Novell Security Manager - The Interview
Novell Cool Solutions: Feature
Digg This -
Posted: 23 Aug 2005
On Aug. 17, 2005, Bob Taylor (BT) of Cool Solutions interviewed Novell's Tim Crabb (TC) and Astaro's Jon Friedman (JF). They talked about the origins of Security Manager, its market strengths, its role with BorderManager, and more. Here are the highlights of the conversation:
BT - How did the idea for Novell Security Manager originate?
TC - Novell was looking for a Linux-based solution in the security perimeter market. We have BorderManager, which is an extremely strong solution, but it's tied to NetWare. As we looked to expand into the broader market of open solutions based on Linux, we wanted to find the best way to do that.
As we looked into this market space, we found that Astaro had a great solution set. They had also had won, and continue to win, many industry awards. Best of all, Astaro's technology met our other objective - it was built on an open-source foundation based on Linux. That would help us achieve the vision we wanted of an open, secure solution based on Novell technologies. So this was a fantastic fit - we could partner with Astaro and bring this solution to the Novell customers very quickly.
JF - Astaro was founded in 2000 by three friends working in Germany. What they saw there was a need in the market for an integrated perimeter security solution. At the time, most companies purchased a firewall and a VPN gateway from one vendor, and virus protection from someone else. Then there were specialized products for things like intrusion protection and content filtering.
But if you wanted security that covered all of those technologies, you would have to buy them from all different vendors. So early on, Astaro's founders saw there was a big benefit in bringing these technologies together. It was much easier to deploy and manage them together, and it was much easier to keep everything up-to-date and coordinated.
So Astaro was built from that idea. But rather than trying to sit down and code all of these applications again, the founders discovered that the Open Source community was becoming a source for terrific technology. The people involved in the Open Source projects were top developers who were working on the problems that really interested them - they were on the cutting edge of developing security technologies.
Astaro realized there was an opportunity to put together integrated products that used a number of these open-source solutions. Astaro added value by identifying the best open-source projects, testing them, integrating them, and building a lot of management tools and a management platform so multiple technologies could be managed very effectively and reliably together.
We at Astaro also decided that the SUSE Linux distribution was the platform for the system. So when Novell was looking for a perimeter security product set, we could show that we not only had a lot of excellent technology, but also were an excellent fit with Novell's strategic direction.
For Novell customers who are considering the advantages of Linux, there's a strong argument that Linux is inherently much more secure. It was designed originally as a multi-user network system, not as a single-user desktop system. And in our case, we've used a hardened version of Linux, stripping out all the things that were unnecessary to us in a security platform.
BT - What's the general timetable for product revisions and updates?
JF - We've been going at the rate of roughly one major release each year, with three intermediate updates with significant product enhancements between each major release.
BT - How does Novell Security Manager compare with BorderManager?
TC - There are a lot of similarities between Bordermanager and Security Manager, since they are both perimeter security products. It's important to remember that both NSM and NBM protect all types of networks (it's not just NSM for Linux and NBM for NetWare, a common misconception), and they can both provide acceleration through proxies - all the basics. However, when a customer is looking at the two, Security Manager offers additional capabilities with secure email and secure web services. While BorderManager has always had tighter integration with eDirectory, Security Manager has always integrated with Active Directory, and now has excellent eDirectory integration.
BorderManager and Security Manager both provide content filtering. On top of that, the secure web services in Security Manager scan for viruses when people download files from the web. They also provide a secure environment by blocking spyware, a big threat in most companies today. Even legitimate sites may have spyware on them. Security Manager can block content on those sites, scanning for spyware and for viruses.
Secure e-mail is a big issue for most companies, as they face spam and viruses. Viruses that go out as attachments can increase liability for the organization.
So if you're looking at some of the emerging threats in today's enterprise, Security Manager is a good solution. It's built around the Internet standards of HTTP, SMTP and POP3, so whatever your mail clients are, we have the flexibility of working with them, as long as they adhere to those standards. With GroupWise, Notes, Exchange - even Outlook and Eudora - you'll get that protection that Security Manager offers. That's a real win for our customers.
And one very nice thing about Security Manager is that it is all managed from one integrated web-based interface, incredibly easy to install and configure.
JF - The secure e-mail subscription includes virus scanning for SMTP and POP3 traffic, so we scan the traffic that conventional e-mail packages use. We also have spam-blocking and anti-phishing capabilities, keeping e-mail systems secure.
Another part of the product deals with scanning web-based e-mail systems that use HTTP protocols. For example, mail from Yahoo, Google, and MSN does not go through your company's web servers. A lot of conventional anti-virus products cover only the e-mail server, not the web server, so they won't pick up viruses that go through web-based mail packages. Novell Security Manager scans for viruses in both types of e-mail servers.
BT - Tell us more about the anti-phishing capabilities ...
JF - Phishing is a bit tricky - it's not like a virus where there's one signature that you can identify; it's a lot more elusive than that.
We actually have several different ways of detecting phishing. One way is to discover certain words or phrases in the text that would tell you that this is a scam.
Another way is to find deceptive links in the e-mail. For example, you might get an e-mail with a link that appears to take you to www.bankofamerica.com, but when you click on the link, it actually takes you to a totally different site that has nothing to do with Bank of America. That's another good indication that this is a phishing e-mail.
There are also databases of known phishing sources. So if you see messages coming from one of those domains you can block them.
There is no silver bullet for phishing - it takes a number of methods to defeat it. There are other companies that work against phishing, but they produce stand-alone products. We offer a solution in the same package as your other security features. You don't have to buy something extra and integrate it.
BT - What's on the horizon for BorderManager, now that NSM has been released?
TC - BorderManager customers have a new release to look forward to next year - version 3.9. We're looking at a number of enhancements to make BorderManager, which is NetWare-based, rich and enhanced. For example, there are new administrative tools, and there will be increased ease of use and interoperability features.
We also want to offer the opportunity for customers to move to Security Manager. Today, Novell Security Manager can inter-operate with BorderManager - site-to-site VPN, same network protection, etc. But we're working out a number of ways for our BorderManager customers, should they choose, to migrate to Security Manager. We don't have those methods ready to announce yet, but we're trying to make that a simple process.
There is a good story for our BorderManager customers. And if they also look at Security Manager, there are some intriguing possibilities there - we hope to have some answers soon on how they can move there easily as well.
BT - How does NSM stack up with the competition?
JF Security Manager competes with three different types of products.
One category is the large-scale firewall and VPN vendors. The biggest ones are Checkpoint, Cisco and the NetScreen division at Juniper Networks. We actually do very well against those - we have a very capable firewall and VPN, and typically we're less expensive. Also, Border Manager is an integrated solution, while these companies sell more of a point product, with just a firewall, a VPN gateway, and limited intrusion prevention. More customers are interested in looking at a more complete integrated solution, and we have that.
Another type of product we compete against is the dedicated virus and intrusion prevention system. The benefit we have is a whole selection of security applications. The dedicated products may be attractive for those just looking for anti-virus, for example. But in six months you might need content filtering, and in another six months you might need to replace your firewall - so why not just get one product, rather than start with a single one and have to add others as you go along?
The final category is security appliances. Some of the companies in that area are SonicWALL, Fortinet, and WatchGuard. They offer several integrated applications, but typically one or more isn't very good. In contrast, every one of Novell Security Manager's modules is a world-class security application. For example, our intrusion protection application now has over 3,000 different intrusion protection rules in it. Other companies may have only 500 to 1,500 rules in their application. We use a database of over 100,000 virus signatures - other companies may have a far smaller number of virus signatures that they block. Our content filtering uses a database of 60 million categorized web sites in 15 languages - most competitive products use databases that are only one-tenth that size.
Also, many of the competing products are not as well integrated as ours. If you look at our industry reviews, the reviewers always single out our user interface for making it exceptionally easy to manage all the security applications together. Also, we put all the different kinds of updates, software patches and all types of threat signatures, together in one update package. With one click all of the updates are applied. With other products it is much more difficult to keep the software and all of the signatures up to date - you have to go to several places and take several steps, and it's not as reliable or easy.
BT - What customer base is Novell Security Manager targeting?
TC - We want to take this to multiple customer bases. We're enhancing Security Manager to integrate more tightly with eDirectory. One of the things that's exciting about this product is that anybody can use it. It can protect any type of network, and integrating tightly with a Windows or Novell environment; so it's a very easy product to bring into any enterprise.
Ease of use and manageability are some of the key things that attracted Novell to the Astaro product in the first place. We believe very strongly that our channel partners and customers will be able to embrace this product and get it up and running in their enterprises very quickly.
JF - This type of technology is needed by everyone. Virus creators and hackers are not industry-specific - the problems cut across all industries and organizations. Nobody can afford to remain unprotected against any of these threats.
TC - The nice thing about Security Manager is that it can be easily implemented in a department, or enterprise-wide. Integrated security used to be a niche, but now everyone needs integrated security, because everyone has e-mail and Internet access. That's why Security Manager plays so well with the general populace.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com