• United States

Novell takes another swipe at auditing

Jul 17, 20032 mins
Enterprise Applications

* Novell Nsure Audit will audit security, system and application events

NetWare managers didn’t just dislike Novell Advanced Audit Service; they were also quite eager to tell other people they didn’t like it. Since NAAS was brand new in NetWare 6, replacing the usable (but always in need of improvement) Auditcon utility, this was a worrying development that evidently caught Novell off guard.

Novell was so off guard that it licensed a new version of Blue Lance’s LT Auditor to ship in NetWare 6.5. Still, we knew there would be further developments, so we waited for the other shoe to drop.

It dropped last week.

At the Burton Group Catalyst Conference in San Francisco, Novell’s Loren Russon (affectionately known as the “beet digger” around Provo) unveiled an eDirectory-based auditing system called Novell Nsure Audit (NNA). NNA will audit eDirectory events, and there’s also an open, free software developer’s kit so that any software provider – third-party software vendor, in-house staff, or even Novell’s application developers – can audit-enable their applications and services.

Auditing capabilities will ship with every eDirectory package (for all platforms), but Novell will also sell a secure logging server package to consolidate information from multiple audited platforms into a comprehensive reporting service. The logging server does more than simple passive logging, though; it also does real-time monitoring and real-time notification of violations of policies and regulations (which you can filter so that only those violations you deem “interesting” are flagged for immediate notification).

Nsure Audit is shipping now. To use the secure logging server, a platform agent must be installed on all monitored platforms. Agents are currently available for:

* Novell NetWare 4.2 or later

* Microsoft Windows XP Service Pack 1, 2000 Service Pack 3 and NT

* Sun Solaris 8 and 9

* Red Hat Linux 7.3 and 8

The secure logging server itself will also run on multiple platforms, including:

* NetWare 6.5

* NetWare 6 (Support Pack 3)

* NetWare 5.1 (Support Pack 6 or later)

* Windows XP (Service Pack 1)

* Windows 2000 (Service Pack 3)

* Solaris 8 or 9

* Red Hat Linux 7.3 and 8

* eDirectory 8.5 or later

I’m sure you’ve got at least one of those platforms on your network. This isn’t an inexpensive product (although free versions – without the secure logging server part – will ship with upcoming versions of NetWare). The server part lists for $10,000 with an additional $1,500 for each monitored platform and system. You’ll need to evaluate the system yourself to see if it has value for your enterprise, but evaluate it you should.