Product review: Solid BorderManager adds NDS

Novell is taking its Internet presence a significant step forward with its forthcoming release of BorderManager, Enterprise Edition, version 3.0.

The beta version of BorderManager that I tested proved to be an all-inclusive Internet management suite that offers all of the Internet features required by most companies, including firewalls, performance accelerators, virtual private networks (VPNs), and Web filters. By combining these products into a suite, each product becomes easier to implement and manage. And by integrating tightly with Novell Directory Services (NDS), BorderManager provides network users with single log-on access to the Internet, an intranet, or an extranet.

The benefits of the Internet-based services provided by a company are often hindered by security measures required to keep hackers out of the system. However, although hackers outside of the firewall are a constant threat, they cannot compare to the threat of a disgruntled employee, who possesses an insider's knowledge of the company and as a result can do severe damage. In addition, the abuse of Internet access by employees who consume the company's time and bandwidth for personal interests can also weaken the system.

As one component of the BorderManager suite, Novell's Firewall Service is designed to protect corporate data from both incoming and outgoing Internet traffic. It also lets network administrators protect sensitive data from users inside the firewall.

Because BorderManager's authentication service uses NDS, remote users can log in to the network through the Internet with a single password. By integrating all of these features with NDS, BorderManager provides network administrators with a single point of management, the NetWare Administrator. Alerts are used to notify administrators of specified security violations.

In addition, using NetWare Administrator's notification feature, administrators can choose who should be notified, as well as the method of notification -- whether by e-mail, pager, or an SNMP-aware management console such as ManageWise.

BorderManager 3.0 also includes such security features as application proxy, HTTP application proxy, circuit gateways, the Novell IP gateway, network address translation, and packet filtering.

BorderManager also offers VPN service, with which you can establish connections to remote offices or users using the Internet as the medium. Data is encrypted using RC2, RC5, DES, and Triple-DES encryption algorithms to eliminate the possibility of eavesdropping. In addition, the VPN features support site-to-site, client/server, and extranet connections.

Another crucial service provided by the suite is proxy caching. BorderManager FastCache is perhaps the suite's most popular feature. FastCache improves Internet access performance while reducing bandwidth requirements. As updated in this version of BorderManager, FastCache supports HTTP and FTP caching. Read-ahead caching and scheduled batch downloads have also been added.

Read-ahead caching, as its name implies, makes intelligent assumptions as to what content will be requested next by users, and then downloads those pages in advance. As a result, when a user clicks on the next link the page is already there; the user does not have to wait for the page to download.

Scheduled batch downloads allow you to download frequently accessed sites during times of low bandwidth utilisation. When users begin to request information from a downloaded site, the information has already been stored in a local cache, which improves performance without consuming addition WAN bandwidth.

Configuring BorderManager requires you to have an intimate knowledge of your network, intranet, and the Internet infrastructure. Despite the lack of detailed documentation provided with the beta software, it was easy to configure the many features available in BorderManager.

I installed both NetWare 5 and BorderManager on a test network, using a Pentium Pro 200 server with 64Mbytes of RAM. This is about the lowest processor and RAM configuration I would consider using.

Installation of BorderManager was a cinch using the GUI-based wizard. One minor problem occurred when a file wouldn't copy, which seemed to cause the system to hang. But when I reverted to the familiar text-based installation interface, called c-worthy, I was given the option to skip that file and continue with the installation.

Once BorderManager is installed on the server, you must log in to that server and register the BorderManager snap-in with NetWare Administrator 32. This allows you to manage BorderManager from NetWare Administrator. BorderManager also includes a two-user run-time version of NetWare.

Using BorderManager would be a good move for NetWare networks that already employ NDS. The suite leverages the existing NDS infrastructure, making Internet services easy to implement and administer. Networks that use NDS have installation advantages that non-NDS networks do not have. For example, most of the configuration work has already been done. User names and passwords are already entered and defined, and groups are established. In addition, the NDS administrator's tool of choice, NetWare Administrator, is extended to include the management screens for your proxy server, VPN, firewall, and Web destination content filters. This shortens implementation time significantly. Non-NDS installations do not have such advantages.

The only other drawback is that Novell has bundled these products into a suite; many network administrators are leery of relying on one vendor to provide the best solutions across the board. However, I think that the benefits of NDS integration across all of the products in this version of BorderManager outweigh the few disadvantages I could find.

The bottom line

BorderManager, Enterprise Edition, Version 3.0, betaThis full-featured Internet management and security application integrates with Novell Directory Services (NDS) for user authentication and management.

Pros: Easy to install, implement, and administer on existing NDS networks; full-featured suite.

Cons: Not well-suited for non-NDS sites; beta software not completely stable.

Price: Not yet released.

Platforms: NetWare, Unix, and Windows NT networks.

Ship date: End of this year.

Dennis Williams (dennis@productreviews.com) is a freelance writer and product consultant, based in Alpine, Utah.

Join the newsletter!

Error: Please check your email address.

More about GatewayNDSNovell

Show Comments

Market Place