Get proactive

I’ve mentioned NetVision’s ServerAlert and DirectoryAlert products in this newsletter from time to time (see editorial links below) because I think that they – and other products just like those – belong on any serious NetWare network. It seems that even Novell has now recognized the importance of pro-active tools as both SA and DA are now being sold along with NetWare and eDirectory by the entire Novell sales force as part of Novell’s new Nsure brand of secure identity management products.

You, of course, can get the tools directly from NetVision (http://www.netvision.com) or from your local networking product retailer.

The network is far too critical to your business to be left on its own while you hope everything is OK. Tools that monitor, diagnose, and provide alerts are necessary so that you can proactively maintain your network. After all, the highest praise your users can give the network is to remark that they don’t even know that it’s there.

DA and SA work together to collect relevant enterprisewide security information based on real-time events and queries from Novell eDirectory, as well as the NetWare file system and the operating system. That information is then compared against predefined policies, auditing not only access control, but behavior as well. Directory and server activities are monitored in real-time, enabling organizations to discover and prevent security breaches before they can take place. It gives administrators the flexibility to determine what types of suspicious activities to watch for, such as:

* Changes in access control lists.

* Assignments of administrator rights to user accounts.

* Remote access to certain servers.

* Low memory conditions.

* Loading or unloading of server applications.

Novell eDirectory events (as well as the various processes of ZENworks, DirXML, GroupWise and other directory-aware applications) can also be proactively monitored.

DA and SA can execute predefined and automated responses based on the policy comparisons, guaranteeing policy compliance through their ability to reverse unauthorized changes to the system in real-time. Since data collection is immediate, policy breaches can be identified as they happen. Activities are continuously monitored and compared against policies in real-time.

Multiple standardized outputs that are supported include alerting, archiving and reporting via: XML, ODBC, SMTP, SNMP, CSV, MAPI, and LDIF. Policy execution is flexible enough to respond uniquely to any level of policy violation whether the violation is considered to be innocent, suspicious, or outright malicious.

These really are tools that serious network managers need to evaluate. I’m glad to see that Novell agrees with me.