Reader gives big thumbs up to Astaro security product

Opinion
Jul 26, 20053 mins

* Reader says Novell should drop BM and integrate NSM into eDirectory

A few weeks ago, I told you about the upcoming upgrade for Novell Security Manager (NSM) powered by Astaro. The upgrade would tie it more closely to eDirectory than the current shipping version, which uses a generic LDAP interface. That reminded longtime reader Joe Whited to drop me a note with his impressions of NSM.

A few weeks ago, I told you about the upcoming upgrade for Novell Security Manager (NSM) powered by Astaro http://www.networkworld.com/newsletters/netware/2005/0704nw2.html. The upgrade would tie it more closely to eDirectory than the current shipping version, which uses a generic LDAP interface. That reminded longtime reader Joe Whited to drop me a note with his impressions of NSM.

After using it for a short time, he said: “Novell should stop all development on BorderManager (if it hasn’t already) and work on getting this excellent product more effectively integrated into eDirectory.” Whited doesn’t just say, “it’s nice” or “I’d consider it.” No. This is an unqualified “full speed ahead” with NSM development and drop BorderManager (BM) now before wasting any more time on it.

Over the years that Whited has been writing to me and commenting on the newsletter, he’s always been calm, rational and fairly conservative in his views. But not this time. He says: “One of my engineers installed NSM on a spare PIII server we had running and…Wow! Installation is super fast and easy, and the management is far more intuitive and consistent than the hodge-podge of NWADMN32, IMANAGER, INETCFG and BRDCFG that BM forces you to use.”

The only caveat he adds is: “Besides pulling security from eDirectory (using LDAP or eDir, whatever) it needs to actually store its config and rules in eDirectory, I think.” Sounds like a good idea to me.

If you haven’t bought NSM powered by Astaro you should look into it. But you might also simply buy the Astaro product itself – Astaro Security Linux https://www.astaro.com/firewall_network_security/security_facts. It’ll run on the SuSE kernel version of Open Enterprise Server, or you can run it up on virtually any Linux host. And, as Whited said, an old Pentium III machine should work fine as a hardware platform. The services it provides include:

* Firewall.

* VPN gateway.

* Anti-virus.

* Intrusion protection.

* Spam filtering.

* Content filtering.

* Spyware Protection.

Prices start at $330 for a 10-user license, and you can download https://my.astaro.com/download/ a free evaluation version to check it out. Maybe you should.