Pre-6.0)
• Existing, 'on-box' cache for caching responses to HTTP(S) GET
side-call requests
Expanded functionality of 'Document Cache‘ (6.0)
• Cache more data 'on-box' with 7198/7199 hardware platforms
• Improved observation of HTTP 1.1 Cache-Control headers
– Operate on conditional requests (If-Modified-Since)
– RESTful cache invalidation (Put and Post requests)
• Specify a cache key different than URL (x-dp-cache-key)
• Optionally, return stale documents
27
Application Optimization
and
Intelligent Management
28
What is the Application Optimization Feature?
The Application Optimization (AO) feature for DataPower
includes a collection of functions that are intended to consolidate
the required components for an ESB or DMZ device into a single
product.
AO contains the following major components.
• Self Balancing
• Intelligent Load Distribution (Load Balancer Group per Cluster)
• On Demand Router – Super Load Balancer (Cell Basis)
29
DataPower AO – Self Balancing
Eliminates the need for Front Side Load Balancing (3.8.0)
High Availability; Gratuitous ARP takeover (4.0.2)
Additional Distribution Algorithm (6.0)
Front-end IP
load balancers
not needed for
AO workloads
IP-Based
Load
Balancing

Active/Active
failover using
standby control
(4.0.2)
Service
Provider
Clients
Failure of target
appliances are masked
by appropriate weighted
distribution
Self balancing (IP
spraying)
s
30
DataPower AO – Intelligent Load Distribution (3.8.0)
Used for Non-WebSphere Back ends
•
•
•
•
Dynamic Configuration – XML Topology Document
Session Affinity – Active and Active-Conditional
Weighted Least Connections
Configured on a per Load Balancer Group basis
Topology
Information
Clients
Non -WebSphere
Service Providers
DataPower performs
dynamic back-side
routing and load
distribution (leveraging
dynamic information
from back-ends)
31
Unified On Demand Router (ODR) Strategy
ODRLIB is a common C library which is
used by both:
1) DataPower physical and virtual
appliances; and
2) WebSphere web server plugin for
Apache/IHS
DataPower
w/ ODRLIB
ODRLIB is the single strategic web-based
connector to the WebSphere
Application Server
Application
Servers
WAS ND Cluster
AppServer
Tier
ODRLIB
WebSphere
Connector
Advantages:

Use of the single premier WebSphere
connector

Increased resilience/quality/ease-of-use

Ease of migration between offerings
IHS/Apache
w/ ODRLIB
32
AppServer
Tier
DataPower plus Intelligent Management (IM) Overview
IM REST service
Application
Cluster
WebSphere
Application
Cell 1
Servers
WAS ND Cluster
DataPower w/ AO
Virtual or Physical
IM REST service
Application
Cluster
The IM REST service is automatically
available in the Deployment Manager
and in each nodeagent on the
XD_AGENT port of WebSphere 8.5.5+.
DP/AO fails over the REST control
traffic to another IM service for highly
available connectivity to WebSphere.
Legend:
HTTP request traffic:
REST control traffic:
33
WebSphere
Cell N
Connecting DataPower to WebSphere 8.5.5+
1) No changes to WebSphere (i.e. no applications to install)
2) For each WebSphere cell with security enabled, the following is required:

WebSphere's SSL certificate to SSL Proxy Profile in DataPower

Connector end point (hostname, XDAGENT_PORT) of node agent /
DMGR
Application
Servers
WAS ND Cluster
Click here to
to add a new
connector group
for each
WebSphere
cell
34
Intelligent Management REST Service Ports
Application
Servers
WAS ND Cluster
35
Intelligent Management Features Overview
1) Automatic
routing
‒ Automatically discovers and recognizes all changes which affect routing:
server/cluster create/start/stop/delete, application install/start/stop/uninstall, virtual
host updates, session affinity configuration changes, dynamic server weight
Application
Servers
changes, etc.
WAS ND Cluster
‒ Lower administrative overhead. Simply connect a cell and go. When new
clusters are created in target cells, no configuration change is required in
DataPower, i.e. no need to create a new load balancer group.
‒ Efficient & responsive delta processing in DataPower when changes occur in a
WebSphere cell
R
OD
or
ect
n
n
Co
Deployment
Manager
ODR Library
SERVICE
Cluster 1
Cluster 2
ODR-LBG
XML FW
MPGW
WAF
…
Cluster 3
36
Intelligent Management Features Overview (continued)
2) Application edition routing
‒ Continuous availability was supported during atomic/group hard/soft rollout
(previously supported)
‒ Validation mode, application edition routing rules, multiple concurrently active
Application
Servers
editions (newly supported)
WAS ND Cluster
Cluster 1
Edition 1.0
DataPower w/ AO
Virtual or Physical
Edition 2.0
Cluster 2
37
Intelligent Management Features Overview (continued)
3) ODR-enforced health policy support
‒ Excessive Response Time
‒ Excessive Request Timeout
Application
Servers
WAS ND Cluster
38
Intelligent Management Features Overview (continued)
4) Node and server maintenance mode
‒ When a node or server is placed into maintenance mode, application
optimization automatically routes appropriately
Application
Servers
WAS ND Cluster
Node 1 in normal mode
DataPower w/ AO
Virtual or Physical
Node 2 in maintenance mode
Route only requests with affinity to
Node 2 while in maintenance mode.
Also observe server maintenance
mode
39
Intelligent Management Features Overview (continued)
5) Multi-cell routing
‒ Application Optimization automatically routes to
different applications in multiple cells
‒ Routing to the same application in multiple cells
is not yet supported
Cell 1
Application
Servers
WAS ND Cluster
Deployment
Manager
Cell 2
Cluster 1
Cluster 2
Cluster 3
DataPower w/ AO
Virtual or Physical
Cell 3
40
Intelligent Management Features Overview (continued)
6) WLOR (Weighted Least Outstanding) load balancing
‒ Evens out response times due to dynamically changing weights
‒ Quick to send less traffic to slow or hung servers
Application
Servers






WAS ND Cluster
Example
Example
server1
server1isisresponding
responding10
10times
times
more
morequickly
quicklythan
thanserver2
server2
DWLM
DWLMadjusts
adjustsweights
weightstoto20
20and
and22
DP
DPsends
sends100
100times
timesas
asmany
many
requests
to
server1
than
requests to server1 thantotoserver2
server2
server1
Healthy and
responding
Quickly
weight=20
DataPower with
Application Optimization
server2
Sick and
responding slowly
or not at all
weight=2
41
DWLM
DWLM
controller
controller
dynamically
dynamically
adjusts
adjusts
weights
weights
Intelligent Management Features Overview (continued)
7) Highly-available REST-based control connection to WebSphere
‒ DMZ-friendly
‒ no application to install or additional configuration required
‒ REST-based service automatically available in WAS 855 dmgr and nodeagent
Application
Servers
‒ plugin fails over when needed
WAS ND Cluster
RESTful
RESTfulcontrol
control
connection
connectionfail
failover
over
DataPower with
DataPower with
Application
Application
Optimization
Optimization
Deployment
Manager
1
2
Node Agent 1
Node Agent 2
42
ODR Features Not Yet Supported by DataPower
1. Load balancing or failover between cells for the same application

Same application means same <virtualHost,virtualPort,contextRoot>

Different applications in different cells IS supported
Application
Servers
2. CPU or memory overload protection
WAS ND Cluster
3. Request prioritization
‒ No queuing and re-ordering of requests based on service policies
4. Highly available deployment manager
5. Application edition-aware caching
6. Per-request conditional tracing
43
Questions?
44
We Value Your Feedback
Don’t forget to submit your Impact session and speaker
feedback! Your feedback is very important to us – we use it to
continually improve the conference.
Use the Conference Mobile App or the online Agenda Builder to
quickly submit your survey
• Navigate to “Surveys” to see a view of surveys for sessions
you’ve attended
45
45
Thank You
Legal Disclaimer
• © IBM Corporation 2014. All Rights Reserved.
• The information contained in this publication is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained
in this publication, it is provided AS IS without warranty of any kind, express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are
subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this publication or any other materials. Nothing
contained in this publication is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and
conditions of the applicable license agreement governing the use of IBM software.
• References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or
capabilities referenced in this presentation may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to
future product or feature availability in any way. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you
will result in any specific sales, revenue growth or other results.
• If the text contains performance statistics or references to benchmarks, insert the following language; otherwise delete:
Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will
experience will vary depending upon many factors, including considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage
configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here.
• If the text includes any customer examples, please confirm we have prior written approval from such customer and insert the following language; otherwise delete:
All customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual environmental costs
and performance characteristics may vary by customer.
• Please review text for proper trademark attribution of IBM products. At first use, each product name must be the full name and include appropriate trademark symbols (e.g., IBM
Lotus® Sametime® Unyte™). Subsequent references can drop “IBM” but should include the proper branding (e.g., Lotus Sametime Gateway, or WebSphere Application Server).
Please refer to http://www.ibm.com/legal/copytrade.shtml for guidance on which trademarks require the ® or ™ symbol. Do not use abbreviations for IBM product names in your
presentation. All product names must be used as adjectives rather than nouns. Please list all of the trademarks that you use in your presentation as follows; delete any not included in
your presentation. IBM, the IBM logo, Lotus, Lotus Notes, Notes, Domino, Quickr, Sametime, WebSphere, UC2, PartnerWorld and Lotusphere are trademarks of International
Business Machines Corporation in the United States, other countries, or both. Unyte is a trademark of WebDialogs, Inc., in the United States, other countries, or both.
• If you reference Adobe® in the text, please mark the first use and include the following; otherwise delete:
Adobe, the Adobe logo, PostScript, and the PostScript logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, and/or other countries.
• If you reference Java™ in the text, please mark the first use and include the following; otherwise delete:
Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both.
• If you reference Microsoft® and/or Windows® in the text, please mark the first use and include the following, as applicable; otherwise delete:
Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or both.
• If you reference Intel® and/or any of the following Intel products in the text, please mark the first use and include those that you use as follows; otherwise delete:
Intel, Intel Centrino, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and
other countries.
• If you reference UNIX® in the text, please mark the first use and include the following; otherwise delete:
UNIX is a registered trademark of The Open Group in the United States and other countries.
• If you reference Linux® in your presentation, please mark the first use and include the following; otherwise delete:
Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Other company, product, or service names may be trademarks or service marks of
others.
• If the text/graphics include screenshots, no actual IBM employee names may be used (even your own), if your screenshots include fictitious company names (e.g., Renovations, Zeta
Bank, Acme) please update and insert the following; otherwise delete: All references to [insert fictitious company name] refer to a fictitious company and are used for illustration
purposes only.
47