Novell readies a facelift for BorderManager

San Jose, Calif.- Novell, Inc. is readying a new version of its BorderManager Internet access suite that is more versatile and easier to administer.

BorderManager, which consists of caching, virtual private network (VPN) and firewall software, has been Novell's fastest-growing product line since it began shipping last fall. Customers can expect to see the new version ship before NetWare 5.0 does this summer, sources said.

According to Novell officials, the BorderManager upgrade will feature:

• Direct client-side VPN connections
• Secure links to non-Novell VPN servers
• Improved IP management functionality

Missing from the conversation about BorderManager's future, however, was the timetable for a cross-platform release. Despite public statements from Novell CEO Eric Schmidt in which he said the company would free all of its network services from NetWare dependencies, officials last week balked at porting BorderManager to either Windows NT or Unix.

Product details

One main focus for the upcoming release is better client access through support for Secure Sockets Layer and Point-to-Point Tunneling protocols. These technologies will allow PC users to establish direct VPN connections with any Border- Manager server. Previously, two BorderManager servers were required to create a secure link over the Internet.

"This will make it easier for us to securely tend to our customers' networks regardless of our physical location," said Andrew Percy, president of Puzzle Solutions, Inc., a Novell channel partner in San Jose, Calif.

The BorderManager upgrade also will support the Simple Key Management Internet Protocol (SKIP), an emerging industry standard for defining how servers authenticate themselves via VPN connections over the Internet. The SKIP support will allow BorderManager users to set up VPN links with partners or customers who use non-Novell VPN servers.

Novell also is looking into enabling BorderManager servers to belong to multiple VPNs simultaneously. This capability would allow customers to set up multiple VPN connections to remote or customer sites without compromising security policies.

Topping the list of better administration capabilities is support for both Domain Name System and Dynamic Host Configuration Protocol.

This integration will simplify the task of managing dynamic IP client addresses and complex host names as Internet connections are established and terminated.

In addition to the BorderManager upgrade, Novell is investigating a "black box" hardware/software combination based on BorderManager. This product would be a dedicated NetWare server designed to sit at the edge of a corporate network.

The black box would allow small, midsize and large customers to outsource Internet access management chores to Internet service providers that support Novell technology, said Ron Palmeri, vice president of strategic relationships at Novell.

Cross-platform switch?

Since Novell first floated the idea of BorderManager last March, officials have said the suite would eventually be cross-platform.

Michele Arden, vice president of the Border Services Group, said this year the company will rewrite most of the BorderManager administration tools in Java so that they can run on any platform. However, Novell is taking a wait-and-see attitude about porting the BorderManager core to either Unix or NT, she said.

Arden cited recent third-party tests showing that a stand-alone BorderManager Fast- Cache can serve up HTML content as much as seven times faster than a stand-alone Unix-based Web server. "Why would we give up that kind of competitive advantage with a port to NT [or Unix]?" Arden asked.

She said customers have become accustomed to running dedicated network boxes with proprietary operating systems such as Cisco Systems, Inc. routers running IOS.

"There is no reason why customers can't sprinkle NetWare dedicated caching boxes throughout their heterogeneous networks," Arden said.

This approach flies in the face of Novell's cross-platform vision, said Todd Chipman, an analyst with Giga Information Group, in Santa Clara, Calif.

"But maybe preliminary testing showed they can't really compete with similar Internet-based products that run natively on either Unix or NT," Chipman said.