[SecurityRatty] tag: novell

Novell enters NAC market via partnership

Mon, 22 Sep 2008 20:00:00 +0000

Novell is getting into network access control via an OEM agreement with StillSecure that initially provides a stand-alone product but also includes plans to ensure that software works well with Novell’s ZENworks configuration management.

Achieve PCI Compliance with Novell Sentinel"

Thu, 18 Sep 2008 09:00:00 +0000

(Source: Novell) Security trends and hacking techniques are continually changing, and the Payment Card Industry Data Security Standard (PCI-DSS) continues to evolve. To stay ahead of these trends and prove compliance, your organization needs a powerful solution for collecting and monitoring user activity.

Interop NY Keynotes: Novell

Wed, 17 Sep 2008 10:40:03 +0000

Novell President and Chief Executive Officer Rob Hovsepian learned what interoperability meant when he had a large retailer client who wanted all his businesses to connect and close-out at the same time.

Making IT work as One

How does my company stay efficient while we’re using technologies around interoperability? How can innovation help my business?

Top business needs:

Reduce cost
Manage complexity
Mitigate risk

Mixed IT environments are a reality for almost all organizations. Different environments, architectural strategies, desktop profiles, etc. There are benefits to having mixed source environments, although homogenous environments are ideal. On average 46,000 hours in an organization are spent on Sarbanes-Oxley standards.

Some considerations to make IT work as one:

Strategy
Solutions
Ecosystem

Strategy

Actionable strategy is key. The emergence of three silos (applications, systems and infrastructure, and operations) are now moved into one. There is a lot of pressure to make these pieces come together.

Solutions

You need focused solutions to solve problems today while keeping an eye to the future. There are three main needs: the data center, end-user computing, and identity and security. This is also what is the most important to the market right now. The end goal is the agility of the data center.

Data Center Challenges

Create an agile IT infrastructure
Address power and space constraints
Deliver performance, security and availability
Manage hardware, software and labor costs
Meet service level agreements

Data Center Solutions

Workload management - green IT and server efficiency, unified physical and virtual environment
Virtualization and Consolidation - business continuity and disaster recovery
Enterprise Servers

End-User Computing Solutions

Collaboration
Enterprise desktops - Novell uses Linux and Open Office, interesting to note
Endpoint management

Identity and Security Challenges

Minimize risk, uncertainty and policy violations
Provide timely and secure access to information
Ensure, document and prove information security
Reduce the cost of proving compliance
Reduce the cost and complexity of governance

Identity and Security Solutions

Identity and Access Management - user provisioning, role management, access management
Compliance Management - Audit, Governance, Risk Management and Compliance (GRC), IT controls automation, Security, Information and Event Management (SIEM)

Ecosystem

The ecosystem is powerful. Companies should challenge partners for innovation and interoperability.

Community Innovation - open source and open standards

IT Landscape - Mixed IT Environments

Consulting, systems integration vendors
Application vendors
Systems software vendors (Novell)
Hardware, network vendors

How does your ecosystem help your company? How do your partners help? What is their role in the industry to help you? How are all the vendors in the industry helping you?

Security challenges cloud virtualization payoff

Tue, 16 Sep 2008 20:00:00 +0000

Virtualization and cloud computing will help companies accomplish more by breaking the physical bonds of an IT infrastructure and its users, executives from Cisco and Novell proclaimed this week during their keynote addresses at Interop New York.

Enough with all the passwords!

Mon, 15 Sep 2008 09:00:00 +0000

(Source: Novell) Typical companies have 70 or more applications requiring a password or similar credentials to get to them. Misplaced or forgotten passwords result in expensive, frequent calls to the help desk. Now there are single sign-on solutions to this costly dilemma and they could be the end to this down-side of application creep.

Identity and Security Management and Strong Information Technology Governance: Novell's Soultion Suite Automates the Approach to the Perfect Union

Thu, 11 Sep 2008 09:00:00 +0000

(Source: Novell) This IDC White Paper examines Novell's identity and security management (ISM) solutions and how these integrated offerings can play a key role in enforcing security compliance for enterprise organizations.

Balancing Security Against Productivity

Thu, 11 Sep 2008 09:00:00 +0000

(Source: Novell) What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About detecting attacks or preventing them? Security is a balancing act of all three of these and requires a holistic, integrated approach. All three disciplines must interact automatically and seamlessly to ensure an effective level of service that enables good business.

Novell unites identity management, security-event management

Mon, 01 Sep 2008 20:00:00 +0000

Novell Tuesday is launching its Compliance Management Platform, a combination of existing identity management and security-event management products with additional reporting and analysis tools.

Novell's iPrint open to attack, say researchers

Sun, 24 Aug 2008 20:00:00 +0000

Attackers can exploit bugs in Novell's iPrint application to obtain corporate information or hijack computers, security experts said today.

Will Passwords Become Obsolete?

Fri, 15 Aug 2008 09:46:48 +0000

I can’t keep track of how many different passwords I have, although I know it’s not nearly enough — I tend to be lazy like most people and re-use the same passwords for many different accounts.
But here’s a new idea — what if passwords for online accounts were replaced entirely by cryptographic keys that sat on our desktops like icons, and functioned in the background, so we wouldn’t need to remember a string of letters or numbers?

An interesting blog post this morning discusses the obstacles and implications of this kind of technology, in part quoting a recent New York Times article —

In short, we need a log-on system that relies on cryptography, not mnemonics. As users, we would replace passwords with so-called information cards, icons on our screen that we select with a click to log on to a Web site. The click starts a handshake between machines that relies on hard-to-crack cryptographic code.

An obstacle to this kind of system are the current initiatives toward Open ID and single-sign on services, strategies that are backed by large industry players such as the Equifax, Google, Novell, Microsoft, Oracle, etc. In the open ID system, you would log in to a session on the web with one password, which would be accepted by any application/account supporting the open ID infrastructure.

To me Open ID sounds like a step backwards, toward less security…
then again, I would think that encrypting everything could also make your system run significantly slower, and that it wouldn’t prevent all the risks either…