PSNUG Novell Security Details

Where to start on a Security Policy? Security isn't an add-on, but a basic design goal of Netware.

The concepts, issues you should understand Security for the 21st Century and Protecting Against Known Security Threats updated DEC 1998

What are the common hacks or cracks into Netware? Things to try before someone else does.

New security tools that come with Netware 5.x

Security has always been one of the main design goals of Netware. So the below is simply chronological which shows the strong foundations Novell security products are built on. You should look for sound engineering/design principals that allow you to build and maintain an appropriate security policy for your organization. Netware has sound security mechanisms, your challenge is to apply the appropriate security mechanisms to meet your security policy.

C2 Security - closing of the 20th Century Netware meets high standards of the time and this was just the beginning for the next steps in security of Novell systems.

C2 evaluation "NetWare Workstation Security Architecture" AppNotes Mar 1995, p. 53

equivalences Developers use of User-Security Equivalences Developer Notes Feb 1996, p. 13
Red Book vs. Orange Book evaluation "NetNotes" Jun 1996, p. 74
Novell's Red Book C2 evaluation vs Microsoft evaluation Jul 1996, p. 94
enabling with SECURE.NCF file for Netware 4.11 Sep 1996, p. 75
understanding Security equivalence Sep 1996, p. 78

Novell's class C2-level evaluation 'For a Network' AppNotes July 1997, p. 69

Novell granted Class C2 rating "Novell Netware 4.11, YES Tested Products Granted Class C2 Rating by National Computer Security Center" Developer Notes Dec 1997, p. 53
Some of the current Netware 5 security features

PKI Public Key Infrastructure

SAS Secure Authentication Services

Starting in 1993 Novell starts using NDS based on x.500 Directory Standard to ease management and increase security.

Introduction to NetWare Directory Services AppNotes Apr 1993, p. 26
Designing NetWare 4 Security Resources and Data - directory and file attributes; dividing NDS tree administration; effective rights AppNotes Nov 1993, p. 31

Novell moves toward open standards and industry Best Practices

Building and Auditing a Trusted Network Environment with NetWare; government classifications, models for evaluating, NetWare-specific threats and countermeasures AppNotes Apr 1994
open architecture "Introduction to Novell's Open Security Architecture, An" AppNotes Aug 1994, p. 1
Understanding Identification and Authentication in NetWare THE DETAILS ! AppNotes Oct 1994, p. 27

Novell has LAN security nailed down and next we prepare for the Internet as the only WAN.

architecture for a NetWare Secure workstation "NetWare Workstation Security Architecture" AppNotes Mar 1995, p. 51
role of, services in smart global network "Global Network Services: Novell's Strategy for Enabling a Smart Global Network" AppNotes Dec 1995, p. 13

Novell exposes the harsh security risks of the rapidly coming Internet and offers solutions.

on NetWare Web Server "Exploring the NetWare Web Server (Part 1)" AppNotes Feb 1996, p. 17
AuditWare for NDS Auditing NDS Objects AppNotes Apr 1996, p. 72
where to obtain "real" security "NetNotes" Apr 1996, p. 91
shaping infrastructure for future "Shaping the Infrastructure for Information Security in the 21st Century" AppNotes Jul 1996, p. 79
Creating a security policy Determining Your Risk Index AppNotes Aug 1996, p. 43
understanding Security equivalence Sep 1996, p. 78
accountability issues "NetNotes" Oct 1996, p. 87
Enhanced services in NetWare 4.11 "What's Included" AppNotes Oct 1996, p. 14
when connecting Novell network to the Internet "Connecting to the Internet from a Novell Network" AppNotes Dec 1996, p. 49

Businesses starting moving onto the Internet - start of the gold rush - Novell keeps eye on security

electronic-commerce security solutions "From Paper to Electrons: Initiating Safer Electronic Commerce" AppNotes Jun 1997, p. 67
NDS Security "Learning and Applying the Rules of NDS Security" AppNotes Aug 1997, p. 32
electronic-commerce, issues of "Electronic Commerce: The Quest for a Global, Secure Infrastructure" AppNotes Oct 1997, p. 61
issues for international commerce "Security Issues for International Commerce" AppNotes Nov/Dec 1997, p. 159

Novell used RSA for years and now adds PKI management and free CA - Certificates of Authority. While US Government continues crypto mania Novell tries to help with cryptography management.

International Authentication Framework "NetNotes" Feb 1998, p. 71
protecting trusted workstation "NetNotes" Mar 1998, p. 75
enforceable accountability services "NetNotes" Apr 1998, p. 83
public key infrastructure Q&A "NetNotes" May 1998, p. 77
promoting global software registry "NetNotes" Jun 1998, p. 86
Security Components in NetWare 5 Developer Notes Sep 1998, p. 44
need for civil cryptography board "NetNotes" Oct 1998, p. 83
Workstations "NetNotes" Oct 1998, p. 78
voluntary key management "NetNotes" Nov 1998, p. 78
NICI "Novell's International Cryptographic Infrastructure Developer Notes Dec 1998, p. 36

Y2K, Single Sign-on and Novell continues PKI developments for key management

Novell's SecretStore Single Sign-on "SecretStore Single Sign-on" Developer Notes Nov 1999, p. 58
using SSL "Novell SSL for Java" Developer Notes Nov 1999, p. 43
Novell Certificate Server "Taking Advantage of NetWare's Public Key Infrastructure with Novell Certificate Server 2.0" AppNotes Jan 2000, p. 49
Closing the Doors to Hackers NetWare Security AppNotes Jun 2000, p. 36
strong passwords in an NDS environment "Implementing Strong Passwords in an NDS Environment" AppNotes Aug 2000, p. 27
packet filters used by BorderManager "Protecting Your Network from Hackers with Advanced BorderManager Packet Filtering" AppNotes Sep 2000, p. 23

BorderManager -as the name implies- does just that; manages both security and increases performance. Product Page | Documentation

controlling access to open systems with Novell BorderManager" AppNotes Jun 1997, p. 3
product summary Novell BorderManager Developer Notes Jul 1997, p. 9
security issues "BorderManager: Managing Virtual 'Borders' Between Corporate Networks and the Internet" Developer Notes Jul 1997, p. 21
Fast Cache "Quick Guide to Web Server Acceleration" AppNotes Oct 1997, p. 5
PERFORMANCE REPORT: "Improving Sun Web Server Performance and Scalability with BorderManager Web Server Acceleration" AppNotes Jan 1998, p. 73
PERFORMANCE REPORT: "Improving Novell BorderManager Scalability with Intelligent Server Adapters" AppNotes Jan 1998, p. 69
proxy server used in Utah public schools "BorderManager FastCache: Single Proxy Server Supports 67,000" AppNotes Feb 1998, p. 65
improving quality of service for international access to www.novell.com "BorderManager" AppNotes Aug 1998, p. 73
FastCache "BorderManager FastCache: The Power of Novell Web Server Acceleration" AppNotes Nov 1998, p. 65
FastCache "BorderManager FastCache: Novell Demos 10,000 Hits-per-Second Web Server Acceleration" AppNotes Nov 1998, p. 69
proxy cache clustering "BorderManager Proxy Cache Clustering: A Low-Cost Solution for High-Availability ISP Services" AppNotes Nov 1998, p. 67
Enterprise Edition 3.0 "Introduction to BorderManager Enterprise Edition 3.0, An" AppNotes Feb 1999, p. 3

proxy caching services, typical deployment scenarios, Virtual Private Network Services

authentication services 3 BorderManager 3 Developer Notes May 1999, p. 34
understanding licensing within BorderManager AppNotes Dec 1999, p. 26
configuring authentication services for Use with ActivCard Tokens AppNotes May 2000, p. 44
troubleshooting licensing issues BorderManager Licensing AppNotes Aug 2000, p. 41
BorderManager packet filtering, packet forwarding filters, port scans "Protecting Your Network from Hackers with Advanced BorderManager Packet Filtering" AppNotes Sep 2000, p. 23
Novell Licensing Services "How to Optimize Novell Licensing Services" AppNotes Jan 2001, p. 26

Single Sign-on product home page

Explains the rationale behind Novell's SecretStore and Single Sign-on. Discusses SecretStore architecture with sample code. "SecretStore Single Sign-on" Developer Notes Nov 1999, p. 58
"SecretStore Novell Single Sign-on Version 1.1" Developer Notes Apr 2000, p. 23

"Security Issues for International Commerce"AppNotes Nov/Dec 1997, p. 159

iChain

iChain Data Flow

Novell Security Product home pages

One last place to check - these articles may be easier for management to understand or you may also find some are broader in scope (includes more 3 party product info?) I have found these articles worth the reading time. Go search on the word - SECURITY at ncmag suggestions & corrections send us your suggestions, corrections and comments