RSS |
 |
| W O R K S H O P | |
|
|
|
Authentication at Its Finest October 16, 2000 |
||
|
|
A discussion about Novell NetWare security would be incomplete without mentioning NMAS (Novell Modular Authentication Services). There are two reasons why a company would want to implement this technology: Passwords aren't strong enough and alternatives are required, or management wants to restrict access to certain data based on "sequence" and "clearance" levels. The sequence defines what method or methods of authentication must be satisfied before authentication is granted. Many sequences are available: Biometric, token, X.509, password and smart cards are but a few. Novell coins the collective of these sequences as "something we are," "something we have" and "something we know." Within the parameters of a sequence, users can then decide upon a given clearance. A user's clearance determines what authentication will be granted him or her to individual NSS volumes, based on predefined policies. While currently only NSS (Novell Storage Services) volumes can be restricted with NMAS, more granularity is expected in the future, giving the same type of graded security to all NDS objects. We tested one biometric device, one token-based device, an X.509 key and a simple NDS password. Identix sent us a demo of its MT Digit fingerprint reader, and Vasco Data Security sent us a demo of the Digipass 300 challenge-response token device. Both of these devices proved formidable for securing authentication. Novell provides other methods of authentication with the NMAS product, of which we tested an X.509 certificate with our private key being accessed from disk and a simple NDS password. Individually and in combinations, authentication was quick and painless. For a list of Novell partners coding for the NMAS product, see www.novell.com/products/nmas/partners/.
|
|
|
|
PAGE: 1 I 2 I 3 I FIRST PAGE |
||
Best of the Web
Data deduplication: Declawing the clones
Data deduplication is emerging as a critically important new arrow in the storage administrator's quiver to answer hard questions about the increasing problem in storage growth costs.
Compression, Encryption, Deduplication, and Replication: Strange Bedfellows
One of the great ironies of storage technology is the inverse relationship between efficiency and security: Adding performance or reducing storage requirements almost always results in reducing the confidentiality, integrity, or availability of a system.
WAN Optimization Whitelists and Blacklists
Optimization is a fantastic way of saving money and creating really happy customers at the same time, but it doesn't work flawlessly for all applications.
WAN Optimization as a Managed Service: It's Not About the Cost
This insight examines how organizations outsourcing their WAN optimization initiatives to a third-party go about achieving their goals for application performance, reducing operational costs, and streamlining enterprise infrastructure.
