Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : Novell (NOVL) dirt cheap, good buy? -- Ignore unavailable to you. Want to Upgrade?

To: PJ Strifas who wrote (30491)	2/24/2000 4:27:00 PM
From: Steven Ivanyi	Respond to of 42771

this is interesting: Bank Bases IP Overhaul On NetWare THURSDAY, FEBRUARY 24 2000 3:43 PM EST Feb 24, 2000 (Tech Web - CMP via COMTEX) -- While Novell NetWare is still best known as a platform for file and print services, the company is trying to convince IT managers to use its wares for e-business apps. A $2.9 billion regional bank in New England has decided to build an IP-based framework based on NetWare and other Novell technology to let employees connect to mainframe-based banking software run by an ASP in another state, as well as offering limited e-banking for customers. Eastern Bank plans to upgrade completely to NetWare 5 using native IP, rather than IPX/SPX, which the bank is using. "The IPX protocol is very chatty -- it consumes too much bandwidth across the link," said Henry Greener, vice president of network architecture at Eastern Bank. Greener said Eastern Bank plans to start its rollout in about six months, with no completion date set. Eastern Bank said it expects to use about 12 percent to 15 percent less of its bandwidth by changing from the current NetWare to the IP-based NetWare 5. In addition to NetWare, Eastern Bank uses mainframe gateway software and firewalls to connect its 1,100 employees with the mainframe run by a service provider in another state. The bank's employees are spread across 50 sites. Desktops run the Novell 4.1 and 5 client software on top of Microsoft Windows 95 and 98. The company uses NetWare for SAA to connect to the IBM mainframe run by MNI Bank in Brown Deer, Wis. The SAA connection is the lifeblood of the company, with the MNI mainframe running core banking applications. When a bank teller enters account information into the PC, it links in real time with the MNI mainframe. Phil Schacter, an analyst at the Burton Group, said maintaining mainframe connectivity is an important part of companies' e-business strategies, and NetWare is well-suited to the task. "While the need for this type of host integration is diminishing over time, you still have a lot of legacy systems that companies need access to," Schacter said. The SAA gateway connects to MNI through an IP-based T1 from the bank's headquarters in Lynn, Mass., to MNI's New England data center in Braintree, Mass., and then over MNI's internal ATM backbone to Brown Deer. For Internet connectivity, Eastern Bank uses a double-firewall model of Internet security. The company maintains a Novell Border Manager firewall and proxy at the edge of its network, with an NT-based server to provide Internet access to accounts for the bank's premier customers located outside the Border Manager firewall, and another Border Manager firewall located between the NT server and the Internet. The company manages systems using Novell Directory Services (NDS) and Novell's ZENworks management software. It enables the bank to manage its distributed network centrally, since NDS provides granular control over network resources. "Instead of having to administer 110 Novell servers, we administer one network centrally," Greener said. Eastern also outsources its electronic banking services to MNI and application service provider NaviSite, though Greener said plans call for bringing that in-house by year's end. He is considering Novell's NDS eDirectory to enable customers to access their account data. The bank will likely use digital certificates in conjunction with NDS for authentication and will evaluate iChain, an e-commerce framework built on NDS that is due next month. Copyright (C) 2000 CMP Media Inc. techweb.com

To: PJ Strifas who wrote (30491)	2/27/2000 8:05:00 PM
From: Spartex	Respond to of 42771

A Security Flaw Is A Security Flaw: Microsoft And The Win2000 Bug Sat Feb 26 00:17:00 EST 2000 Feb. 25, 2000 (InternetWeek - CMP via COMTEX) -- At first I was surprised to learn about Microsoft's apparent lapse in Windows 2000 security. Was it really possible that Microsoft, despite its history of not quite getting the concept of security, would really ship an operating system that lets anyone with Active Directory administrator privileges have his run of sensitive company data? Was it possible that Microsoft had forgotten even the most basic tenets of IT security? The original source of this revelation, Novell, certainly has a vested interest in poking holes in Active Directory. The Provo, Utah-based network operating system vendor is struggling to compete with Microsoft's marketing machine. The question is whether this a real hole or just Novell hype. We decided to find out. Contributing editor Alan Zeichick, who recently completed a review of Windows 2000 for InternetWeek, had also recently reviewed Novell's NetWare 5.0 and had taken a close look at the security provisions of both operating systems. If anyone would be able to tell whether there's a hole in Active Directory, it's Alan. He found a major hole in Active Directory almost immediately. Following the steps published by Novell on its Web site, Alan was able to take ownership of directory objects that the security setup had barred him from accessing. Once he took ownership, he was able to see, and copy, anything he found. Microsoft, in its response to Novell's claims, first tried obfuscation. In a document that was notable for its density, Microsoft claimed that Novell was wrong. In any case, Microsoft continued, if someone were to break into an area that they weren't supposed to be in, the security log would record it. Over the Presidents Day weekend, Microsoft revised its response, saying that the ability for any administrator to break into any area in Active Directory by simply transferring ownership of the directory object is a feature, not a bug. That way, according to Microsoft, if something should happen to the network administrator, another administrator would be able to assume control of an Active Directory server. Perhaps. But the basic concept of security is to keep people from seeing things they're not supposed to see. For example, if you keep your payroll or personnel information in a protected area on your server, only certain people should be able to see it. To allow anyone with administrator-level permissions anywhere in Active Directory to browse through such private information, controlled only by an entry in a security log that might or might not get noticed, violates all sorts of security practices. It's also a good way to test your liability insurance. Microsoft's response? Put such information into a separate domain. In other words, the security in Active Directory isn't really very good, because by Microsoft's own admission, you can't keep people out if you're using it. Instead, you have to go back to Windows NT's old domain-style management, losing all of the perceived benefits of Active Directory. Or, of course, you can pick another means of protecting your information altogether, such as choosing Novell's NDS for your directory service. That might play right into the hands of Novell after all, but a security flaw is a security flaw. Wayne Rash is managing editor/technology. He can be reached at wrash@cmp.com or wrash@mindspring.com. ragingbull.com