Identity Governance allows you to install other components that provide additional functionality to your deployment. These other components are optional to install. Whether you choose to install these components or not depends if you need the additional functionality these components provide.
You can choose to install and configure these components when you install Identity Governance or you can add these components after the installation. If you want to have these optional components, it is best to have the auditing and email components installed before starting the Identity Governance installation. You can install Identity Reporting or Workflow Engine on the same server as Identity Governance, or you can install them on a separate server, depending on your environment. For more information, see Section 2.3, Recommended Production Environment Installation Scenarios.
The optional components are:
Auditing: Identity Governance generates common event format (CEF) events that you can forward to an audit server to analyze the events and to create reports. These reports allow you to prove that you comply with regulations.
If you want auditing capabilities, we recommend that you install a supported audit server before starting the Identity Governance installation. For more information, see Section 2.4.6, Audit Server System Requirements.
Email Notifications: Identity Governance can send emails to people who must take action in Identity Governance or it can send emails to administrators if something is wrong with the system.
If you want to enable email notifications, we recommend that you have an SMTP server installed and running before starting the installation. If you want to guarantee the delivery of the emails, ensure that you have ActiveMQ installed on the Identity Governance server before starting the installation. For more information, see Section 3.9, Installing Optional Components.
Identity Reporting: Identity Reporting generates reports that show critical business information about various aspects of your Identity Manager configuration, including information collected from the identity services and managed systems such as Active Directory or SAP. Identity Reporting provides a set of predefined reports definitions you can use to generate reports. It also gives you the option to import custom reports.
If you are installing Identity Reporting on the same server as Identity Governance, continue with this section and gather the appropriate information in Table 6-1, Identity Governance Installation Worksheet.
If you are installing Identity Reporting on a separate server, you must install Identity Governance first and then install Identity Reporting on a separate server. For more information, see Section 7.0, Installing Identity Reporting.
If you are installing Identity Governance after you install Identity Governance, and if Identity Governance is installed on another server and its Tomcat uses SSL, you can have Identity Reporting retrieve the Identity Governance certificate even if it is running on a different server.
Workflow Engine: The Workflow Engine runs the workflow at runtime and manages the approval tasks for approvers. The Workflow Engine persists the different workflow states in the igaworkflowdb database and uses a REST service to obtain the tasks and workflow history from the Workflow Engine service.
If you are installing the Workflow Engine on the same server as Identity Governance, continue with this section and gather the appropriate information in Table 6-1, Identity Governance Installation Worksheet.
If you are installing the Workflow Engine on a separate server, you must install Identity Governance first and then install the Workflow Engine on a separate server. For more information, see Section 8.0, Installing Workflow Engine.