Jeff Jaffe’s Blog

In 2008, I introduced our Fossa project (Fossa, Fossa, continued and Fossa, further continued). The purpose was to create and articulate Novell’s technical vision. Specific use cases highlighted that IT organizations need a greater degree of agility than previously available. Several blog entries highlighted changes that are needed in identity management, Linux, virtualization, policy, orchestration, compliance, and collaboration to achieve this agility.

Fossa Document

Over the past year, Novell Fellows, Distinguished Engineers, and other thought leaders contributed to the development of this architecture. We are making the work available in several ways:

• We have published a 60 page paper which describes the architectural principles. It is available at http://www.novell.com/company/architecturalfoundations/. This is the most comprehensive description of a future architecture for software infrastructure that yields agility.
• We want the individual ideas to be accessible. Many of the inventions are available in the public domain. One of the key methods is through patents—we have submitted more than 30 patent applications related to this architecture.

The Need for Agility is Increasing

With Fossa we have a vision, architecture, and strategy to achieve agility. The continued evolution of the industry over the last year has re-inforce this need for agility. With virtualization deployments continuing apace, and with cloud computing and SaaS growing in popularity the need for agility is evident. Appliance computing, Web 2.0, are related trends. These more flexible modes of delivering software and service come in numerous varieties—so the bet we made on achieving agility in a heterogeneous, platform-agnostic fashion has proved to be critical.

Next Steps

In the last year we have seen issues in financial markets and resultant concerns about risk management and compliance. Will this reverse the drive towards agility and cause focus on control?

I think not. Agility is unstoppable. After all, this is not the first time that security concerns and risk have risen to the surface. Did security stop the Internet? Did risk stop e-business? Did hackers cause harm that is worse than 9/11? Every time that these issues have arisen—the answer has been no! Progress, agility, and capability is vital.

On the other hand, while security concerns do not stop progress—the concerns are real. The result is that we need to manage the concerns—at the same time that we achieve the agility. Some of this is built in to the current Fossa document. Recent Novell acquisitions (Managed Objects and Fortefi) have further positioned us to address these management issues.

Earlier this month Novell acquired privileged user management technology from Fortefi Corporation. We extended our leadership in Identity management and furthered our differentiation in Enterprise Linux.

Technology

Linux and Unix users and/or administrators often require root access which enables them to make broad changes to their system. This is a feature; UNIX and Linux are easy to configure. It is also a risk. Administrators may change responsibilities or leave a corporation, or there may be sensitive information residing on these systems that even the administrators of the system should not be accessing. Without “tracking tools” there are security and compliance exposures.

Fortefi’s technology allows the management of root access capabilities. Their tools provide control of access to privileged accounts, granular tracking of who has accessed these accounts, and audits these permissions for compliance. Novell is building these technologies into a new product—Novell Privileged User Manager.

Leadership in Identity Management and Compliance

We are recognized for our identity management portfolio. With this acquisition, we extend our leadership position. We will take this excellent technology, strengthen its quality, and integrate it with the rest of our identity offerings.

We focus our leading technologies towards the critical area of compliance. Since my last posting on this topic, compliance has become a larger issue in our economy. Without Privileged User Management, customers have compliance risks. We close this gap.

In a related technology area, I have noted our commitment to Enterprise Single Sign-on. Earlier this month we also announced that we were acquiring a perpetual source-code license from ActivIdentity for this technology. This will allow further integration, faster innovation and improved support.

Enterprise Linux

Novell has an additional motivation in acquiring technology for Privileged User Management. We pride our Linux distribution, SUSE Linux Enterprise Server (SLES) for its mission critical capabilities. Soon we will be releasing SUSE Linux Enterprise 11 which will take mission-critical to a new level.

A primary customer concern for mission-critical deployments is security. This concern is amplified with the current focus on Governance, Risk Management, and Compliance (GRC). The flexibility afforded by root access has always been popular for UNIX and Linux. But with the compliance focus, this flexibility must be tempered through improved management by the proper set of tools.

For Novell, we now have a unique capability to provide the Linux distribution as well as management tools such as Novell Privileged User Management. Customers receive a compliant Linux by acquiring several products from a single vendor.

To be sure, our security management tools are platform agnostic. Novell Privileged User Manager will manage root access for other Linux and UNIX variations. Still, the integration provided by this acquisition will directly benefit SLES customers.