Hello ToySoldier,
> Well actually Scott I am a bit surprised that you can see only
> limited use of a Directory Service like NDS within @HOME to help
> them set and enforce usage policies.
I guess that my perspective was more specifically directed that this one issue in today's network. Remember, these people are running networks today, and are looking for solutions that can be easily migrated into their existing infrastructure ...
> If I were a Novell Marketing / Development Officer I would envision
> an ISP like @HOME developing a Service completely built on
> Directory Services as the underpinning to their existence.
I would agree ... except that you must then also explain and *own* the entire migration strategy. This means moving from the existing services and management technologies which are being used now (every second of every day) to the new ones, without a hitch. This has been a much more difficult solution that you might imagine. There are numerous systems in place now.
> The ISP infrastructure would be NDS enabled (i.e. the Web Servers,
> Firewalls, switch ports, maybe even the cable modems in the future,
> etc.).
Ok, here again, this is a much larger issue than what you seem to state. What access protocols are you going to standardize on? How will these devices become "NDS enabled"? Are you suggesting that all of these devices get a Novell client with NDS embedded? That will be a long time coming. Instead, the approach is to come up with bi-directional directory "sync" products - like DirXML(?) - and then to implement other access protocols into NDS ... some standard, some custom-modified for certain devices.
Oh yeah ... then migrate this into the infrastructure without disturbing anything ... ;-)
I'm not saying that it can't be done ... but these are huge decisions with large implications.
> The users of the service would then be provided the client software
> to login and authenticate into the @HOME service prior to any @HOME
> services being offered.
And this is what MT&T is doing ... I believe. But now you have also picked up the support of another software package with your support services. So you begin to support the Novell client?
Instead, the cable modems are building these configuration services into their hardware ... both head-end and end-node.
> From that point on, @HOME can maintain and restrict access to any
> of their ISP services at a logical layer - not a physical layer
> (their big problem now)!
Please explain how you made this jump? The user authentication would still trigger a set of physical-layer reconfiguration to the network. There *has* to be some sort of physical network ccontrol ... whether it's the cable modem, the router, or if it were BorderManager ... there are physical network components making decisions ... taking control.
> That means that NAT gateways would prove useless to those of us
> users that are riding multiple PCs on the same pipe.
Ok ... now this one you are going to have to explain! ;-)
How can *any* system make NAT "useless"? NAT is completely transparent to the upstream device ... that's why it works! They have no idea if the traffic is orginating from the attached device, or a NAT'd device ... it all comes from the one interface ...
> It would allow @HOME to provide enhanced services to individual
> users - such as billable application renting, billable enhanced
> bandwidth (if cable modem and head-end infrastructure could be NDS
> enhanced), @HOME customer portability (i.e. access to my Web Pages
> from outside the @HOME netowrk), hacker control from troublesome
> @HOME users attacking other @HOME users (via loggin/aditing),
> mobile dial-up service provisioning for cable-modem users on the
> road, should I go on?
You could if you like ... I am able to get all of these services *without* a "true" directory being there now! So your point is? ;-)
I understand that there are ways that a directory could be a better solution to the various mixed solutions being used today. And yes, there are even some others that you didn't mention. But I'm not sure that I will agree with you that the *only* way to do this is with a directory.
> They could turn their ISP into a BSP (Business Services Provider)
> for the Business users on the @WORK network.
And they are today ...
> Ohh well, I gotta slow down the brain here. Time for yet another
> meeting.
Yeah ... I'm going to grab lunch ... just noticed that NOVL is starting to perform slightly better ... I hope it keeps going. I'm waiting to see the *big* names announced today ... if they are there ...
Did anyone see the involvement of CitiCorp or First USA? I haven't seen their name in a release yet ...
> But you get my point Scott. The industry's imagination is a big
> part of the limiatation of NDS.
Yep ... plus all the various "connectors" to existing infrastructure ...
Scott C. Lemon |
