Novell Tries Its Hand at Security With iChain
Best known for its networking software and frequent strategy shifts, Novell Inc. is set to roll out this summer new products in an effort to reshape itself as a security company.
The Provo, Utah, vendor last week spelled out the details of its forthcoming iChain 2.0 access-control software, which will include a host of enhanced security features, such as optional token-based authentication.
In August, Novell will unveil a technology called Secure Web Federation, which will enable users to extend single-sign-on and other security features to the Web sites of suppliers, partners and customers.
Among key features that Novell officials said they hope will drive adoption of iChain 2.0 is its Extensible Markup Language-based form-fill capability. This feature captures log-in information during a users initial session, stores it in an encrypted database and then uses it to populate forms during later sessions.
This feature gives iChain 2.0, due in the next quarter, the ability to furnish single-sign-on services without plug-ins or custom development work. Most other vendors require one or both.
Secure Web Federation is essentially an extension of iChain that enables users to navigate seamlessly among a group of related Web sites without having to reauthenticate each time. Novell will roll it out in three phases between August and early next year.
Using protocols such as Secure Assertion Markup Language, the technology will allow one central iChain server to act as a proxy and send a users credentials to several other authorized sites. Some customers said they have been waiting for this technology.
"One of the biggest problems we have is not being able to go to multiple Web servers behind the firewall," said Edward Cheadle, director of technical services at Beneficial Life Insurance Co., an iChain user.
"We dont have a WAN for our agents, so weve set up a [business-to-business] portal that we want to hook our partners into," said Cheadle, in Salt Lake City. "This kind of security solves a lot of the problems for us."
Despite all the new features in iChain 2.0 and Secure Web Federation, some Novell customers and industry observers question the companys commitment to security. Some wonder whether the new software is simply another case of the company looking for a hot sector to ride for a while.
"This is a different technology than theyre used to," said one large East Coast Novell customer, who asked not to be named. "But security is hot right now."
Critics point to Novells efforts in the application service provider market as support for their concerns. The company tried to gain a foothold in that sector during the recent rush toward hosted services but has been largely unsuccessful.
However, Novell officials said this isnt so much a shift in strategy as a renewed emphasis on something that has always been one of the companys strengthsif an unheralded one.
"We want to move away from our PKI [public-key infrastructure]-based products and pull all of our other things like BorderManager and [Modular Authentication Service] into this," said Bob ODell, director of product management and head of the security section at Novell.