Presentation is loading. Please wait.

Presentation is loading. Please wait.

Novell BorderManager® 3.7: Technical Overview

Published byJulianna Lamb Modified over 5 years ago

Similar presentations

Presentation on theme: "Novell BorderManager® 3.7: Technical Overview"— Presentation transcript:

1 Novell BorderManager® 3.7: Technical Overview
Novell BrainShare 2002 Novell BorderManager® 3.7: Technical Overview X. Felix Software Consultant Novell, Inc. TV. Sriram Senior Software Engineer TUT 246—Novell BorderManager 3.7: Technical Overview

2 Agenda Novell Vision and Mission Novell Vision—BorderManager®
One Net business solutions model New Features in Novell BorderManager 3.7 (NBM 3.7) Technical Overview on New Features NBM 3.7 New Features—Demonstration Question and Answer Session

3 Vision…one Net Mission
A world where networks of all types—corporate and public, intranets, extranets, and the Internet—work together as one Net and securely connect employees, customers, suppliers, and partners across organizational boundaries Mission To solve complex business and technical challenges with Net business solutions that enable people, processes, and systems to work together and our customers to profit from the opportunities of a networked world

4

5 Novell Vision—BorderManager
Novell BrainShare 2002 Novell Vision—BorderManager Novell Vision and BorderManager Security Scalability Manageability Reliability Mobility Quality of service TUT 246—Novell BorderManager 3.7: Technical Overview

6 New Features in NBM 3.7 New in NBM 3.7—Firewall and Caching Service
Novell BrainShare 2002 New Features in NBM 3.7 New in NBM 3.7—Firewall and Caching Service GUI-based firewall configuration Enhanced content filtering using SurfControl’s Web Filter Virus Request Blocking in HTTP Accelerator TUT 246—Novell BorderManager 3.7: Technical Overview

7 New Features in NBM 3.7 (cont.)
New in NBM 3.7—Virtual Private Network (VPN) Services VPN Client for Windows ME VPN Client for Windows XP NICI-based VPN client

8 Technical Overview: Firewall and Caching Services
GUI and Novell eDirectory™-based firewall configuration Filter Database—moved from Text Files to eDirectory NBMRuleContainer—Container Object for Filter Objects One Object in organization for all firewalls Extension to more than one firewall (using ConsoleOne®) Service/Packet Types—Part of the Rule Container Sharing across firewalls Feature advantage Configure your firewall using iManager on 6 Pack

9 Technical Overview: Firewall and Caching Services (cont.)
GUI and eDirectory-based firewall configuration On 6Pack—firewall configuration can be done from iManager Web-based management of firewall Routing and packet forwarding for IP-based filters only Wizard-based filter configuration All filters through wizards

10 Technical Overview: Firewall and Caching Services (cont.)
Migration Text file to eDirectory transition Default Filter Exceptions in NBM 3.7 Install Exceptions for forward proxies Filtcfg changes for eDirectory-based storage Optimizations for eDirectory storage and access

11 Demonstration: GUI-Based Filtcfg

12 Technical Overview: Firewall and Caching Services (cont.)
Enhanced content filtering from Surf Control web filter Enhanced category List Thirty categories Enhanced URL database Single General List replaces Cyber-YES and Cyber-NO list

13 Technical Overview: Firewall and Caching Services (cont.)

14 Technical Overview: Firewall and Caching Services (cont.)
Virus Request Blocking on HTTP Accelerator Block incoming virus generated HTTP request to web accelerators Only block Viruses of CodeRed/Nimda genre Command Line Configuration of Patterns—run virus updates from NCF files Performance monitoring—separate screen Appnote

15 Demonstration: Firewall and Caching Services (cont.)
Virus request blocking on HTTP accelerator Auto-detect New Virus Requests Virus Requests change very often Plain Database Lookup fails for New Virus Request patterns Regular Expression Comparison is costly Keyword—First Heuristic Parameter for Auto Detect “CMD.EXE” to detect New Virus Requests with different Directory Traversal Hit Count Threshold—second heuristic parameter for Auto Detect Max Hit Count Threshold Average Hit Count Threshold Recommend Threshold

16 Demonstration: Firewall and Caching Services (cont.)

17 Technical Overview: VPN Client for Windows ME
Advantage Windows ME users now can securely access corporate network through NBM VPN server

18 Technical Overview: VPN Client for Windows ME (cont.)
Challenges Windows ME uses TCPIP stack from Windows 2000 which made Vxd table hooking technique to fail Win ME uses monolithic PPPMAC driver which makes it difficult to interface with Intermediate Driver (IM) concept Solution Arrived solution by using PELDR hooking technique which hooks PE table from where TCPIP gets NDIS entry points The driver is a Pseudo Intermediate Driver (PIM)

19 Technical Overview: VPN Client for Windows XP
Advantage Large number of users use Windows XP and they can now securely access corporate network through NBM 3.7 VPN server

20 Technical Overview: VPN Client for Windows XP (cont.)
Challenges Windows XP is successor of Windows 2000 Windows XP is strict in checking IRQL Solution VPN Client on Windows XP is an intermediate driver based on VPN client’s architecture on Windows 2000 Removed some unwanted spin locks which raises IRQL level

21 Technical Overview: NICI-Based VPN Clients
Advantage NICI does not have export restriction where as BSAFE has (used in earlier versions of NBM VPN Client) Using NICI for encryption helps to have a single VPN client worldwide

22 New VPN Client

23 New in NBM 3.7 Install Default Gateway configuration
Delete GATE from IP Bind Line of Inetcfg Licenses for all services installed Upgrade requires activation key Default Filter exceptions More than one interface and at least one public interface Default DENY All from and to public interface Filter Exceptions created only for the selected Proxy Services

24

25 wiN big Access and Security table one Net solutions lab visit the
in the to obtain an entry form

26

Download ppt "Novell BorderManager® 3.7: Technical Overview"

Similar presentations

Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.

Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)

2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)
Novell iChain ® 2.x Configuration Using the Web Server Accelerator Wizard Cary Andrews Senior Software Engineer Novell, Inc.

Novell iChain ® 2.x Configuration Using the Web Server Accelerator Wizard Cary Andrews Senior Software Engineer Novell, Inc.
Access Controls Supervised by: Dr.Lo’ai Tawalbeh Prepared by: Abeer Saif.

Access Controls Supervised by: Dr.Lo’ai Tawalbeh Prepared by: Abeer Saif.
Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.

Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.
Securing Your GroupWise ® System Morris Blackham Software Engineer Novell, Inc. Danita Zanrè Senior Consultant Caledonia.

Securing Your GroupWise ® System Morris Blackham Software Engineer Novell, Inc. Danita Zanrè Senior Consultant Caledonia.
Chapter 9: Novell NetWare

Chapter 9: Novell NetWare
1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.

1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.
P RESENTED B Y - Subhomita Gupta Roll no: 10 T OPICS TO BE DISCUSS ARE : Introduction to Firewalls  History Working of Firewalls Needs Advantages and.

P RESENTED B Y - Subhomita Gupta Roll no: 10 T OPICS TO BE DISCUSS ARE : Introduction to Firewalls  History Working of Firewalls Needs Advantages and.
Using Novell iChain ® 2 to Deliver Internal Network Access without a VPN Brian Six Technical Account Manager Novell, Inc.

Using Novell iChain ® 2 to Deliver Internal Network Access without a VPN Brian Six Technical Account Manager Novell, Inc.
Novell iManager Introduction and Overview James Whitchurch Director—Software Engineering Novell, Inc. Karl Ford Engineering.

Novell iManager Introduction and Overview James Whitchurch Director—Software Engineering Novell, Inc. Karl Ford Engineering.
iChain ® 2.1: Introduction and Overview Lee Howarth Product Manager Novell, Inc.

iChain ® 2.1: Introduction and Overview Lee Howarth Product Manager Novell, Inc.
Upgrading Legacy Novell Directory Services ® to Novell eDirectory ™ 8.6 Rick Killpack WSS Engineer Novell, Inc. Connie.

Upgrading Legacy Novell Directory Services ® to Novell eDirectory ™ 8.6 Rick Killpack WSS Engineer Novell, Inc. Connie.
Beginning Programming with Novell GroupWise ® C3POs John Cox DSE Worldwide Developer Support Novell, Inc.

Beginning Programming with Novell GroupWise ® C3POs John Cox DSE Worldwide Developer Support Novell, Inc.
Overview of Microsoft ISA Server. Introducing ISA Server New Product—Proxy Server In 1996, Netscape had begun to sell a web proxy product, which optimized.

Overview of Microsoft ISA Server. Introducing ISA Server New Product—Proxy Server In 1996, Netscape had begun to sell a web proxy product, which optimized.
Introduction to NDS ® iMonitor Duane Buss Senior Software Engineer Novell, Inc. Tom Doman Senior Software Engineer Novell,

Introduction to NDS ® iMonitor Duane Buss Senior Software Engineer Novell, Inc. Tom Doman Senior Software Engineer Novell,
Using Novell GroupWise ® 6 Monitor Duane Kuehne Software Engineer Novell, Inc. Danita Zanre Senior Consultant NSC Sysop,

Using Novell GroupWise ® 6 Monitor Duane Kuehne Software Engineer Novell, Inc. Danita Zanre Senior Consultant NSC Sysop,

Similar presentations

Ads by Google