Back to article
Novell Takes Enterprise Security Focus
Novell's LinuxWorld Moves
February 16, 2005
Novell is using the platform of this week's LinuxWorld show to roll out a string of products and open source activities aimed at boosting Linux security, in many cases to enterprise levels.
Related announcements range from "Novell Security Manager, powered by Astaro" to CAPP/EAL4+ security certification; a major data center Linux initiative; the security-enhanced, dual-kernel Open Enterprise Server; and Novell's contribution of some of its eDirectory code to the FreeRadius and Samba open source projects.
The initial release of Novell Security Manager is simply a re-branding of Astaro's current appliance, said Mark Ward, a product line manager at Novell, in an interview with LinuxPlanet.
"But we're in engineering discussions with Astaro right now. Going forward, we expect we'll be integrating technologies from Novell in areas where Astaro might be a little bit lacking today," according to Ward.
For the moment, the Linux-based Astaro appliance is best suited to SMBs, Ward said. The appliance combines "easy set-up" with firewall and VPN protection; URL filtering; and virus, spam, and e-mail control, he contended.
But over time, he added, Astaro will start to take on some of the characteristics of Novell's BorderWare, a NetWare-based enterprise security product, now over ten years old, that brings together firewall protection with VPN-enabled Internet access control.
"Probably the biggest piece of that is the ability to scale," he noted. Novell is looking at replacing Astaro's Squid proxy technology with SSL and proxy cache services from BorderManager.
Will Novell ultimately phase out BorderManager? No decision has yet been made, according to Ward. "But as (Astaro) starts to take on more of BorderManager's capabilities, some users might begin to find the Linux product a little more attractive."
Meanwhile, the eDirectory code being donated to FreeRadius and Samba is for secure authentication, said Tim Harris, also a Novell product line manager, in another interview with Linux Planet. "eDirectory has more seats on the market than any other directory. Security is one of its main differentiators. It has a very good track record there," according to Harris.
Essentially, he maintained, the code from Novell "overcomes one of the shortcomings of LDAP'" by providing a series of LDAP extensions that require use of an encrypted tunnel for authentication, never allowing user names and passwords to be put out over the wire. "It is a series of libraries that allow you to leverage universal password APIs," he elaborated.
For wireless authentication, the next edition of Novell's eDirectory will ship with FreeRadius, according to the product line manager.
Novell has also been donating other code to the open source community, Harris pointed out. "In a spirit of openness, we've been going through our software to find out which code makes the most sense to contribute," he told LinuxPlanet.
Also at LinuxWorld, for example, Novell has introduced the Hula Project, a communication and collaboration project based around NetMail. As part of this project, NetMail's core components will be open sourced.
Back in the security space, Novell and IBM have announced EAL4+ certification for SuSE Linux Enterprise Server (SLES) 9, as well as compliance with the Department of Defense-mandated Common Operating Environment (COE) on IBM's eServers.
Novell has also delivered Open Enterprise Server, a dual-kernel server--loosely targeted at aiding NetWare to Linux migration--for providing secure file, print, management, collaboration, and application services on Linux and NetWare.
Supported by hardware and chip makers that include IBM, Intel, HP, Dell and AMD, Open Enterprise Server has enjoyed more than 7,000 downloads since it entered beta in December, according to officials. ISVs expected to announce tools and applications for the server include virus specialists McAfee and Trend Micro, along with Veritas; BakBone Software; CommVault Systems; and Synscort.
Also, in a sweeping new data center initiative, Novell has announced that it plans to provide a wide spectrum of new capabilities in the areas of enterprise security, systems management, virtualization, application infrastructure, and clustering and high availability.
Under the initiative, Novell expects to add new features throughout the computing stack, for operating "mission-critical" enterprise applications such as ERP and CRM on Linux. YaST, a tool inherited through Novell's acquisition of SuSE Linux, will be used for enterprise systems management in the data center.
Novell will also support Xen, an open source virtualization technology, in its data center products, as well as in the next editions of SLES and SuSE Linux Professional. Through the use of Xen, multiple operating systems can be run on the same server. Novell's virtualization partners will also include Egenera, Levanta, Virtual Iron Software, and VMWare, officials said.
Deals between Novell and Unisys, SGI and PolyServe will also support the data center initiative. For example, in an annoucement issued today, Novell will now start to resell PolyServe's Matrix Server software for virtual storage and clustering.