Novell Inc. next week will unveil a centralized authentication and authorization solution that, despite being the vendors biggest security effort to date, likely will be hamstrung by ties to Novells eDirectory.
The new solution is based on eDirectory and will include support for authentication technologies such as tokens, biometrics and smart cards, said sources familiar with the effort.
The products are designed to lessen the load on network administrators by reducing the number of accounts each user has and consolidating user names and passwords. Novells plan also will manage user access to applications on a variety of platforms, including the Web, wireless networks and VPNs (virtual private networks).
But users say that todays security needs demand interoperability and open standards.
"Its the same story over and over: Everything is based on eDirectory," said an IT manager at a large Novell customer who requested anonymity. "As long as youre a 100 percent Novell shop, youre in good shape. But this is not the right way to go if youre not."
Novells new solution is the Provo, Utah, companys first concerted effort to integrate its security products into a cohesive solution. Novell has had a large portfolio of point products, such as BorderManager, Single SignOn and NMAS (Novell Modular Authentication Service).
The good news for Novell is that while much of the technology sector is sluggish, authentication, authorization and administration constitutes one of the hottest niches of the security market. International Data Corp., of Framingham, Mass., predicted that the so-called 3A market will grow 28 percent annually and exceed $7 billion by 2004.
"Authentication is hot, and enterprises are looking at it holistically, and no one has a world-class solution," said Marc Boroditsky, CEO of Passlogix Inc., of New York, a Novell partner and developer of single-sign-on software. "But theyre still trying to package what are effectively tools as a solution."
The bad news is there are many established security players, most of which offer platform-independent solutions. Vendors such as Passlogix and RSA Security Inc. have well-known products that integrate with eDirectory as well as with Microsoft Corp.s Active Directory and other platforms.
In addition, Novell is still trying to replace its image as a network operating system provider with an application and solutions provider image, as well as recover its standing in the network operating system market.
"Their roots are a bit of the problem. Theres a psychological undertow there that could hurt them," said analyst Pete Lindstrom of Hurwitz Group Inc., in Framingham, Mass. "Novell has been doing identity management [via NMAS] before it was sexy, but they didnt capitalize on it. If they can get away from all of the Novell-specific stuff, it would be pretty interesting."
Novell acknowledges these challenges but said its technology enables communications among different directories and network platforms. And the company is considering supporting other directories and platforms in some of its security solutions, officials said.
"There are definitely discussions about if and when we want to move these solutions to other directories," said Shawn Dickerson, a Novell spokesman. "No decisions have been made yet. Its all about what solves the customers business problem."
Advanced authentication methods play a big part in the new Novell suite, and the company has already announced a partnership with AuthenTec Inc., a biometrics company whose EntrePad fingerprint scanner will integrate with NMAS. More partnerships are in the works. "Novell is prioritizing authentication more and more these days, and passwords just arent enough," said Scott Moody, CEO of AuthenTec, inMelbourne, Fla.
Advanced authentication methods, such as biometrics and smart cards, have garnered a lot of attention lately, but large software vendors have been relatively slow in adding support for them.
Novells decision to include support for them in its new solution could provide the boost device vendors have been seeking.