IBM Unveils Massive Directory Strategy

IBM Corp., looking to better integrate its own vast product set as well as boost interoperability with third-party offerings, will preview this week a directory strategy to be rolled out in stages in 1999.

As part of its directory plan, in the spring IBM plans to release a meta directory to run on top of its eNetwork Directory that will be capable of importing and exporting changes among multiple directories -- including Lotus Domino, Microsoft Active Directory, and Novell Directory Services (NDS).

A key phase of IBM's directory strategy involves "directory-enabling" all of its own middleware applications by the end of 1999, according to Phyllis Byrne, vice president of distributed systems support at IBM's network computing division, in Austin, Texas.

Among the products first on the list are the DB2 database, the WebSphere Web application server, Global Sign-On software, and IBM's NT Suites software. IBM also plans to link its eNetwork LDAP directory to third-party products, to enhance its eBusiness initiative.

"The experience of using the WebSphere or NT Suites packages will no longer be riddled with multiple directories; we'll have masked that," Byrne said.

Directory-enabling these products will significantly reduce costs by offering seamless log-on and user administration, she said.

To further enhance management, IBM will be using the Tivoli Systems User Administration software for cross-platform management of directories across Lotus Domino, NT, Unix, and Novell NetWare environments, IBM officials said.

Additionally, IBM's Tivoli division said it will be integrating NDS with the Tivoli Enterprise management software, and the integrated solution will ship early in 1999. This will enhance user administration.

Byrne also said the company plans to offer its integrated directory, security, and management solutions for the Linux OS.

"We already offer DB2 for Linux. Since DB2 is the main repository for the directory, it makes sense that we would offer the directory on Linux," one IBM executive said.

Although IBM is using the eNetwork Directory as the basis for integrating heterogeneous networks, systems, and applications, the eNetwork Security software will also play a significant role.

IBM has a three-part security strategy that it plans to detail and roll out at January's RSA conference in San Jose, California.

This three-prong approach includes authorization, accountability, and availability, stated a document posted on IBM's Web site.

One industry analyst expressed mixed emotions over IBM's directory strategy.

"[IBM is] trying to tie together their disparate environment using LDAP [Lightweight Directory Access Protocol], DB2, Kerberos for secure authentication, and PKI [public key infrastructure]," said Larry Gauthier, a senior analyst at the Burton Group, in Midvale, Utah. "This is wonderful news on the surface. Unfortunately, one layer down, this whole thing starts to dismember itself."

Gauthier was quick to point out that IBM has been very slow to the whole LDAP and directory-based management game. The vendor is just about the last of the major players in this space to introduce support for LDAP 3.0, which it plans to release by March.

Although IBM is touting support for multiple operating environments as the golden egg of its new strategy, its mainframe users will surely feel snubbed as the directory solution will not be offered on IBM's MVS platform, according to sources close to the company.

IBM Corp., in Armonk, New York, can be reached at