home
NEWS       BLOGS       FORUMS       NEWSLETTERS       RESEARCH       EVENTS       DIGITAL LIBRARY       CAREERS  
Network Computing Network Computing Powered by InformationWeek Business Technology Network

IMMERSE YOURSELF:

SOA

  |

Data Center

  |

802.11n

  |

Data Privacy

  |		 APO  |

Virtualization

  |

NAC

  |

Security

  |

Network Mgmt

  |

Enterprise Apps

  |

Storage & Servers





Old And New No vell Services Combine For A Clutch Hit In The Internet Rally

Configuration was confusing at first because a portion of the setup is accomplished via menu-based interfaces on the Novell server while other setup is performed through Novell's NWADMIN utility. After working with the product for a little while, we found that the software components that existed prior to the creation of the BorderManager suite--including the gateway, router and Internet access components--maintained their server-based configuration interfaces. The new software--including the proxy cache services and the VPN services--use Novell's newer NDS configuration tools. These tools are superior because configuration information is stored in NDS and management is performed via a single tool. The challenge with this product is remembering what gets configured and managed wher e.

Firewall Services The heart and soul of BorderManager is its firewall services. With these services, BorderManager supplies the standard packet-filtering mechanisms you would expect from any IP-based firewall solution, as well as IPX and AppleTalk packet filtering. Incoming--to the private network--and outgoing--from the network--RIP, SAP (Service Advertisement Protocol), NetBIOS and packet-forwarding filters for TCP/IP, IPX and AppleTalk are set through a menu-driven server interface. The filter interface on the server includes standard packet types in a pick list for both IP and IPX NCP (NetWare Core Protocol) and lets you create custom packet types for filtering as well.

Using NWADMIN you also can create outgoing rules to set access control filters. These filters control the access your NDS users on the private side of the network have to resources on the public side. Your clients must use the IP/IP or IPX/IP gateways for outgoing rules to be effective.

Throughput is the hallmark of an y firewall product. At this point, Unix-based products have a big edge in maturity and published benchmarks over BorderManager. You'll need to investigate BorderManager carefully to determine if it meets your stability and throughput needs.

Novell IP Gateway Novell's IP Gateway provides two circuit-level gateways--IP/IP and IPX/IP--between your network and the Internet. IPX clients on your network gain access to the world of IP via the IPX/IP gateway. Once Novell's Client32 software (included in the BorderManager package) is loaded on your client machines, the clients can connect to the IPX/IP gateway and share the single registered IP number assigned to the gateway server for Internet access.

NAT (network address translation) between IPX and IP is handled by the gateway. Similarly, you can assign unique, unregistered IP addresses to your clients and use the IP/IP gateway to send your traffic to the Internet over the single registered IP number on the server. Gateway setup and configuration is accomplished via server-based menus, but you control and manage access to the gateway via NDS. And you monitor real-time activity and view logs through an NWADMIN snap-in module.

Setup and configuration of this service was simple. If you don't have IP addresses assigned for your clients and don't want to hassle with DHCP or BOOTP services, the IPX/IP gateway is definitely worth a close look. We ran off-the-shelf Web browsers, FTP clients and telnet sessions on our IPX lab clients without missing a beat (or a packet).

Virtual Private Networking BorderManager lets you use leased, ISDN, dial-up, frame relay or X.25 connections between the VPN servers. Novell has gone to great lengths to ensure the security of your private traffic over the public network. VPN uses RSA's Diffie-Hellman key agreement protocol to ensure privacy when you exchange the public key from the master server to the slave servers. Data packets are encrypted using Ron Rivest's Cip her No.2 (RRC.2), a public domain encrypting algorithm. The data's encrypting key changes randomly at least every 1,000 packets, so even if your data encryption key is discovered, only a small part of your traffic will be exposed.

North American customers can take advantage of encryption keys of up to 128-bit lengths. For now, others will need to use a 40-bit export key. Novell has filed the paperwork necessary to gain export rights for 128-bit keys, so it's just a matter of time until 128-bit keys can be used everywhere.

Setup and management of VPN, including the original generation of the public and private keys, is handled through NWADMIN. Rekeying is possible through the same mechanism and Novell recommends that you rekey your VPN every six months for enhanced security. IP and IPX are routed through the tunnel dynamically or via static routes. If you want to use on-demand connections, you'll need to use static routes and NLSP (NetWare Link Services Protocol). RIP and SAP information will keep the co nnection open.

Because BorderManager routes IPX traffic, you can set up remote office users into the same NDS tree as your home office users. Access to IPX-based resources is controlled over the remote link the same way access is controlled locally--via NDS ACLs (access control lists).







Ready to take that job and shove it?

Function:

Keyword(s):

State:
SPONSOR
RECENT JOB POSTINGS
CAREER NEWS
10 Search Engines You Don't Know About
Go beyond Google and get vertical. These specialized search sites will help you find the business information you need -- fast.

Yahoo Profits Fall 23%, Cuts 1,000 Jobs
Ari Balogh was named to the post of chief technology officer as the companys for a "realignment" of employees.

More articles from our career center










InformationWeek U.S. IT Salary Survey 2008
Salaries for business technology professionals are falling. Here's what you need to know in order to make good hiring decisions and personal career choices. Download Today
 
ROLLING RIGHT ALONG
Follow key Network Computing Reviews from conception to completion. This Week: Holistic APM.



Network Computing Reports Emerging Enterprise Podcast Series: Secrets to Success








TechSearch
Microsite of the Week


Powerful Information at Your Fingertips



InformationWeek Business Technology Network
InformationWeekInformationWeek 500InformationWeek 500 ConferenceInformationWeek AnalyticsInformationWeek CIO
InformationWeek EventsInformationWeek ReportsInformationWeek MagazinebMightyByte and SwitchDark Reading
Digital LibraryIntelligent EnterpriseInternet EvolutionNetwork ComputingNo JitterPlug Into The Cloud
space
Techweb Events Network
InteropVoiceConWeb 2.0 ExpoWeb 2.0 SummitEnterprise 2.0 ConferenceMobile Business ExpoSoftware ConferenceCSI - Computer Security Institute
Black HatGTECEnergy CampMashup CampStartup Camp
space
Light Reading Communications Network
Light ReadingLight Reading EuropeUnstrungLight Reading's Cable Digital NewsConstantinopleInternet EvolutionPyramid Research
Heavy ReadingLight Reading Live!Light Reading InsiderEthernet ExpoOptical ExpoTeleco TVTower Technology Summit
space
Financial Technology Network
Advanced TradingBank Systems & TechnologyInsurance & TechnologyWall Street & TechnologyAccelerating Wall StreetBank Systems & Technology Executive SummitBuyside Trading SummitInsurance & Technology Executive Summit
space
Microsoft Technology Network
MSDN MagazineTechNetThe Architecture Journal
space


App Infrastructure   |   Messaging & Collaboration   |   Network & Systems Mgmt   |   Network Infrastructure   |   Security  |   Storage & Servers   |   Wireless   |   Enterprise Apps
About Us  |  Contact Us  |  Site Map  |  Technology Marketing Solutions  |  Advertising Contacts  |   Briefing Centers
Copyright © 2008  United Business Media LLC  |  Privacy Statement  |  Terms of Service  |  Your California Privacy Rights