What's New in Novell BorderManager 3.7?
Novell Cool Solutions: Feature
By Scott Jones
Digg This -
Posted: 15 Mar 2002
Version: BorderManager 3.7
Novell BorderManager has historically been marketed as a suite of security products that solve a variety of different business problems. However, NBM is now a component of Novell Secure Access, a truly comprehensive bundle of access and security solutions. (For more information on Novell Secure Access, see the product documentation at http://www.novell.com/documentation/secure_access10/index.html.)
Starting with version 3.7, NBM will be a single package (no components or "Enterprise Edition") and will begin to concentrate on its core competencies. This allows Novell to focus engineering efforts on the NBM features in highest demand. It also sharpens the product definition (as discussed below), which simplifies the marketing message and purchasing decisions.
Internet Access Control and Proxy Cache
The most popular feature of NBM is the ability to control and monitor the Internet activity of employees who are sitting inside the company network. The NBM proxy cache can execute Internet access rules based on the identity of each user in Novell eDirectory. If the user is already authenticated to eDirectory, he or she is automatically authenticated to the NBM proxy. If the user is not authenticated to eDirectory, NBM provides a secure interface to log in through a Web browser. Activity is logged by user name, providing a detailed record of who did what and when.
For more information about activity logging, see "Understanding Novell BorderManager's HTTP Proxy Logs" in the January 2002 issue of Novell AppNotes.
Virtual Private Networking (VPN)
The second most popular feature of NBM is directory-integrated VPN. VPN provides encrypted links across the public Internet so that users may securely access the corporate network from home or on the road. VPN eliminates the need to provide remote access dial-up service; the user may be connected to the public Internet anywhere, by any means, and still be able to access corporate resources. The reduction in cost of ownership is huge. NBM also supports site-to-site VPN links, which can securely connect branch offices across the Internet, without the cost of expensive WAN circuits.
The third major component of NBM is firewall services, which includes IP packet filtering and Network Address Translation (NAT). Packet filtering functions at the Network and Transport layers of the OSI model. It can be used to control network traffic to and from specific networks or hosts, based on IP ports and transport layer protocols. Packet filtering also allows the control of special network traffic such as router discovery protocols. IP packet filtering is the first layer of defense at a network border and takes precedence over higher-level services such at proxy access rules.
By including robust firewall capabilities, NBM gives the small or medium customer the ability to use a BorderManager server as its Internet connecting device. Integrated firewall services also provides maximum flexibility for design and placement of proxy and VPN services in larger environments, working cooperatively with other firewall platforms.
For more info on the new features in the Novell BorderManager 3.7, see this new AppNote.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com