Article

For more information on BrainShare session, see:
https://www.novellbrainshare.com/slc2008/scheduler...

Access Manager

*ATT276 Customizing the User Interface in Novell Access Manager 3

Novell Access Manager 3 represents the next generation of access management and federated identity solutions. It introduces new "in-the-flow" technologies and SSLVPN functionality that broaden its access-management capabilities. It also supports a broad range of platforms and directory services. Novell Access Manager 3 lets you separate security from individual applications and Web servers, enabling single-point, policy-based authentication management and access privileges throughout the Net. Novell Access Manager 3 also includes identity-based Web security services and gives users secure authentication and access to portals for Web-based content. But hey, you know about that; but did you know that you can make it have a personal look and feel? You also want to make the user experience seamless with your existing applications and interfaces. This session covers customizing the user experience, including login, logout, errors and other pieces to make Novell Access Manager fit your personal design.

*IO181 New Features in Novell Access Manager 3.1

The Novell Access Manager 3 service pack incorporates enhancements such as enterprise-mode SSL VPN. This feature provides secure access to more applications, including file-and-print services from both Microsoft and Novell. The session also includes discussion on improved administration interface, which streamlines navigation when managing multiple devices; authentication levels, which allow Access Manager to trust a previously validated authentication that has a matching, or higher, authentication level. In addition,
the test version of Kerberos-enabled background authentication allows a single sign-on to Novell Access Manager when a user has authenticated to Microsoft Active Directory.

*TUT276 Token Authentication to Novell Access Manager

This session assumes you have a basic understanding of Novell Access Manager. The session starts with a brief overview of the architecture of Access Manager and quickly zooms in on Vasco Digipass Authentication.

We cover the functional integration first, then the installation: from FreeRADIUS integration with Novell eDirectory, over the Vasco NMAS method, to a real Novell iManager plugin.

To further understand how everything works, we will look more closely and discuss ways to troubleshoot the ensemble. Next we will discuss how to configure Novell Access Manager for Digipass Authentication.

The Vasco Digipass integration with Novell eDirectory is a great example of how you can do more with less. There is no need for an extra server or to maintain users in an extra database. The tokens are objects in eDirectory and assignments are attributes of the user object. Everything is managed through a Novell iManager snapin.
We will answer questions, such as:
- How do I provide SSO to applications that expect a password when users have authenticated with a token and did not enter a password?
- How do I set up graded authentication?
- How do I set up detailed tracing?

*TUT284 Troubleshooting Novell Access Manager

In the Netherlands, Novell has connected several universities to a central body (SurfNet) using Novell Access Manager and SAML 2 Federation properties. SurfNet functions as a hub between the universities and several content providers, making communication easier. Each party has to maintain only one connection to SurfNet to connect to an entire community of universities.

See how this was accomplished, what difficulties were overcome, how all parties involved benefit and get a live demo of the system.

If you need to convince your boss federation works, come and see this!

*TUT286 WS-Federation and CardSpace in Novell Access Manager

Novell Access Manager 3 delivers comprehensive identity federation capabilities and supports major federation standards, including SAML and Liberty Alliance. This session explores identity federation specifications and shows the benefits of using Novell Access Manager to federation-enable your services.

*TUT287 Installing and Configuring Novell Access Manager 3

Proper planning and understanding what is new can help you achieve a successful installation.

In this session you will learn how to install Access Manager and create a basic configuration. Avoid potential issues by hearing from an experienced perspective.

*TUT376 Successfully Upgrading to Novell Access Manager 3.0.1 from Novell iChain

If you are upgrading from Novell iChain to Novell Access Manager 3.0.1 proxy, proper planning and understanding new features can help you achieve a successful upgrade.

In this session, you will learn about the implementation strategies Novacoast employs for upgrades from iChain to Access Manager 3.0.1. We will discuss lessons real-word professionals have learned during actual upgrades, as well as planning, infrastructure and security requirements. Our experienced perspective will help you avoid potential upgrade issues.

BorderManager

*TUT112 Novell BorderManager 3.9 and Beyond

Novell BorderManager has been keeping systems secure and employees productive for nearly a decade. Novell BorderManager 3.9 continues this tradition by adding features that provide more advanced access control, security capabilities, administration options and a path to Linux. Attend this session to learn more about BorderManager 3.9 SP1, how to successfully upgrade from BorderManager 3.8, and how to ease the migration from BorderManager 3.9 to Novell Access Manager. We will also discuss what the future holds for BorderManager and provide answers to common questions.

eDirectory

*ATT375 Advanced Tricks and Tips for Troubleshooting Novell eDirectory 8.8

The directory's increased functionality in the network make it a critical component for management and decision-based computing. Since it is responsible for housing the various pieces that define the identity of an object and the object's security, its smooth functioning and health are paramount. This hands-on session will explore techniques for maintaining and troubleshooting Novell eDirectory. We will demonstrate techniques for solving many of the challenges facing directory engineers using the tools available to every administrator. This session will utilize a specially written version of DSClinic, made specifically for Novell eDirectory 8.8 Advanced Technical Training. We will provide a copy of ATT Novell eDirectory 8.8 for you. NOTE: This is an advanced troubleshooting class. You are expected to have experience with eDirectory and the eDirectory tools already in the product.

*BOF101 Discussion: Managing Novell Open Enterprise Server Users and Services Using Novell eDirectory

Novell Open Enterprise Server 2 makes user management a breeze with Linux User Management (LUM) and iManager-based management interfaces. With Linux User Management and Novell eDirectory, you can create and manage user profiles for all Linux resources on your network from a single administrative interface. In this session you can ask questions and better understand how Linux User Management can reduce user management costs in your organization.

*DL375 Develop Novell eDirectory Applications Using Novell Software Developer Kit (SDK)

This hands-on session will guide you through the process of developing simple tools that assist you in automating your daily administrative needs. These needs include deleting objects, checking partition status and checking the general health of the tree. You can also achieve other complex operations like mutating objects or duplicating an LDAP activity by parsing through the LDAP trace logs and re-executing the LDAP operations. You'll also gain a basic understanding of how to automate these types of tasks with hands-on labs utilizing the Novell LDAP SDK. You should be familiar with programming languages and development environments. Some of the topics we will discuss include:
- Learning about LDAP and Novell LDAP SDK
- Developing LDAP utilities to manage day-to-day administrative tasks

*TUT219 Centralized Web Application Authentication and Authorization

Implementing authentication and authorization through your Web applications normally requires the unnecessary, and sometimes unsecured, duplication of your identity store. Web applications provide simplicity for application access but not for back-end dependencies. There is a better way.

Distributing Web publishing applications and roles across an organization while maintaining a centralized authentication and authorization framework is both desirable and cost effective. Novell eDirectory, LDAP, Apache and Novell Open Enterprise Server on Linux technology can be used to provide a secure identity store solution to meet the authentication need. The marriage of NSS and its supported file system access protocols helps to complete the loop with integrated authorization services. This session deals with the security, administration, management, and user benefits that can be realized in organizations that require multiple Web publishers. A basic understanding of Apache, LDAP, NSS, and Novell eDirectory is recommended.

*TUT277 Novell eDirectory 8.8: Advanced Configuration, New Features and Tuning for Performance

In this session you will gain a greater understanding of the differences between Novell eDirectory 8.8 and previous versions. You will also learn to implement new features such as encrypted replication, priority synchronization and multiple instance installation on SUSE Linux Enterprise Server. We will provide real-world examples, as well as tips on troubleshooting, repairing and optimizing eDirectory 8.8. Additionally, we will cover tuning the eDirectory cache and managing and tuning indexes.

During the session we will also discuss updates from the various support packs of Novell eDirectory 8.8, such as performance enhancements, added platform support (such as native 64-bit support), enhanced event system for LDAP auditing and others. This session is an absolute must for anyone using or planning their upgrade to Novell eDirectory 8.8!

*TUT292 Turbo-charge Your Novell eDirectory Using LDAP Proxy

In the past few years, directory services have gained momentum in business IT solutions and the identity infrastructure of organizations. The increased success of Novell eDirectory has provided many organizations enough reason to begin exploring the potential of directory services in their environments. The Lightweight Directory Access Protocol (LDAP) proxy interface is appealing for organizations because it offers a wide range of identity information as a virtual replica, without the overhead of replicating data and propagating changes across a network.

LDAP proxy is an ideal place to configure a wide set of policies to effectively control your environment. It also acts as a single point for all your auditing needs. Attend the session to learn more about the proxy, policies, configurations and the future roadmap.
- Learn about Novell eDirectory LDAP Proxy
- Know more about various policies and configurations that will help you build a fault- tolerant implementation

General Security and Identity

*BOF176 Discussion: Selling my Boss's Boss on Novell Identity and Security Products

This discussion shares first-hand experience in addressing the most pressing challenges to delivering an Identity or Security product. These challenges include common project obstacles, requirements gathering and assessment and solution, scope and design for development and deployment of a successful identity and security management project. Participate in a moderated discussion about best practices and get tips for achieving concrete results as you learn from the experience of recent deployments.

*BOF177 Discussion: What Is a Good Password?

Because passwords remain the most popular form of user authentication, the security of most systems is dependent upon how users choose and protect their passwords. Organizations often publish password policies and guidelines to encourage their users to protect and choose good passwords. These polices and guidelines differ widely from organization to organization. So, what is a good password?

During this session there will be a brief presentation of publicly available password policies and guidelines from various organizations. You will be encouraged to discuss these and other password policies and guidelines. You will also be encouraged to suggest ways that Novell products can assist in enhancing password policies.

*BUS176 Managing the Convergence of Your Physical and Logical Security

This session will cover how real customers view the convergence of physical and logical security. It will include discussions on how to address the challenges and opportunities of building a unified security system. It also includes real-world business workflows that allow the automation of day-to-day processes such as auditing, card management, simplified login and data cleansing. We will cover return on investment, overcoming political issues, business justifications and deployment.

*BUS177 Partnering for Successful Identity Management and Security Deployments

Our partner focus in 2008 will introduce new routes to market with identity solutions in addition to innovative delivery through consulting integration partners. Mycroft, Inc. is an industry services leader in the identity space and a Novell Platinum partner. This session will provide an overview of Mycroft's project delivery with a focus on its unique methods and best practices. You will gain a greater understanding of the full lifecycle delivery process from architecture to implementation. You can apply this knowledge as you plan identity management projects within your organization or for your customers.

*BUS180 The Novell Vision of the Identity Management and Security Market: Governing Policy across the Enterprise

Identity access and security technologies continually evolve as markets, technologies and users advance. It is becoming an ever-greater challenge to govern the enterprise, meet internal and external compliance regulations and minimize risk and threats.

Learn how we address these issues today with our leading integrated identity access and security platform. You will also learn how our integration, combined with our innovative industry leadership, will influence future identity and security trends.

*BUS280 Safeguarding Business-critical Identity Management Investments: A Customer Perspective on Dos and Don'ts

You have implemented identity management solutions for your organization. However, some errant driver or implementation flaws have shown you what it means to be business-critical. So it's time to stop the madness. Come learn the best way to safeguard you identity management assets.

In the BrainShare 2007 session, "40 Drivers in 40 Weeks," W.L. Gore talked about its experiences with Novell Identity Manager driver implementations. Now with another year of day-to-day production experience, W.L. Gore will share with you its identity management business benefits and how it now safeguards its organization's business-critical identity management investments. During this session you will learn about its best practices regarding new identity management driver deployment and its process management for change control. You will also learn how, as a core component of W.L. Gore's risk management strategy, the Blackbird Groups' DeTroubler for both Active Directory and Novell eDirectory provides the right object protection, recovery and rollback should anything adversely affect their identity vault information.

*IO178 The Identity and Security Management "Fast Track" to IT Governance and Compliance

This session will get you on the “fast track” to a general (conceptual) understanding of identity and security management technologies, including the role that identity and security management can play in alleviating organizational governance and compliance pains. You will learn to more efficiently secure IT resources to define governance and achieve compliance for the organization.

The session shows how Novell Identity and Security Management products (Novell Identity Manager, Novell Access Manager, Novell Sentinel and Novell SecureLogin) work together to deliver an unmatched enterprise solution.

*IO180 Achieving Regulatory and Policy Compliance Using the Novell Identity and Security Product Line

Implementing identity and security management is one of the core components to achieving a long-term, sustainable strategy for regulatory and audit compliance. During this session you will learn how to map internal and/or external audit requirements and governmental regulations to an identity and security management strategy. Our identity and security management products will be demonstrated with various examples of audit best practices and regulations. These examples will show how to develop a governance model to achieve compliance—without significant burden.

*IO277 Endpoint to Enterprise Security Management

Threats evolve and our security measures have to change to provide protection from the desktop to the data center. IT and security teams are finding it more difficult and time consuming to maintain endpoint security and enforce enterprise security. Endpoint security tools, such as Novell ZENworks Endpoint Security Management, protect organizations from external threats by enforcing security policies on laptops, desktops and mobile devices. Enterprise security platforms, such as Novell Sentinel, protect business assets from insider threats by detecting anomalies, vulnerabilities and exploits. Together, the desktop to data center offerings from Novell provide a cost-effective, comprehensive solution to help your enterprise minimize its security risks.

In this session you will learn about detective, preventive and corrective controls that ought to be implemented in layers using a combination of open source and proprietary tools. We will show you how to protect your business assets at the edge of the network and at the hub of the enterprise.

*TUT288 The Bandit On-ramp to Identity—The Path to Better Identity Management

Organizations want to increase the effectiveness and decrease the complexity of their identity management initiatives. They need identity services that address these issues—regardless of the underlying infrastructure and vendor mix. That’s where Bandit comes in—a Novell sponsored open source project devoted to developing new identity services that will unify existing disparate identity sources.

To accomplish this objective, the Bandit project is working with the Internet identity community to develop identity models and common services for identity virtualization, authentication, roles, policy and compliance. These elements will give you a consistent way to solve higher-level identity challenges.

You must grant access to IT resources based on users’ roles within the organization, and must track and log user activities for compliance reporting. To achieve these objectives, many organizations use in-house or third-party developers to integrate their various applications. By leveraging Bandit, you can use a common identity interface layer to integrate the identity services from multiple sources and applications, simplifying secure access and compliance reporting processes.

Leveraging Bandit means no proprietary code is used, making it easy to add solutions in the future while keeping overall project costs down.

This session will describe Bandit components, development processes, and how they can be used by corporate developers to lower development cost and increase the effectiveness of their identity management systems.

Identity Manager

*ATT275 Discovering Novell Identity Manager Tools: Designer, Enforcer and Inspector

Using Novell Identity Manager helps you provision and deprovision identities faster, eliminating those tedious, labor-intensive manual procedures that usually accompany identity management. Novell Identity Manager comes with advanced tools that allow you to manage the policies, data and processes that bring your enterprise to your fingertips. This session will give you hands-on experience using Designer, Enforcer and Inspector to manage your Identity Manager environment in a more productive way. Designer will assist you in building identity and security management solutions by allowing you to design and test solutions offline in a robust graphical environment. It also helps you deploy the solution into the enterprise and produce detailed documentation describing all of the details with the click of a button. Enforcer helps you address data quality issues, and reduces the time it takes to deploy identity-driven applications by analyzing, cleaning and enhancing enterprise data. Inspector delivers a detailed view about how an identity object participates in identity management relationships.

*ATT376 Event Handling in Workflow Forms with Novell Identity Manager 3.6 Roles Based Provisioning Module

A key feature of the Novell Identity Manager User Application is workflow-based provisioning. This feature enables you to automate the approval and revocation of user access to your organization's secure resources. The new add-on Roles Based Provisioning Module for Novell Identity Manager delivers advanced workflow capabilities, allowing you to streamline your own administration. As you become more involved in managing and requesting resources, self-service capabilities become more important for increased employee productivity and reduced IT administration time. In this session, you will explore several examples of event handling to build interactive forms in Novell Identity Manager 3.6 Roles Based Provisioning workflows. You will check for a unique value in the identity vault, hide and display fields based on what the user entered, and validation of data input.

*BOF275 Panel Discussion: Novell Identity Manager Best Practices Customer Panel

This session will explore the challenges you face in identity management solutions and projects. The discussion will be moderated by key members of the Novell Secure Identity Management Community of Practice and by a panel of your industry peers.

Panel members will share their firsthand experience and address some of the most pressing challenges identity management solutions and projects face. We will discuss requirements assessment, data analysis, solution design, development and successful deployments.

*BUS175 SAP and Novell Identity Manager

Governance, risk and compliance (GRC) issues are the number one drivers of identity management projects at organizations worldwide. Leveraging open standards-based interfaces of both companies' products, SAP and Novell have teamed to demonstrate a compliance-focused identity management solution. In this session, learn how Novell Identity Manager integrates with SAP GRC Access Controls to provide a powerful solution for effectively controlling financial and IT-related risks.

*BUS275 Novell Identity Manager and Compliance in Health Care

In 2005, one of the largest hospital networks in the Midwest had a problem. It was under mounting pressure to comply with government standards, and the entire hospital system was straining because of it.

To comply with the Health Insurance Portability and Accountability Act (HIPAA), St. Vincent Health and Novell designed and implemented an identity management system that provided role-based access control at the ministry's 17 hospitals. To support this effort, St. Vincent used system access request workflows with automated provisioning to replace their paper-based user identity request process. The first phase of this project implemented the base infrastructure needed to support role-based access, including workflow, role-based entitlements and PeopleSoft, Inc. As a result of implementing Novell technologies, St. Vincent reduced its process for provisioning new users from an average of 21 days after hire to seven days before hire. This improvement gave new employees access to key clinical applications and services. Overall the company was saving an average of 28 days. Clinical staff is now fully provisioned on day one.

This session will include a live demonstration of St. Vincent’s Novell Identity Manager 3.5.1 workflow solution. You will also hear from the customer about its experience with Novell. At the end of the session, you’ll understand why St. Vincent's chose the Novell solution. You will also gain valuable insight into the many benefits the solution has provided the organization.

*BUS279 Automating Network Registration and Access with Novell Identity Manager

There’s something about the flexible design of Novell Identity Manager that spurs customers to new ways of thinking. Clemson University is a case in point. The university is a heavy user of Novell Identity Manager solutions for the dynamic community of a higher-learning institution.

When network developers at Clemson began exploring ways to fix an overloaded application used to track computers on their network, their familiarity with Novell Identity Manager provided the key. With a little help from the Identity Manager Scripting Driver, they soon devised a method to transfer management of IP address assignment and hardware recognition to the Identity Vault, the robust eDirectory object tree used by Identity Manager.

Now, whenever one of Clemson’s 40,000 users logs on to the network, the DHCP server just asks Identity Manager if the user’s IP address is registered. If it’s not, a simple self-service Web page enables users to provide their own registration information and quickly move on. But that’s only a part of the rich functionality this completely self-sustaining solution provides. This session describes the rest of its features.

*BUS283 Provisioning Microsoft Exchange 2007 with Novell Identity Manager

You will learn how Microsoft Exchange 2007 was integrated into the Novell Identity Manager solution at a government institution. This in-depth review will include key details on how to:
- Increase operational security and automation of administration
- Manage mail recipient accounts and distribution lists
- Obtain true anti-affinity to avoid placing “all the eggs in one basket” when allocating mailboxes within multiple message stores
- Achieve successful driver operation within a 64-bit Windows operating environment
- Handle event timing and process coordination with Active Directory provisioning events
- Leverage the Microsoft PowerShell from within the driver
- Enhance performance and security
- Develop best practices for Exchange 2007

Additionally, this business case study will allow you to ask Exchange provisioning-related questions of qualified experts. You will also learn more from the customer testimonial.

*IO177 What's New in Novell Identity Manager: Features and the Future

Novell Identity Manager is the most comprehensive and scalable identity management product on the market and has proven itself in major enterprises worldwide. This session will cover the latest innovations in this exciting product, including:
- Support for governance, risk and compliance via roles management and separation of duties
- Automated provisioning with full customization of workflows and support for digital signatures
- Advanced password management, including automated credential generation and provisioning
- User self-service, corporate white pages, organizational charts and relationship views
- Delegated access to administration features
- System-wide auditing and reporting
- Visual configuration tools and samples that allow you to configure your environment more efficiently, with higher quality and predictability of engagement

*IO179 Manage Access, Compliance and Risk with the Novell Identity Manager Roles Based Provisioning Module

The role-based Novell Identity Manager Roles Based Provisioning Module allows you to automate risk mitigation and achieve regulatory compliance. This product enables real-time provisioning and deprovisioning of users and access rights, automates password self service, allows users to manage the roles hierarchy and roles assignments, enforces separation of duty constraints, and provides pervasive auditing and reporting capabilities. We will discuss how you can use the Identity Manager Provisioning Module to reduce the complexity of assigning and managing permissions, to securely delegate responsibility to business owners, and to address many common business requirements related to identity management, roles, compliance and provisioning. Session discussions will include the overall capabilities of the product, the design and configuration of role-based provisioning approval flows, definition and management of roles and SoD constraints, and basic customization of the user application.

*TUT177 Analyzing, Scrubbing and Controlling Identity Data Using Enforcer for Novell Identity Manager

There are two key steps when you are deploying an identity management solution. First, you must perform an analysis to understand how data is represented in various systems; you must then scrub the data in those systems to ensure it is in the proper state before integration with the identity management system. Typically, this is a very time-consuming and tedious process, involving ad-hoc methodologies and multiple tools poorly suited to the task. In this session you will learn how to easily solve these types of data quality issues using Novell Identity Manager Enforcer, a powerful graphical tool that integrates with Designer for Identity Manager. This session will demonstrate how Enforcer can be used to analyze, remediate, enhance and control data in systems connected through Novell Identity Manager.

*TUT178 Accelerating Your Novell Identity Manager Deployments Using State-of-the-Art Identity Management Design and Configuration Tools

When deploying identity management solutions, it is important to deploy as rapidly and efficiently as possible to reduce costs, decrease project risk, increase profitability and demonstrate rapid return on investment. The Resource Kit for Novell Identity Manager is designed to help dramatically reduce the development and deployment time of Novell Identity Manager. Designer for Identity Manager provides more streamlined capabilities that allow an administrator or integrator to design and document the system in an extremely efficient and low-risk manner.

This session will focus on the Novell Identity Manager Resource Kit and will discuss the updates to Designer 3.0 for Identity Manager. You will learn how to best optimize your deployments using these powerful tools.

*TUT278 Novell Identity Manager: Advanced Tips and Tricks

Anything is possible with Novell Identity Manager. Come learn how to solve Identity Manager challenges with innovative policies. We will review Identity Manager 3.5 features that simplify what used to be complex.

We'll also outline a simple approach for making the move to Novell Identity Manager 3.5. This approach will eliminate the risk associated with changing your environment. Through the use of regular expressions, variables and embedded queries you will learn to:
- Configure the reset of derived values
- Automate referential integrity in Oracle Internet Directory
- Create Microsoft Exchange mailboxes among multiple mail stores
- Set scheduled jobs vs. work order drivers
- Create remedy tickets from a policy
- Manage multiple, similar Active Directory domain drivers using libraries
- Automate testing of your solution with IdMUnit
- And much more

A thorough understanding of Novell Identity Manager architecture and policy components is highly recommended.

*TUT279 Getting Started: Designing and Configuring the User Application for Novell Identity Manager

The User Application for Novell Identity Manager provides a Web-based interface to display and manage data in the identity vault and to provision resources using workflows. Using Designer for Identity Manager and administrative functions in the User Application you can customize the representation of the data and the creation of provisioning request definitions (workflows) for your user environment.

This session covers the basic features of the User Application and how to use the management tools to tailor these features to the needs of your users. We will demonstrate how to customize the data displayed in the User Application, how to create and deploy workflows, and also discuss the use of settings and preferences to customize look and feel of the application. The discussion will also include strategies for securing the Novell Identity Manager User Application with Novell Access Manager.

*TUT282 Regulatory Compliance for Novell Identity Manager

Regulatory compliance is a driving influence in more businesses every day. What is required to make a Novell Identity Manager implementation, and the controls it puts in place, compliant? This session, led by an Identity Manager expert and a PCI Qualified Security Assessor, will go through what is required to make an Identity Manager solution PCI compliant.

*TUT290 Options for Integrating Novell Identity Manager With Linux and UNIX Systems

Do you need tightly controlled identity management across a vast enterprise of hundreds of servers? Or, do you only want central provisioning while preserving the ability to control authentication at the local server level?

If you use Novell Identity Manager on a network with Linux or other UNIX-like operating environments, you likely have more configuration options for identity management and provisioning than you realize. Your choices between two different driver designs—Fan-Out and bi-directional—in concert with Identity Manager support for multiple open protocols (such as NSS, PAM and LDAP) ensure a decision process that focuses on the unique needs of your organization.

This session demonstrates four scenarios for configuring Novell Identity Manager drivers in any POSIX-compliant environment, each significant in its scale and division of administrative duties.

*TUT291 Troubleshooting Novell Identity Manager 3.5.x

In this session, experts will share the same field-tested and proven techniques they use every day to troubleshoot Novell Identity Manager in development and production environments. We will cover relevant aspects of Novell Identity Manager architecture, diagnostic tools, general troubleshooting strategies and specific debugging techniques. We will place emphasis on quick identification and resolution of the most commonly-encountered issues such as password synchronization.

SecureLogin

*IO182 Novell SecureLogin Overview

Novell SecureLogin 6.1 is the latest release in the Novell enterprise single sign-on (ESSO) solution, and it supports an even more comprehensive mix of systems and applications than did previous releases. New capabilities include support for Windows Vista, Novell eDirectory group support, MSI-based packaging and patching, expanded Java features, improved Citrix support and desktop automation services (DAS).

This session will give you an overview of Novell SecureLogin and its interactions with other Novell technologies, but will focus on explaining and demonstrating new features in the 6.1 release. You will also learn details about the SecureLogin roadmap, shared workstation scenarios and how it will continue to provide solutions for real-world customer requirements.

*IO276 Novell SecureLogin: Strong Authentication and Advanced Configuration

The leading enterprise single sign-on product, Novell SecureLogin 6.1, streamlines username and password submission to a full range of heterogeneous applications. It also works with Novell and partner products to protect those credentials with strong, multi-factor authentication techniques such as biometrics, smart cards, and one-time passwords.

In this introductory session, we will cover various strong authentication methods and how they are used in conjunction with the ESSO product, Novell SecureLogin. Attend this session if you are looking to add strong authentication to your environment by adding tokens, smart cards, biometrics or proximity cards. We will demonstrate integration between Novell SecureLogin and smart cards, along with generating one-time passwords (OTP) via a smart card, which replaces the older token infrastructure. We will also discuss the unification of physical and virtual security between various systems using Novell Identity Manager and Novell Identity Assurance Solution.

*TUT283 Novell SecureLogin 6.1 Cookbook—Recipes for Success

Both the beauty and the headache of Novell SecureLogin is that it can be implemented many different ways in many different environments. Does your environment include Active Directory? ADAM? Workstations that run the Novell Client? Clientless workstations? Workstations dedicated to a single user? Workstations shared by multiple users? Applications on Citrix? Java applications? Windows, Web or mainframe applications? How do you successfully implement SecureLogin with so many variables in the equation?

Come explore with Novell Technical Services some real-life examples of the many deployment scenarios in which we have seen Novell SecureLogin implemented—some successful, some not. (Names have been changed to protect the not-so-innocent.) Come away with a cookbook of specific scenarios that work, and a collection of dos and don'ts to help you write your own recipe for a successful SecureLogin deployment.

Sentinel

*ATT277 Using Novell Sentinel to Understand your Identity Events

Learn how Novell Sentinel can slice and dice identity events in your enterprise. Novell Sentinel 6 delivers comprehensive security event and information management (SIEM) through event collection and analysis, event correlation, automated incident response and compliance auditing. This session will let you be the security administrator for a couple of hours and take control of your enterprise from the hot seat. The session will review specific business cases to analyze, decipher and report on how these cases are relevant to your business. You'll have hands-on opportunities to put into practice rules to take control of identity events in your enterprise. You'll see the relevant business value that Sentinel can bring to your environment.

*DL276 Novell Sentinel Collector Development: Beyond Basic Parsing

Application logging is often an afterthought. When applications do log data, IT managers often do not consider how other applications could easily process this data. Simply parsing individual log lines doesn’t always provide the complete set of information necessary to constitute an atomic action. It is often necessary to look ahead into the log file to detect an event based on contextual accumulation of log text. It is also useful to look for log lines that occur within specific time intervals in order to detect events.

This session will explore a solution to parsing non-trivial log data. Using the Novell Sentinel 6 JavaScript collector engine and contextual parsing library, you will see several real-world log file scenarios and the techniques used to parse them. The library provides useful functions to store keyed data and uses time-based methods to process the data. This session goes beyond a simple multi-line log entry parser, to explore parsing interleaved log messages and time-based logging.

*IO278 A Vision for the Next Generation of Enterprise Security Visibility

Modern security and compliance tools, including current SIEM tools, still tend to give a fairly low-level, highly technical picture of what is occurring in your enterprise. You typically need legions of highly-skilled analysts to decipher complex data and perform forensic investigations to determine potential violations.

Novell Sentinel can overcome these problems by presenting a holistic view of what is actually happening in your enterprise. By modeling users, policies and assets, and depicting the relationships between these processes in real time, Sentinel can provide direct visibility into the security, compliance and operational status of your enterprise. Novell Sentinel offers a powerful console and powerful functions to monitor security event information that helps you keep your systems secure and compliant.

In this session, you will see how to leverage these functions. You will also see how to administer a Novell Sentinel system and create alert events. You will see how systems are being connected to the Sentinel server using the collectors and how to set them up.

*TUT280 Penetration Testing and Protecting Networks Using Novell Sentinel, Novell AppArmor and Novell Identity Manager

This session will discuss the fundamentals of network scanning and vulnerability analysis with a focus on networks based on Novell products. We will discuss vulnerabilities along with common methods used to compromise networks using open and closed source tools. This session will show common methods of compromise when dealing with Novell Open Enterprise Server for NetWare and Linux, Novell eDirectory, LDAP, firewall penetration, and Network Intrusion Detection System evasion (NIDS Evasion).

The session will also show how to implement and use Novell technologies to work with and solve these common issues. Topics covered include Novell Sentinel, Novell AppArmor and Novell Identity Manager.

Strong knowledge of TCP/IP, NetWare, Linux and Novell eDirectory is recommended.

*TUT285 Novell Sentinel Solution Packs—Applying a Business Context to Security and Compliance Tools

Organizations are facing pressure from auditors to implement an increasing number of IT controls that bring them in compliance with government and industry regulations, such as Payment Card Industry—Data Security Standard (PCI-DSS). Many organizations find they need to turn to products such as Novell Sentinel to provide them with tools like real-time correlation, reports, incident remediation with workflow, and event enrichment with business relevance data to help them implement these controls. Bridging the gap between these tools and the controls the organization needs to implement can sometimes be a difficult task as it often requires that multiple forms of content (such as correlation rules, event enrichment and reports) be used in concert to fully implement a control.

This session will discuss a new way to approach the implementation and management of IT controls. You will be introduced to the concept of a solution package, which is a prepackaged set of content that implements controls targeted at a real-world problem, such as PCI-DSS compliance. The content in a solution package is organized by control, so it is easy to determine exactly what content in the package is involved in implementing each control. Additionally, the solution package contains detailed descriptions of the content and controls, references in each control to exactly which part of the regulation it relates to, and instructions for integrating and testing the controls in the end-user environment. This targeted package of content provides a head start for those that need to implement IT controls.

You will also see new features in Novell Sentinel 6 SP2 that enable users to create and install solution packages as well as manage and report on the implementation and testing state of the package's controls.

If you need to implement IT controls for your internal organization or your clients' organizations, you will find this session useful.

Storage Manager

*IO280 Leveraging Novell Storage Manager and Novell Identity Manager for Provisioning and Compliance of Network Storage

The real-world costs associated with the day-to-day provisioning and compliance tasks for network storage resources are both real and considerable. Organizations still have to manually provision, move and deprovision storage. And what about policy enforcement and compliance as it relates to these storage resources? These are all real-world challenges and costs CIOs and IT directors face while managing network storage. Novell Storage Manager unites the identities of users and groups with their personal and group storage needs, allowing customers to completely automate the provisioning, management and deprovisioning of network storage based on storage policies defined in the directory. This session will focus on Novell Storage Manager 2.1 and new features that provide tight integration with Novell Identity Manager. These discussions will help you achieve better compliance for network storage during deployments.