Start Your Engines
Web Acceleration with SuperLumin on Novell Open Enterprise Server
Written by Ken Baker
Novell BorderManager has been around for well over a decade—giving NetWare users perimeter security with robust Internet access controls, firewall services, content filtering functions and proxy and cache services. But as NetWare customers have moved to take advantage of the advanced features in Novell Open Enterprise Server on Linux, they haven’t had a BorderManager equivalent. That has now changed. Novell has announced that SuperLumin Networks will be providing the preferred BorderManager replacement with its SuperLumin Nemesis Web acceleration product. In fact, Novell has entered into an agreement with SuperLumin to make SuperLumin Nemesis available on the Novell pricelist and to enable Novell to provide front-line support to its customers for the next two years.
Transitioning BorderManager capabilities to a trusted partner allows Novell to put more focus on its collaboration offerings, while allowing its customers to deploy a best-in-class perimeter security and proxy cache product from an expert in that field.
Many customers might wonder about the rationale behind it. In essence, it comes down to a two-fold answer. Transitioning BorderManager capabilities to a trusted partner allows Novell to put more focus on its collaboration offerings, while allowing its customers to deploy a best-in-class perimeter security and proxy cache product from an expert in that field.
SuperLumin is known as an early provider of solutions for the Linux environment and an industry leader in perimeter security. It’s interesting to note that much of the SuperLumin engineering team consists of previous Novell employees that worked on the advanced development group for BorderManager, as well as Novell Internet Caching System, Novell iChain and Volera proxy cache solutions. Leveraging this combined expertise in Linux, perimeter security and caching, SuperLumin developed Nemesis from the ground up to provide a BorderManager replacement built on SUSE Linux Enterprise Server that delivers everything BorderManager customers want—and then some.
At Novell BrainShare 2010 in Salt Lake City, many Novell customers had an early glimpse of the SuperLumin product. At that time the SuperLumin team also took the opportunity to gather feedback from BorderManager customers as to what features and functions they would want in the SuperLumin offering. The services at the top of the list included forward proxy, transparent proxy, reverse proxy, client trust, ACL check, VPN and firewall. In response, SuperLumin has delivered all of these services in its Nemesis product and enhanced them far beyond what had been available in BorderManager.
Setting up SuperLumin Nemesis as an HTTP forward-proxy server is one of the most common methods for accelerating content delivery to your users' Web browsers. Once a browser has been configured to use SuperLumin as a forward-proxy server, all of the browser’s requests are sent to the SuperLumin proxy server, which will grab the Web objects from the origin Web server, serve them up to the user’s browser and then cache those Web objects in its local cache store. When subsequent requests for those same Web objects are received, the proxy server will then be able to deliver them from its local cache faster than if it had to access them from across the Internet. (See Figure 1.)
Making it even easier to take advantage of its caching services, SuperLumin also provides a transparent-proxy service. The transparent proxy works much the same way as the forward proxy—the main difference being that it eliminates the hassle of having to configure each of your users’ Web browser. It automatically accelerates HTTP content delivery for all of your network users by having you simply configure your network router or switch to route all HTTP traffic to the transparent-proxy service on the SuperLumin Nemesis proxy server.
One of the nice things about transparent proxy in SuperLumin Nemesis is that it provides superior stability over what had been provided by Novell BorderManager. Some customers avoided using transparent proxy in BorderManager due to a tendency to unexpectedly crash. This is not the case with SuperLumin Nemesis. As mentioned before, even though SuperLumin delivers much of the same functionality as BorderManager, it doesn’t share the same code base. This means that it also doesn’t inherit any flaws that might have existed in BorderManager.
In addition to forward- and transparent-proxy services, SuperLumin Nemesis provides a reverse-proxy service. Its reverse-proxy capability allows you to dramatically improve the performance and response time of your organization’s Web server by offloading all redundant content requests to the proxy service. By handling these redundant Web requests, your Web server bandwidth can be preserved for unique content and service requests, as well as supplying dynamic, uncached and updated content to the proxy server for subsequent caching.
Also, while forward- and transparent-proxy services cache content from hundreds and thousands of Web sites, a reverse-proxy can be used to cache specific Web sites or domains. For example, you can configure the reverse proxy to cache the content of multiple sites based on a list of host or domain names, such as www.novell.com, support.novell.com, or *.superlumin.com.
Setting up SuperLumin Nemesis as an HTTP forward-proxy server is one of the most common methods for accelerating content delivery to your users' Web browsers.
Additionally, you can place a reverse proxy in a local network to locally cache and accelerate desired content from specific sites. This allows the SuperLumin proxy server to take advantage of LAN speeds to locally deliver the cached content of these specific Web objects rather than relying on slower WAN speeds. For example, organizations that provide educational content can bring their content closer to individual schools by placing a reverse proxy at each school's local network to locally host the content of their Web sites for fast, local access..