Novell Merges Security Wares

Novell Inc. next week will unveil a centralized authentication and authorization solution that, despite being the vendor's biggest security effort to date, likely will be hamstrung by ties to Novell's eDirectory.

The new solution is based on eDirectory and will include support for authentication technologies such as tokens, biometrics and smart cards, said sources familiar with the effort.

The products are designed to lessen the load on network administrators by reducing the number of accounts each user has and consolidating user names and passwords. Novell's plan also will manage user access to applications on a variety of platforms, including the Web, wireless networks and VPNs (virtual private networks).

But users say that today's security needs demand interoperability and open standards.

"It's the same story over and over: Everything is based on eDirectory," said an IT manager at a large Novell customer who requested anonymity. "As long as you're a 100 percent Novell shop, you're in good shape. But this is not the right way to go if you're not."

Novell's new solution is the Provo, Utah, company's first concerted effort to integrate its security products into a cohesive solution. Novell has had a large portfolio of point products, such as BorderManager, Single SignOn and NMAS (Novell Modular Authentication Service).

The good news for Novell is that while much of the technology sector is sluggish, authentication, authorization and administration constitutes one of the hottest niches of the security market. International Data Corp., of Framingham, Mass., predicted that the so-called 3A market will grow 28 percent annually and exceed $7 billion by 2004.

"Authentication is hot, and enterprises are looking at it holistically, and no one has a world-class solution," said Marc Boroditsky, CEO of Passlogix Inc., of New York, a Novell partner and developer of single-sign-on software. "But they're still trying to package what are effectively tools as a solution."

The bad news is there are many established security players, most of which offer platform-independent solutions. Vendors such as Passlogix and RSA Security Inc. have well-known products that integrate with eDirectory as well as with Microsoft Corp.'s Active Directory and other platforms.

In addition, Novell is still trying to replace its image as a network operating system provider with an application and solutions provider image, as well as recover its standing in the network operating system market.

"Their roots are a bit of the problem. There's a psychological undertow there that could hurt them," said analyst Pete Lindstrom of Hurwitz Group Inc., in Framingham, Mass. "Novell has been doing identity management [via NMAS] before it was sexy, but they didn't capitalize on it. If they can get away from all of the Novell-specific stuff, it would be pretty interesting."

Novell acknowledges these challenges but said its technology enables communications among different directories and network platforms. And the company is considering supporting other directories and platforms in some of its security solutions, officials said.

"There are definitely discussions about if and when we want to move these solutions to other directories," said Shawn Dickerson, a Novell spokesman. "No decisions have been made yet. It's all about what solves the customer's business problem."

Advanced authentication methods play a big part in the new Novell suite, and the company has already announced a partnership with AuthenTec Inc., a biometrics company whose EntrePad fingerprint scanner will integrate with NMAS. More partnerships are in the works. "Novell is prioritizing authentication more and more these days, and passwords just aren't enough," said Scott Moody, CEO of AuthenTec, inMelbourne, Fla.

Advanced authentication methods, such as biometrics and smart cards, have garnered a lot of attention lately, but large software vendors have been relatively slow in adding support for them.

Novell's decision to include support for them in its new solution could provide the boost device vendors have been seeking.

Copyright © 2004 Ziff Davis Media Inc. All Rights Reserved. Originally appearing in The Net Economy.