Last spring when Novell rolled out "Novell Security Manager powered by Astaro (NSM)," I took the company to task because it appeared that the security appliance was more comfortable with Microsoft's Active Directory than with Novell's own eDirectory (see link below).
Why Novell's latest security appliance is sending the wrong messages
Network World, 03/15/05
Meet the Windows Server 2008 robot
Help on the way for SMB telephony reseller margins being squeezed to death by Cisco
E-Mail article
|
|
Print article
|
|
Contact author
|
Reprint
|
AIM article
|
del.icio.us |
Reddit
|
Digg
|
Stumble
|
Slashdot It!
|
After writing that newsletter I spoke to officials at Novell who assured me that better integration with eDirectory would be coming in the next release.
Astaro has now released the latest version of its Astaro Security Linux Unified Threat Management software (the basis for the Novell product), and - guess what - according to the press release, it "provides enhanced integration with Novell eDirectory for highly configurable and customizable identity management and remote access security."
Yeah!
Now it's not going to be as easy as simply doing an upgrade to your NSM with the Astaro software. Well, nothing is ever THAT simple. But there will be an upgrade for NSM later this year that will incorporate much of the new features in the Astaro product.
<aside> Unfortunately, whenever a vendor bundles in products from a partner, the vendor always seem to be one version behind the partner's own releases. Generally, this "bundling in" should only be a short-term solution while the vendor either works on its own product or simply acquires the partner and its technology.</aside>
For those of you using Astaro's Unified Threat Management product, this upgrade should be already in your testbed with a view to rolling it out real soon. In addition to the tighter integration with eDirectory, the new release features:
* Linux Kernel 2.6 - Astaro Security Linux 6.0 utilizes the new Linux Kernel 2.6, which also supports new hardware and devices,
giving you a wider choice of platforms.
* Session Initiation Protocol (SIP) Proxy - This increases flexibility, security and performance when supporting VoIP communications.
* Anomaly-Based Intrusion Protection - Astaro's Intrusion Protection application now includes a stronger barrier against "zero-day-attacks"
- the malicious threats that attack enterprise networks before signatures have been developed. To guard against these attacks,
the product monitors the behavior of "normal" traffic via statistical and heuristic analysis and identifies anomalies that
indicate a possible new attack.
* Transparent Firewall Mode - To allow seamless integration into existing networks, Astaro Security Linux can now be installed
in transparent (bridge) mode, eliminating the need to reconfigure IP space from currently assigned addresses.
* Time-Based Packet Filter and Surf Protection - Packet and URL filters can now be configured for specified time periods,
for example to allow a specific group access to specific servers only from Monday through Friday, from 8 a.m. to 5 p.m.
* Policy-Based Routing - In addition to normal routing, which is based on the destination IP address, traffic can now be forwarded
based on source IP address, source and destination port. With this feature, traffic can be spread over multiple Internet uplinks
to improve application performance and use of bandwidth and to control costs.
Dave Kearns is a writer and consultant in Silicon Valley. He's written a number of books including the (sadly) now out of print "Peter Norton's Complete Guide to Networks." His musings can be found at Virtual Quill.
Kearns is the author of two Network World Newsletters: Windows Networking Strategies, and Identity Management. Comments about these newsletters should be sent to him at these respective addresses: windows@vquill.com, identity@vquill.com .
Kearns provides content services to network vendors: books, manuals, white papers, lectures and seminars, marketing, technical marketing and support documents. Virtual Quill provides "words to sell by..." Find out more by e-mail.
| Start a public discussion with other Network World users on this article (scroll up to send this article to a colleague). Log In | Register for an account (Why you should) |
Note: Register to have your user name appear; otherwise your comment will show up as "Anonymous."
*Anonymous comments will only appear once they are approved by the moderator.
Copyright 2008 Network World Inc.
Browse Newsletter categories: Branch Office Best Practices | Convergence | High Speed LANs | Identity Management | IT Careers and Training | IT Leadership | Linux | Messaging | Network Optimization | Network/Systems Management | New Data Center Strategies | Novell NetWare Tips | Optical Networking | Outsourcing | Security Strategies | Servers | Service Provider News Report | Small Business Technology | Storage in the Enterprise | Technology Executive | View from The Edge | Virus and Bug Patch Alert | VORTEX Digest | VPNs | Web Applications | Wide Area Networking | Windows Networking Strategies | Wireless in the Enterprise |
|
Does Verizon's Voyager stack up to the iPhone? |
5 IT skills that won't boost your salary [1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
Comprehensive Network & Voice Management Visit CA Network & Voice Management Resource Center and get insights into industry best practices, information that helps you to address your challenges.
Voice over IP (VoIP) has much to offer in cost savings but some customers have concerns about VoIP call quality compared to the quality of traditional voice services. This white paper will help you learn how to take the right steps so that voice quality is assured.
Managing your network is serious business. This paper discusses the benefits of integrating configuration change-awareness into your network fault management solution
